We Value Your Privacy

    We use cookies to enhance your experience, provide essential functionality, and analyze site usage. You can customize your preferences or accept all cookies. Learn more

    Privacy Policy

    Last Updated: November 24, 2025

    This Privacy Policy is GDPR and CCPA compliant

    1. Introduction

    SimpleMarkets ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at simplemarkets.io (the "Service").

    This policy applies to all users worldwide and complies with the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

    2. Information We Collect

    2.1 Information You Provide Directly

    When you register for an account or use our Service, we collect:

    • Account Information: Email address, username, password (encrypted)
    • Profile Information: Display name, preferences, settings
    • Payment Information: Processed securely by Swedbank (we do not store credit card details)
    • Communication Data: When you contact support or communicate with us

    2.2 Information Collected Automatically

    When you use the Service, we automatically collect:

    • Usage Data: Pages visited, features used, time spent, interactions
    • Device Information: Browser type, operating system, device identifiers
    • Log Data: IP address, access times, referring URLs, error logs
    • Cookies and Tracking: See our Cookie Policy section below

    2.3 Information You Choose to Provide

    • Trading Journal Entries: Notes, trade details, reflections you enter
    • Wallet Addresses: Cryptocurrency wallet addresses you choose to track
    • Portfolio Data: Asset allocations and investment data you input
    • Preferences: Notification settings, display preferences

    2.4 Information from Third-Party Sources

    We may receive data from:

    • Payment Processor: Transaction data from Swedbank payment gateway
    • Blockchain Data: Public blockchain information from Etherscan and other explorers
    • Market Data: Cryptocurrency prices and market data from APIs (CoinGecko, Binance, etc.)

    3. How We Use Your Information

    We use your personal data for the following purposes:

    3.1 To Provide and Maintain the Service

    • Create and manage your account
    • Process subscriptions and payments
    • Provide access to premium features
    • Store your trading journal and portfolio data
    • Display personalized content and analysis

    3.2 To Improve and Optimize the Service

    • Analyze usage patterns and trends
    • Identify and fix bugs and errors
    • Develop new features and improvements
    • Conduct research and analytics

    3.3 To Communicate with You

    • Send important service updates and notifications
    • Respond to your support requests
    • Send security alerts and account notifications
    • Provide Discord community access (if subscribed)
    • Send marketing communications (with your consent - you can opt out)

    3.4 For Security and Legal Compliance

    • Detect and prevent fraud and abuse
    • Monitor for security threats
    • Comply with legal obligations
    • Enforce our Terms of Service

    3.5 Legal Basis for Processing (GDPR)

    We process your data based on:

    • Contract: To provide the Service you've subscribed to
    • Consent: When you've given explicit permission (e.g., marketing emails)
    • Legitimate Interest: To improve our Service, prevent fraud, ensure security
    • Legal Obligation: To comply with laws and regulations

    4. How We Share Your Information

    We do not sell your personal data. We share your information only in the following circumstances:

    4.1 Service Providers

    We share data with trusted third-party service providers who help us operate the Service:

    Swedbank (Payment Processing)

    Purpose: Process subscriptions and payments securely

    Data Shared: Name, email, payment information

    Privacy Policy: swedbank.ee/privacy

    InstantDB (Database & Authentication)

    Purpose: Store user data, authentication

    Data Shared: Account info, user-generated content

    Privacy Policy: instantdb.com/privacy

    OpenAI (AI Analysis - Optional)

    Purpose: Generate AI-powered trading insights

    Data Shared: Economic event data, journal entries (only if you use AI features)

    Privacy Policy: openai.com/privacy

    Mailchimp (Email Marketing - Optional)

    Purpose: Send newsletters (only if you subscribe)

    Data Shared: Email address, name

    Privacy Policy: intuit.com/privacy/statement

    4.2 Legal Requirements

    We may disclose your information if required to:

    • Comply with legal obligations or court orders
    • Protect our rights, property, or safety
    • Investigate fraud or security issues
    • Respond to government requests

    4.3 Business Transfers

    If SimpleMarkets is involved in a merger, acquisition, or sale of assets, your personal data may be transferred. We will notify you before your data is transferred and becomes subject to a different privacy policy.

    4.4 With Your Consent

    We may share your information for other purposes with your explicit consent.

    5. Your Privacy Rights

    5.1 Rights for All Users

    You have the right to:

    • Access: Request a copy of your personal data
    • Correction: Update or correct inaccurate data
    • Deletion: Request deletion of your personal data
    • Opt-Out: Unsubscribe from marketing emails
    • Data Portability: Receive your data in a portable format

    5.2 GDPR Rights (EU/EEA Users)

    Under GDPR, you additionally have the right to:

    • Right to Erasure: Request complete deletion of your data (GDPR Art. 17)
    • Right to Restriction: Request restricted processing of your data (GDPR Art. 18)
    • Right to Object: Object to processing based on legitimate interest (GDPR Art. 21)
    • Right to Data Portability: Receive your data in machine-readable format (GDPR Art. 20)
    • Right to Withdraw Consent: Withdraw consent at any time (GDPR Art. 7)
    • Right to Lodge a Complaint: File a complaint with your data protection authority

    5.3 CCPA Rights (California Residents)

    Under CCPA, California residents have the right to:

    • Know: Request information about data collected and how it's used
    • Delete: Request deletion of personal information
    • Opt-Out: Opt out of the "sale" of personal information (Note: We do not sell data)
    • Non-Discrimination: Not be discriminated against for exercising your rights

    5.4 How to Exercise Your Rights

    To exercise any of these rights, contact us at:

    Email: info@simplemarkets.io

    Subject Line: "Privacy Rights Request"

    We will respond within 30 days (GDPR) or 45 days (CCPA).

    6. Data Retention

    We retain your personal data only as long as necessary for the purposes described in this policy:

    • Account Data: Retained while your account is active
    • Subscription Data: Retained for 7 years for accounting/tax purposes
    • Usage Logs: Retained for 90 days for security and analytics
    • Support Communications: Retained for 3 years

    When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required by law to retain it longer.

    7. Data Security

    We implement appropriate technical and organizational measures to protect your personal data:

    • Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
    • Access Controls: Limited access to personal data on a need-to-know basis
    • Authentication: Secure password hashing (bcrypt) and session management
    • Monitoring: Security monitoring and logging for threat detection
    • Rate Limiting: Protection against brute-force attacks
    • Regular Updates: Security patches and updates applied regularly

    However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

    8. Cookies and Tracking Technologies

    8.1 What Are Cookies?

    Cookies are small text files stored on your device when you visit our website. We use cookies and similar tracking technologies to improve your experience.

    8.2 Types of Cookies We Use

    Strictly Necessary Cookies

    Purpose: Authentication, security, basic functionality

    Can be disabled: No - Required for the Service to work

    Examples: Session tokens, CSRF protection, authentication state

    Functional Cookies

    Purpose: Remember your preferences and settings

    Can be disabled: Yes

    Examples: Theme preference (dark/light mode), language settings

    Analytics Cookies (If Implemented)

    Purpose: Understand how you use the Service

    Can be disabled: Yes

    Examples: Page views, feature usage, session duration

    8.3 Local Storage

    We use browser local storage to cache data for better performance:

    • React Query cache for API responses
    • User preferences and settings
    • Temporary form data

    8.4 Cookie Consent and Control

    You can manage cookies through our cookie consent banner or your browser settings:

    • Click "Cookie Preferences" in the footer to manage your consent
    • Use your browser settings to block or delete cookies
    • Note: Blocking necessary cookies may affect Service functionality

    8.5 Global Privacy Control (GPC)

    We honor Global Privacy Control (GPC) signals. If your browser sends a GPC signal, we will treat it as a request to opt out of cookie tracking where applicable (required under CCPA/CPRA).

    9. International Data Transfers

    Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

    • Service providers comply with GDPR and privacy shield frameworks
    • We use Standard Contractual Clauses (SCCs) for EU data transfers
    • Data is encrypted in transit and at rest

    10. Children's Privacy

    SimpleMarkets is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately and we will delete it.

    11. Do Not Sell My Personal Information (CCPA)

    We do not sell your personal information to third parties.

    California residents have the right to opt out of the "sale" of personal information. Since we don't sell your data, there is nothing to opt out of. However, you can still exercise your CCPA rights as described in Section 5.3.

    12. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time. We will notify you of material changes by:

    • Posting the updated policy on this page
    • Updating the "Last Updated" date
    • Sending an email notification (for significant changes)

    Your continued use of the Service after changes constitutes acceptance of the updated policy.

    13. Contact Us

    If you have questions, concerns, or requests regarding this Privacy Policy or your personal data:

    Email: info@simplemarkets.io

    Subject: "Privacy Policy Inquiry" or "Privacy Rights Request"

    Response Time: Within 30 days (GDPR) or 45 days (CCPA)

    EU Representative (GDPR)

    [If you have an EU presence or representative, include their contact information here]

    Data Protection Officer

    [If required by GDPR, include DPO contact information here]

    Summary of Key Points

    We collect account info, usage data, and information you provide

    We use data to provide and improve the Service

    We share data only with service providers (InstantDB, Swedbank, OpenAI, Mailchimp)

    We do NOT sell your personal data

    You have rights to access, delete, and control your data

    We use cookies for functionality and security

    Contact info@simplemarkets.io for privacy requests