This policy explains how we process personal data when you use DayTradeCoin Radar. We adhere to Norwegian privacy law and the EU General Data Protection Regulation (GDPR). If you have questions, contact support@daytradecoin.com.
1. Data We Collect
We collect and process the following categories of data:
Account data supplied during sign-up (email plus optional profile details you choose to share).
Authentication tokens and essential cookies managed by Supabase.
Usage information such as favourites, alerts, paper-trade entries, and interface preferences.
Waitlist submissions (email address and optional note) when you request updates.
Diagnostics and logs required for security and operations, including IP address and timestamps.
Email address and optional note submitted when requesting notification about new features.
Consent and legitimate interest to manage the waitlist (Art. 6(1)(a) & 6(1)(f) GDPR)
Usage data
Log timestamps, selected markets or favourites, alert configurations, paper-trade entries, and in-app settings.
Legitimate interest to operate, secure, and improve the service (Art. 6(1)(f) GDPR)
Communications
Support requests and feedback you send to us by email or forms.
Legitimate interest to provide support (Art. 6(1)(f) GDPR)
3. Cookies & Analytics
We use essential cookies for authentication. Non-essential analytics or marketing cookies (if deployed) are disabled until you provide consent. You can withdraw consent at any time or adjust preferences in your browser.
4. Sub-processors
We rely on reputable service providers to deliver the platform. Each operates under a Data Processing Agreement.
Supabase — Authentication, database, hosting. Region: EU (primary), USA (failover).
Vercel Inc. — Web hosting and deployment. Region: EU/EEA with global CDN.
Transactional email provider — Password resets and service messages. Region: EEA or countries with appropriate safeguards.
5. Data Retention
We retain account data for as long as you maintain an active user account and up to 12 months after deactivation to handle support inquiries and security investigations. Paper-trade logs and alerts can be deleted by you at any time from the interface. Anonymised or aggregated usage statistics may be stored for longer.
When you delete your account we remove personal records immediately. To prove that we processed the request we store a minimal, hashed audit log (no readable personal data). If the PRO tier requires that we keep financial evidence, the record is anonymised so it can no longer be tied back to you.
6. Your Rights
Under GDPR you have the right to:
Request access to your personal data.
Correct inaccurate information.
Request deletion (“right to be forgotten”) when legally permissible.
Object to or restrict processing in specific circumstances.
Data portability for information you have provided to us.
Lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet).
You can start an export or deletion directly from your profile page (under “Data control” and “Danger zone”). We fulfil automated requests immediately and notify you via the interface. For any other enquiry contact us at support@daytradecoin.com. We may require proof of identity before fulfilling your request.
7. International Transfers
Some processors may store data outside the EEA. When this occurs, we rely on adequacy decisions or Standard Contractual Clauses to ensure equivalent protection.
8. Security Measures
We implement industry-standard technical and organisational measures including encryption in transit and at rest, access controls, periodic security reviews, and incident response procedures. No system is completely secure, so notify us immediately of any suspected breach.
9. Changes to this Policy
We may update this policy to reflect service changes or legal requirements. Updates are posted here with a revised “Last updated” date. Significant changes will be communicated via email or in-app notification.
