Last updated: March 21, 2026
Pnlytics ("Company," "we," "us") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our trading analytics platform ("Service"). By using the Service, you consent to the practices described in this policy.
When you create an account, we collect your email address and display name. We do not store passwords directly; authentication is handled by a secure third-party identity provider.
We receive and store trade alert data that you send via webhooks or upload via CSV. This includes: instrument/ticker symbols, trade actions (buy/sell), prices, timestamps, and strategy names. This data is provided by you and is not sourced from any third party.
Payment processing is handled entirely by Stripe. We do not store credit card numbers, bank account details, or other payment credentials on our servers. We receive only a Stripe customer ID and subscription status.
We collect basic usage data including IP addresses (for rate limiting and security), browser type, and pages visited. This data is used solely for security and service improvement.
We use a single session cookie ("pnl_session") to maintain your authenticated session. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
We use your information solely to:
We do NOT use your data for: advertising, marketing to third parties, training machine learning models, or any purpose unrelated to providing the Service.
Your data is encrypted in transit and at rest. Each user's data is logically isolated so that no user can access another user's information. We implement industry-standard security measures, however no method of electronic storage is 100% secure.
We do NOT sell, rent, or share your personal information or trading data with third parties. We use trusted third-party service providers solely for database hosting, payment processing, and network security. These providers act as data processors under contractual obligations and do not have independent access to your data. We may disclose information if required by law, court order, or government request.
Your trading data is never aggregated or shared across users. Each user's data is strictly isolated.
We retain your data for as long as your account is active. Retention limits by plan:
Upon account deletion, all your data (alerts, processed trades, profile) is permanently deleted within 30 days.
You have the right to:
If you are a California resident, you have the right to: (a) know what personal information we collect and how it is used; (b) request deletion of your personal information; (c) opt out of the sale of personal information (we do not sell personal information); (d) non-discrimination for exercising your rights. To exercise these rights, contact us at [email protected].
If you are in the European Economic Area (EEA), your data is processed under the lawful basis of contract performance (providing the Service you signed up for). You have additional rights including: data portability, restriction of processing, and the right to lodge a complaint with your local data protection authority. Our data sub-processors (Supabase, Stripe, Cloudflare) maintain GDPR-compliant data processing agreements.
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly.
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top reflects the most recent revision.
For privacy-related questions or to exercise your data rights, contact us at [email protected].