Translation provided for convenience only. In case of any discrepancy, only the French version is legally binding.
1. Data controller
The controller of the personal data collected via strateforge.app is StrateForge, a sole trader established in Switzerland. For any question relating to the protection of your data, contact us at: contact@strateforge.app. The publisher's full identity and a contact address can be obtained upon simple request at the address above.
2. Data we collect
We collect the following categories of data:
- Identification data: email address, unique account identifier
- Strategy data: the trading strategies you create, their parameters and configurations
- Trading data: backtesting results, forward testing signals, bot configurations
- Payment data: handled by Stripe; we do not store your bank card numbers
- Technical data: IP address, browser type, access logs (for security purposes)
- Exchange API keys: encrypted and stored securely for automated trading
3. Legal basis for processing
The processing of your data is based on the following legal bases (Article 6 of the GDPR):
- Performance of the contract: processing necessary to provide the service (account, strategies, backtesting)
- Consent: for non-essential cookies and marketing communications
- Legitimate interest: platform security, fraud prevention, service improvement
- Legal obligation: retention of data required by applicable regulations
4. Retention period
- Account data: kept for the entire duration of your registration, then deleted within 30 days after account deletion
- Strategy and backtesting data: kept as long as the account is active
- Technical logs: kept for up to 12 months
- Billing data: kept for the legally required period (10 years, in accordance with Swiss law — art. 958f CO)
5. User rights
In accordance with the GDPR, you have the following rights:
- Right of access: obtain a copy of your personal data
- Right to rectification: correct your inaccurate or incomplete data
- Right to erasure: request the deletion of your data (“right to be forgotten”)
- Right to portability: receive your data in a structured, machine-readable format
- Right to object: object to the processing of your data on legitimate grounds
- Right to restriction: request the restriction of processing in certain cases
To exercise these rights, contact us at contact@strateforge.app. You can also export or delete your data directly from your account settings. You also have the right to lodge a complaint with the competent data protection authority: in Switzerland, the Federal Data Protection and Information Commissioner (FDPIC); for EU residents, the competent national authority (e.g. the CNIL in France).
6. Cookies and trackers
StrateForge uses the following cookies:
- Essential cookies: authentication, user session, language and theme preferences (localStorage). These cookies are necessary for the service to function.
- Analytics cookies: only with your consent, to improve the user experience.
You can manage your cookie preferences via the consent banner shown on your first visit, or from your browser settings. For full details, see our Cookie Policy.
7. Hosting and processors
Your account and trading data are hosted in the European Union (Sweden). We use the following processors, each governed by a data processing agreement (DPA):
- Supabase Inc. : database & authentication (EU — AWS Europe region (Stockholm, Sweden))
- Vercel Inc. : application hosting (cdn / edge) (United States — global network)
- Stripe, Inc. : payment processing (United States — certified under the EU-US Data Privacy Framework)
- Resend (Plus Five Five, Inc.) : transactional email delivery (EU — Europe sending region (Ireland))
- PostHog Inc. : audience measurement (with consent) (EU — Europe hosting (eu.posthog.com))
When a processor handles data outside the European Union (e.g. Vercel, Stripe in the United States), these transfers are governed by standard contractual clauses (SCCs) approved by the European Commission and/or by the EU-US Data Privacy Framework, in accordance with Articles 46 and 47 of the GDPR.
8. Data security
We implement appropriate technical and organizational measures to protect your personal data: encryption in transit (TLS) and at rest, strict access control, encrypted exchange API keys, and continuous security monitoring.
9. Changes to this policy
This policy may be updated. In the event of a substantial change, we will inform you by email or via a notification on the platform. The date of the last update appears at the top of this page.
10. Contact
For any question relating to this privacy policy or to exercise your rights, contact us: contact@strateforge.app