Privacy Policy

Last updated: September 2025

1. Information We Collect

We collect information you provide directly to us, such as:

  • Account Information: Email address, password (bcrypt hashed), subscription plan, trial status, verification status
  • Trading Data: Trade records, account names, symbols, prices, dates, notes, CSV/Excel import data with complete user isolation
  • Usage Data: Dashboard interactions, feature usage, session management, API endpoint usage
  • Technical Data: IP address, browser type, device information, application logs, error tracking
  • Communication Data: Email verification tokens, support tickets, feedback submissions, satisfaction surveys

2. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our trading journal service with secure user authentication
  • Process your trading data with AI-powered analytics and generate performance insights
  • Generate tax reports and compliance documentation
  • Send verification emails, renewal reminders, and important account notifications
  • Improve our service based on usage patterns and user feedback
  • Ensure data security, prevent unauthorized access, and maintain GDPR compliance
  • Process payments securely through PayPal and manage subscription lifecycles

3. Data Security

We implement industry-standard security measures to protect your data:

  • Passwords are secured using bcrypt hashing with salt for maximum protection
  • Trading data is encrypted in transit via HTTPS and stored securely with user data isolation
  • Email verification required for all new account registrations
  • Secure SQLite database with complete user data separation and integrity constraints
  • Regular security audits, vulnerability assessments, and immediate patching
  • PayPal webhook signature verification for secure payment processing
  • Session management with secure cookie handling

4. Data Sharing

We do not sell, trade, or share your personal trading data with third parties, except:

  • With your explicit consent
  • To comply with legal obligations
  • To protect our rights or prevent fraud
  • With service providers who assist in operations (under strict confidentiality agreements)

5. Third-Party Services

Our service integrates with:

  • PayPal: For payment processing (governed by PayPal's privacy policy)
  • Market Data Providers: For real-time stock prices and financial data
  • Email Services: For transactional emails and support communications
  • OpenAI Services: For AI-powered CSV trade data parsing and analysis (trading data sent for processing only)

These services have their own privacy policies which govern their use of your information.

6. Data Retention

We retain your trading data for as long as your account is active or as needed to provide services. Under our GDPR compliance program, you have the right to request deletion of your account and all associated data at any time.

After subscription cancellation, you retain access to your data for the remainder of your billing period, followed by a 14-day grace period. Email verification tokens expire automatically after 24 hours. Tax-related data may be retained for longer periods to comply with regulatory requirements.

7. Your Rights

You have the right to:

  • Access and review your personal data through your account dashboard
  • Correct inaccurate information in your profile and trading records
  • Request complete deletion of your account and all associated data
  • Export your trading data in CSV or Excel format at any time
  • Manage email preferences and opt-out of non-essential communications
  • Cancel your subscription with continued access until your billing period ends
  • Request data portability under GDPR regulations

8. Cookies and Tracking

We use session cookies to maintain your login state and improve user experience. We do not use third-party tracking cookies for advertising purposes.

9. International Users

Our service is hosted and operated from servers located in the United States. By using DTJ, you consent to the transfer and processing of your data in the United States.

10. Changes to Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes via email or through the application.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at: DTJ.support@xartatech.com

Back to Home