← Back

Privacy Policy

Last updated: replace before launch · Effective immediately upon use

⚠️ For your lawyer. This is a starter draft based on common SaaS privacy-policy patterns and CCPA/GDPR baselines. Have a qualified attorney review before public launch — especially the CCPA "Do Not Sell," GDPR lawful-basis, and state-by-state US sections.

EZ Trader ("we," "us," or "our") respects your privacy. This Privacy Policy explains what personal information we collect, how we use it, and the choices you have. It applies to our website, mobile applications, and related services (the "Service").

1. Information we collect

Information you provide directly:

  • account info: email address, display name, optional avatar;
  • profile info: goals, learning preferences, age confirmation;
  • content you create: journal entries, community posts, paper-trade history, conversations with the AI mentor (Ezra), referral activity;
  • payment info: billing address and last 4 digits of card (full card data is held by our processor, Stripe — we never see or store it).

Information we collect automatically:

  • device and browser data (type, OS, language);
  • usage data (pages viewed, features used, lesson progress, time spent);
  • approximate location (derived from IP address);
  • cookies and similar technologies (see Section 6).

Information from third parties: if you sign in via a third-party provider (e.g., Google), we receive basic profile data from that provider.

2. How we use your information

  • to provide and operate the Service;
  • to personalize lessons, recommendations, and Ezra's responses;
  • to process payments and manage subscriptions;
  • to send transactional and (with your consent) marketing emails;
  • to send push notifications you've opted into (streak reminders, learning prompts);
  • to detect, prevent, and respond to abuse, fraud, and security incidents;
  • to improve and develop the Service, including by analyzing aggregated usage patterns;
  • to comply with legal obligations.

3. AI mentor (Ezra) — how your messages are used

Conversations with Ezra are stored in our database so you can read your chat history. We use a third-party AI provider (currently Anthropic) to generate responses. Your messages are transmitted to that provider under their commercial-API terms, which prohibit using your data to train their general-purpose models. We do not sell your chat history to any party.

Aggregated, de-identified patterns from Ezra conversations (e.g., "concepts users find confusing") may be used to improve our lessons and Ezra's prompts.

4. How we share your information

We share information only as described below:

  • Service providers who help us operate the Service, including: Supabase (database & auth), Anthropic (AI mentor), Stripe (payments), Resend (transactional email), Vercel (hosting), and analytics providers. Each is contractually bound to protect your data and use it only for the purposes we specify.
  • With your consent — e.g., when you choose to share your progress or add a friend on the Service.
  • To comply with law — e.g., to respond to a valid subpoena, court order, or regulator request.
  • In a business transaction — if we are acquired, merged, or our assets are sold, your information may transfer to the new entity, subject to this Policy.

We do not sell your personal information.

5. Data retention

We retain your information for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your account at any time (see Section 8).

6. Cookies & similar technologies

We use cookies and similar technologies to keep you signed in, remember your preferences, and analyze usage. You can control cookies through your browser settings; disabling cookies may break parts of the Service.

7. Your rights

Depending on your jurisdiction, you may have rights to:

  • access the personal information we hold about you;
  • request correction of inaccurate information;
  • request deletion of your information ("right to be forgotten");
  • request a portable copy of your information;
  • object to or restrict certain processing;
  • opt out of marketing communications at any time.

California residents (CCPA/CPRA): you have additional rights to know, delete, correct, and limit the use of sensitive personal information. We do not sell or share personal information for cross-context behavioral advertising.

EU/UK residents (GDPR/UK GDPR): our lawful bases for processing are: performance of a contract (operating the Service), legitimate interest (improving the Service, fraud prevention), consent (marketing communications), and legal obligation.

8. Exercising your rights

To exercise any of the rights above, email privacy@eztrader.app. We will respond within 30 days. We may need to verify your identity before fulfilling certain requests.

9. Security

We implement administrative, technical, and physical safeguards designed to protect your information. No method of transmission or storage is 100% secure, however, and we cannot guarantee absolute security.

10. Children's privacy

The Service is intended for users 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us their information, contact us and we will delete it.

11. International users

The Service is operated from the United States. By using the Service from outside the United States, you understand that your information will be transferred to and processed in the United States, which may have different data-protection laws than your jurisdiction.

12. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the Service. Your continued use of the Service after the effective date constitutes acceptance of the updated Policy.

13. Contact

Privacy questions or requests: privacy@eztrader.app.

Terms of ServiceDisclosures