Legal

Privacy Policy

Effective date: June 22, 2026

This Privacy Policy describes how BlindSpot Trader ("BlindSpot Trader," "we," "us," or "our") collects, uses, and protects information about you when you use our website and services (collectively, the "Service"). By using the Service, you agree to the practices described in this policy.

1. Information We Collect

Information you provide directly

When you create an account or purchase a subscription, we collect your email address. We do not collect passwords — authentication is handled via one-time magic links.

Trade data you upload

Your CSV files are never stored. When you upload a trade history file, it is transmitted directly to our AI analysis service, processed in memory, and immediately discarded. The raw file is never written to any database, disk, or log. Only the results of the analysis (your behavioral archetype, performance summary, and report details) are stored, and only if you are a registered user.

Automatically collected information

We collect standard web server logs including IP addresses, browser type, and pages visited. We use this data solely for security monitoring and aggregate usage analytics. We do not use this data to identify individual users.

Payment information

Payment processing is handled entirely by Stripe. We never see or store your credit card number, expiry date, or CVV. We store only your Stripe Customer ID and subscription status to manage your account.

Cookies

We use essential cookies only — specifically, authentication session cookies required to keep you logged in. We do not use advertising cookies, tracking pixels, or third-party analytics that profile individual users. You may decline non-essential cookies via our cookie banner; declining will not affect your ability to use the Service.

2. How We Use Your Information

  • To create and manage your account
  • To process payments and manage your subscription
  • To deliver the behavioral analysis reports you request
  • To send transactional emails (magic login links, payment receipts, pre-session warnings if subscribed)
  • To respond to support requests
  • To comply with legal obligations

We do not sell your personal data to third parties. We do not use your data for advertising. We do not share your data with third parties except as described in Section 3.

3. Data Sharing

We share data only with the following categories of service providers, solely to operate the Service:

  • Supabase — database and authentication hosting (data stored in the United States)
  • Stripe — payment processing (subject to Stripe's own privacy policy)
  • Anthropic — AI analysis provider (your CSV content is sent to Anthropic's API for processing and is subject to Anthropic's data handling policies; it is not retained by Anthropic beyond the immediate request)
  • Vercel — web hosting and serverless functions

All service providers are contractually prohibited from using your data for any purpose other than providing services to us.

4. Data Retention

We retain your account information and saved reports for as long as your account is active. If you delete your account, all personal data — including your email, subscription record, and all saved reports — is permanently deleted within 30 days. CSV files are never retained (see Section 1).

5. Your Rights

All users

  • Access: You may request a copy of all data we hold about you via Account Settings → Export My Data.
  • Deletion: You may permanently delete your account and all associated data via Account Settings → Delete Account.
  • Correction: Contact us to correct inaccurate data.

California residents (CCPA)

California residents have the right to know what personal information we collect, to request deletion, and to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at support@blindspottrader.com.

EEA, UK, and Switzerland residents (GDPR)

If you are located in the European Economic Area, UK, or Switzerland, you have additional rights under the GDPR, including the right to data portability, the right to restrict processing, and the right to lodge a complaint with your local supervisory authority. Our lawful basis for processing your data is contract performance (to provide the Service) and legitimate interests (security and fraud prevention). To exercise any GDPR rights, contact us at support@blindspottrader.com.

6. Data Security

We implement industry-standard security measures including HTTPS encryption in transit, encrypted storage at rest via Supabase, and access controls limiting who can access production data. No method of transmission or storage is 100% secure. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.

7. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from a minor, contact us immediately at support@blindspottrader.com.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email and update the effective date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

9. Contact

For any privacy-related questions, requests, or concerns, contact us at:
support@blindspottrader.com