Legal info

Privacy Policy

Last updated

We are Edgeworth (“Edgeworth,” “we,” or “us”). We respect your privacy and work hard to protect the confidentiality of the information you give us. We share your personal data with third parties only when needed to provide the service you've requested. This page explains, in detail, what we collect and why.

Updates

We may update this privacy policy from time to time by posting a new version on our website. Check this page occasionally to make sure any changes are acceptable to you. The current version was modified on the date shown above.

Personal data we collect

User accounts

If you create an account with Edgeworth, you provide certain personal data so we can give you the service. During registration we ask for:

  • Email address
  • Name (or username)
  • Password (stored hashed — we never see the plaintext)
  • Profile photo (optional)

Orders & billing

When you purchase, or attempt to purchase, a Subscription — including when you start a Free Trial — we collect the information needed to complete the transaction: full name, billing address, payment method details (e.g. card number, expiry, CVV, PayPal account, wallet token, etc.), email address, and phone number where relevant.

Payment-method details are collected and stored by Paddle.com Market Limited(“Paddle”), our Merchant of Record and payment processor — Edgeworth never sees or stores your full card number, PayPal credentials, or other sensitive payment instrument data. Paddle's processing of your payment data is governed by Paddle's own privacy notice (available at paddle.com/legal/privacy), which applies to your purchase alongside this policy.

During a Free Trial the payment method is held but not charged; it is charged automatically only when the trial ends, unless you cancel before then.

Contact data

We process any personal data you provide when communicating with us via email, live chat, or other support channels, for the purpose of assisting you and keeping a record of the conversation.

Trade data you log

Trade entries, notes, screenshots, tags, partial-exit configurations, and any other content you enter into your journal stays under your account. It is treated as your private data and is not shared with other users. We only access it when needed for support, debugging, or to investigate abuse; internal access goes through admin impersonation gated by the admin role, and every impersonation session is written to our audit log (the action you performed, the admin who initiated it, and the affected user are all recorded). We do not use account access for purposes outside support, debugging, or compliance investigation.

Cookies and similar technologies

Cookies are small data files stored on your browser. We use cookies to keep you signed in, remember your preferences, and understand how you use the Service. Some cookies are strictly necessary for the Service to function (e.g. session cookies); others are analytical and can be disabled in your browser settings.

Log files

Like most online services, we record certain actions when you interact with the Service — for example, sign-in attempts, errors, or API calls. We use these logs to understand how the product is used, fix issues, and protect against abuse.

Device information

We collect basic information about the devices you use to interact with the Service: IP address (from which we can infer the country you are connecting from), operating system, and browser version. This information is used to prevent spam and abuse, and to deliver a working experience on your device. IP addresses may be considered personal data in some jurisdictions and are treated accordingly under this policy.

Analytics

When you use our website or applications, we may collect anonymised analytics information — device identifiers, network information, and interaction events (e.g. which pages you visited, which features you used). We collect this data pseudonymously and use it to analyse and improve the Service. For this purpose we may use third-party providers such as standard web-analytics tools.

How we use your personal information

We process your personal data only as necessary for legitimate business interests, which include the following:

User account and profile operations

  • to authenticate your account and protect its security;
  • to send the welcome / email-verification message after sign-up;
  • to provide subscription services to paying users and contact you regarding their use;
  • to send essential service notifications you cannot opt out of — including Free Trial reminders before the trial ends, payment receipts, payment-failure alerts, and security alerts — though you can always delete your account.

Profile preferences

Your account holds a set of preferences for each tool — column layouts in the journal, default risk presets in the Curve Simulator, primary BE rule, and so on. We keep this data solely to personalise your experience and do not share these preferences with any third party.

Customer service

When you contact our support team, we may use the data we already hold, together with any additional information you provide in the conversation, to resolve your issue.

When we share personal information

Edgeworth does not sell your personal data. We share information with third parties only in the following limited cases:

  • Service providers — our hosting provider, our Merchant of Record / payment processor (Paddle.com Market Limited), our email-delivery provider, and similar vendors process data on our behalf, under contract, to deliver the Service. Each provider receives only the data it needs.
  • Legal obligations — when required by law, court order, or other binding legal process, we may disclose data to the extent legally required.
  • Business transfers — if Edgeworth is involved in a merger, acquisition, or asset sale, your personal data may be transferred to the successor entity, subject to the same protections described here.

Account deletion

You may stop using the Service and ask us to delete your account from your profile settings, or by emailing [email protected]. Once you delete your account we immediately anonymise the personal data we hold for it — your email address, name, password hash, payment provider customer IDs, device IP addresses, and short-lived authentication tokens are removed or replaced with a per-account tombstone. The remaining rows (workspace data, strategies, trades, settings) are hidden from the application by our soft-delete query filter and become inaccessible to you, our staff, and any future viewer of the platform. This action is irreversible.

A minimal security history is retained under our legitimate interest in preventing fraud and abuse — event type, timestamp, and a masked target identifier — for up to 24 months. IP addresses are scrubbed from these rows at the time of deletion. Operational copies of the database (point-in-time backups taken for disaster recovery) may still contain snapshots of your data for the standard backup retention period of our infrastructure provider; those snapshots are over-written on the provider's schedule and are not used to restore deleted accounts.

Security of personal data

Edgeworth implements industry-standard measures to protect your data — TLS in transit, encryption of sensitive fields at rest, hashed passwords, isolated per-user data, and access controls on internal tooling. No system is fully immune to attack; if a security incident affects your data, we will notify you as required by applicable law.

Children and sensitive personal data

The Service is not directed at children under 16, and we do not knowingly collect personal data from anyone under that age. If you believe a minor has provided personal data to us, please contact us so we can delete it.

We do not knowingly collect sensitive personal data — such as health, racial or ethnic origin, political opinions, or biometrics — and we ask that you do not submit such data through the Service.

Your rights

Depending on your jurisdiction, you may have the right to access, correct, update, or request deletion of your personal data; object to or restrict its processing; or request data portability. You can exercise most of these directly from your account settings, or by contacting us at the address below.

Contact us

For any privacy-related question, request, or concern, please contact us at [email protected].