Privacy Policy
Last updated: June 1, 2026
The short version: Your trade data is yours. We store it securely to power the Service. We do not sell your data to advertisers or third parties. Ever.
1. Who We Are
PnLStack ("we," "us," or "our") operates the trading journal platform available at pnlstack.com and the PnLStack iOS application. This Privacy Policy explains how we collect, use, and protect your personal information.
For privacy inquiries, contact us at privacy@pnlstack.com.
2. Information We Collect
| Category | Examples | Purpose |
|---|---|---|
| Account data | Email address, password hash | Authentication and account management |
| Trade data | Ticker, P&L, entry/exit prices, notes | Core journaling functionality |
| Journal data | Mood scores, text entries, emotion tags | Mindset tracking and AI insights |
| Usage data | Feature interactions, session duration | Product improvement (anonymised) |
| Device data | Browser type, OS, time zone | Compatibility and security |
We do not collect financial account numbers, brokerage credentials, or real-time market data.
3. How We Use Your Information
We use your information to:
- Provide and maintain the Service, including cloud synchronisation across your devices
- Generate performance analytics, equity curves, and AI coaching insights
- Authenticate your identity and protect your account
- Send transactional emails (account confirmation, password reset)
- Improve the Service through anonymised, aggregated usage analysis
- Comply with legal obligations
We do not use your trade data to train AI models or share it with external AI providers. The AI coaching insights are computed locally using our own algorithms without sending your data to any third-party AI service.
4. Data Storage and Security
Your data is stored using Supabase, a SOC 2 compliant database platform hosted on AWS infrastructure. All data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Row-level security ensures each user can only access their own data.
We implement access controls, audit logging, and regular security reviews. However, no system is 100% secure, and we cannot guarantee absolute security.
5. Data Sharing
We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:
- Service providers: Supabase (database hosting), Stripe (payment processing). These providers are contractually bound to protect your data.
- Legal requirements: If required by applicable law, court order, or to protect the safety of our users or the public.
- Business transfer: In the event of a merger or acquisition, your data would transfer to the new entity subject to the same privacy protections.
6. Cookies and Tracking
We use minimal, essential cookies for session management and authentication. We do not use advertising cookies, tracking pixels, or third-party analytics that profile your browsing behaviour across other sites.
7. Data Retention
We retain your data for as long as your account is active. If you delete your account, we will permanently delete your personal data within 30 days, except where retention is required by law.
You can export all your trade data at any time via the CSV export feature in Settings.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access a copy of the personal data we hold about you
- Correct inaccurate personal data
- Delete your account and all associated data
- Export your data in a portable format (CSV export is available in-app)
- Object to or restrict certain processing activities
To exercise any of these rights, email privacy@pnlstack.com. We will respond within 30 days.
9. Children's Privacy
PnLStack is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If you believe a minor has created an account, contact us and we will delete the account promptly.
10. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes via email or a notice within the Service at least 14 days before changes take effect. Your continued use of the Service after that date constitutes acceptance of the updated policy.
11. Contact
For privacy questions or to exercise your rights: privacy@pnlstack.com