Privacy Policy

Last updated June 22, 2026

This Privacy Policy explains what information PropTraderX (the “Service”) collects, how we use and protect it, and the choices you have. By using the Service you agree to this Policy. It should be read together with our Terms of Service.

Risk warning
PropTraderX is an automated trading tool and is not a broker or financial adviser. Using it involves substantial financial risk, and nothing in this Policy is financial advice. See our Terms of Service for the full risk disclosure and limitation of liability.

1. Information we collect

  • Account information — your email address and authentication identifiers (managed by our auth provider).
  • Broker / prop-firm credentials — API keys and connection details you provide, stored ENCRYPTED at rest (AES-256-GCM) and decrypted only inside the execution engine at runtime to place your trades.
  • Trading & configuration data — your accounts, deployments, strategy parameters, risk settings, trades, P&L, journal entries, and related records you generate using the Service.
  • Usage & diagnostic data — basic logs, timestamps, and error/diagnostic information used to operate and debug the Service.
  • Cookies — strictly necessary session cookies used to keep you signed in and remember your selected account.

2. How we use your information

  • To operate the Service — authenticate you, connect to your broker/prop-firm, run strategies, and display your data.
  • To secure the Service — detect, prevent, and investigate abuse, errors, and security incidents.
  • To support you — respond to requests and send essential service and account notices.
  • To improve the Service — understand reliability and performance in aggregate.

We do not sell your personal information, and we do not use your trading data to trade against you.

3. How your data is stored and secured

Broker credentials are encrypted at rest with AES-256-GCM and are never exposed to other users. Data is isolated per account using row-level security so you can only access your own records. We apply transport encryption (HTTPS), access controls, and security headers. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

4. Service providers (subprocessors)

We rely on a small set of infrastructure providers who process data on our behalf:

  • Supabase — authentication and database hosting.
  • Vercel — web application hosting and content delivery.
  • Fly.io — hosting for the execution engine.
  • Your broker / prop firm (e.g. TopstepX) — we send orders and read account data via their API using the credentials you provide.

These providers may process data in the United States or other regions. We share only what is necessary to provide the Service.

5. Data retention

We retain your information for as long as your account is active or as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. You may delete accounts and their connected data from within the app; deleting your account removes your stored credentials and associated records.

6. Your rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. You can exercise many of these directly in the app, or contact us using the details below.

7. Children

The Service is not directed to anyone under 18, and we do not knowingly collect information from children.

8. Changes to this Policy

We may update this Policy from time to time. Material changes will be reflected by updating the “Last updated” date above. Continued use of the Service after changes take effect constitutes acceptance of the revised Policy.

9. Contact

Questions about privacy? Email privacy@proptraderx.io.