Privacy Policy

Effective: 1 January 2026 · Last updated: 21 April 2026

Swing Deck is a local-first trading dashboard. Your positions, P&L, broker API tokens, and ticker lists never leave your machine. This policy explains what the cloud service does see and why.

1. What we collect

The cloud API (api.swing-deck.com) receives only:

Email address — used to send your license key, receipts, and subscription notices.
License key — a random SWING-XXXX-XXXX-XXXX string. Used to look up your tier at startup.
Stripe customer ID — opaque token from Stripe. We cannot see your card details.
Crash reports (optional) — if you enable auto-send, we receive: version string, operating system, and a scrubbed Python traceback. No filenames, no ticker symbols, no positions.
Alert dispatch metadata — when the local app asks us to send you an email/push, we see: alert type (stop_loss_breach, regime_change, etc.) and ticker symbol. We do not see share counts, prices, or account balances.

2. What we never collect

Your portfolio holdings, share counts, or cost basis.
Your broker API tokens (E*Trade, Tradier). These live in .env on your machine only.
Real-time market quotes you pull. Polygon/Finnhub keys are yours.
Your trading journal, notes, or P&L history.
Browser fingerprints, tracking cookies, or analytics scripts on the dashboard itself.

3. Third parties we share with

Stripe — payment processing. Sees your card + billing address, never your trades. Their policy.
Resend — transactional email (license delivery, receipts). Sees your email and the message body.
ntfy.sh — push notifications. Topic is hashed from your email (md5(email)[:10]) so the operator cannot trivially reverse-lookup you.
Supabase — our database host. Stores email + license rows. SOC 2 Type II certified.
Railway — our API host. Sees request logs (IP, user-agent) for 7 days.

4. Data retention

License records are kept while your subscription is active and for 7 years after cancellation (tax-compliance requirement). Alert log entries are purged after 7 days. Crash reports are kept 30 days then auto-deleted.

5. Your rights

Email support@swing-deck.com to:

Export your data (takes < 24h).
Delete your account and all associated records. We'll confirm within 72 hours.
Opt out of crash reports, marketing emails (transactional receipts always go out per Stripe's requirements).

6. Children

Swing Deck is for users 18+ only — you must be old enough to legally open a brokerage account.

7. Changes

We'll email you at least 30 days before any material change to this policy. If you disagree with a change, cancel any time for a prorated refund.

Contact

Privacy questions: privacy@swing-deck.com