Tracom

Privacy Policy

Your privacy is fundamental to how we build and operate Tracom

Effective Date: August 15, 2025 | Last Updated: August 15, 2025

Quick Navigation

Overview What We Collect How We Use Your Data Data Sharing Your Rights Security International Transfers Cookies Data Retention Children's Privacy California Privacy Contact Us

Privacy at Tracom

This Privacy Policy explains how Tobistech Ltd (Company No. 16037879), operating as Tracom Trading Journal ("we," "us," "our"), collects, uses, shares, and protects your personal information. We are committed to protecting your privacy and complying with global data protection laws including GDPR, UK GDPR, CCPA, and other applicable regulations.

πŸ”’ We NEVER sell your personal data. Your trading information is yours alone.

1. Data Controller

Tobistech Ltd is the data controller responsible for your personal data processed through Tracom.

Registered Office: 82 King Street, Manchester, England, M2 4WQ

Company Number: 16037879

ICO Registration: [To be provided if registered]

Contact: support@tobistech.co.uk

Data Protection Officer: dpo@tobistech.co.uk

2. Information We Collect

2.1 Account Information

Required Information:

Full name
Email address
Username
Password (encrypted)
Date of birth (age verification)
Country (for compliance)

Optional Information:

Phone number
Profile picture
Street address
City & Postal code

2.2 Trading Journal Data

Trade entries (symbols, prices, dates, notes)
Risk calculations and position sizes
Performance analytics and statistics
Custom tags and categories
Shared journal content (if you choose to share)

2.3 Payment & Subscription Data

Note: We use Stripe for payment processing. We do NOT store credit card numbers.

Stripe customer ID
Subscription status and dates
Payment history and amounts
Creator payout information (if applicable)

2.4 Technical & Usage Data

IP addresses (for security and fraud prevention)
Device information and identifiers
App usage statistics and crash reports
Login times and session data
Push notification tokens
Timezone, locale, and currency preferences

2.5 Social Login Data (If Used)

If you sign in using social providers, we receive:

Basic profile info (name, email, profile picture)
Provider user ID (Google, Apple, or Facebook ID)

3. How We Use Your Information

Purpose Legal Basis (GDPR)
Provide trading journal services Contract performance
Process payments and subscriptions Contract performance
Send service notifications Contract performance
Customer support Legitimate interest
Marketing communications Consent
Improve app features Legitimate interest
Security and fraud prevention Legal obligation
Comply with legal requirements Legal obligation

Important: We NEVER use your trading data for our own trading purposes or share it with third parties for trading purposes. Your strategies and trades remain confidential.

4. How We Share Your Information

πŸ”’ We NEVER sell, rent, or trade your personal information.

We only share your data in these limited circumstances:

4.1 Service Providers

Stripe

Payment processing (PCI-DSS compliant)

AWS (Amazon Web Services)

Cloud hosting and data storage (Virginia, USA)

SendGrid/Email Provider

Transactional emails and notifications

Analytics Providers

App performance and usage analytics (anonymized)

4.2 Your Public Sharing

When you choose to share journals publicly or with subscribers, that content becomes visible to those users. You control what to share.

4.3 Legal Requirements

We may disclose data when required by law, such as:

  • β€’ Court orders or legal processes
  • β€’ Protection of our legal rights
  • β€’ Prevention of fraud or security threats
  • β€’ Protection of public safety

5. Your Privacy Rights

Depending on your location, you have specific rights regarding your personal data:

πŸ‡ͺπŸ‡Ί European Union & UK (GDPR/UK GDPR)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion ("right to be forgotten")
  • Portability: Receive data in machine-readable format
  • Restriction: Limit processing of your data
  • Object: Opt-out of certain processing
  • Withdraw Consent: Any time for consent-based processing

Supervisory Authority: You may lodge a complaint with the UK ICO (ico.org.uk) or your local data protection authority.

πŸ‡ΊπŸ‡Έ California (CCPA/CPRA)

  • Know: What personal information we collect and how we use it
  • Delete: Request deletion of your personal information
  • Opt-Out: We don't sell data, but you can opt-out of sharing
  • Non-Discrimination: Equal service regardless of privacy choices
  • Correct: Update inaccurate personal information
  • Limit: Restrict use of sensitive personal information

How to Exercise Your Rights

Contact us at:

  • πŸ“§ Email: privacy@tobistech.co.uk
  • πŸ“± In-App: Settings β†’ Privacy β†’ Request Data
  • ⏱️ Response Time: Within 30 days

We may verify your identity for security purposes before processing requests.

6. How We Protect Your Data

We implement industry-standard security measures to protect your personal information:

Technical Measures

  • β€’ 256-bit SSL/TLS encryption
  • β€’ Encrypted database storage
  • β€’ Secure AWS infrastructure
  • β€’ Regular security audits

Operational Measures

  • β€’ Access controls & authentication
  • β€’ Regular backups
  • β€’ Incident response procedures
  • β€’ Staff training & NDAs

Note: While we use best practices, no internet transmission is 100% secure. Please use strong passwords and protect your account credentials.

7. International Data Transfers

Your data may be transferred and processed internationally:

Primary Data Location:

πŸ‡ΊπŸ‡Έ United States (AWS Virginia) - Main servers

πŸ‡¬πŸ‡§ United Kingdom - Company headquarters

Safeguards for International Transfers:

  • β€’ Standard Contractual Clauses (SCCs) for EU-US transfers
  • β€’ UK International Data Transfer Agreement (IDTA)
  • β€’ Appropriate technical and organizational measures
  • β€’ Data Processing Agreements with all processors

By using Tracom, you consent to the transfer of your data as described above, with appropriate safeguards in place.

8. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

Essential Cookies

Required for app functionality, authentication, and security

Analytics Cookies

Help us understand app usage and improve features (anonymized)

Preference Cookies

Remember your settings (theme, language, currency)

You can manage cookie preferences in your device settings. Note that disabling cookies may affect app functionality.

9. How Long We Keep Your Data

Data Type Retention Period
Account information Until account deletion + 30 days
Trading journals Until you delete them
Payment records 7 years (legal requirement)
Support communications 2 years
Security logs 1 year
Marketing preferences Until withdrawn

Account Deletion: You can request account deletion anytime. We'll delete your data within 30 days, except where legal retention is required.

10. Children's Privacy

Age Restriction: Tracom is NOT for users under 18 years old.

We do not knowingly collect data from minors. If we discover a user is under 18, we will immediately:

  • β€’ Terminate the account
  • β€’ Delete all associated data
  • β€’ Notify the user if possible

If you believe a minor is using Tracom, please contact us immediately at safety@tobistech.co.uk

11. California Privacy Rights (CCPA)

Categories of Information We Collect:

  • β€’ Identifiers (name, email, IP address)
  • β€’ Commercial information (subscription history)
  • β€’ Internet activity (app usage)
  • β€’ Geolocation data (country/region)
  • β€’ Professional information (trading data)

Your California Rights:

  • βœ… We DO NOT sell personal information
  • βœ… We DO NOT share data for cross-context behavioral advertising
  • βœ… You can request data deletion anytime
  • βœ… You can access your data via app settings

To exercise your rights, email: privacy@tobistech.co.uk with "California Privacy Rights" in the subject.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements.

When we make changes:

  • β€’ Update the "Last Updated" date
  • β€’ Notify you via email for material changes
  • β€’ Post in-app notifications
  • β€’ Request new consent if required

Continued use after changes means you accept the updated policy.

13. Contact Us

For privacy questions, requests, or concerns:

Data Protection Officer

πŸ“§ dpo@tobistech.co.uk

For formal data protection inquiries

General Privacy Inquiries

πŸ“§ privacy@tobistech.co.uk

For general privacy questions

Postal Address

Tobistech Ltd

82 King Street

Manchester, England, M2 4WQ

United Kingdom

Response Times

⏱️ General inquiries: 5 business days

⏱️ Data requests: 30 days (as required by law)

⏱️ Urgent security issues: 24 hours

Supervisory Authorities

If you're not satisfied with our response, you may contact:

πŸ‡¬πŸ‡§ United Kingdom

Information Commissioner's Office (ICO)

ico.org.uk

πŸ‡ͺπŸ‡Ί European Union

Your local data protection authority

edpb.europa.eu