Privacy Policy for Leaf Edge

Last Updated: February 18, 2026

1. Introduction

Welcome to Leaf Edge ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our trading journal and analysis application (the "Service").

We are based in the United Kingdom and this policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

A. Personal Data You Provide

We collect personal information that you voluntarily provide to us when you register for the Service, specifically:

• Identity Data: Name, username.
• Contact Data: Email address.
• Financial Data: Payment information (processed securely by Stripe; we do not store full card details).
• Trading Data: Brokerage account credentials (processed via secure APIs), trade history, journal entries, and notes you input into the Service.

B. Automatically Collected Data

When you access the Service, we may automatically collect:

• Device Data: IP address, browser type, operating system.
• Usage Data: Pages viewed, time spent, and interaction with features.

3. How We Use Your Information

We use your personal data to:

• Provide and maintain the Service (e.g., syncing trades, generating reports).
• Process your subscription payments.
• Manage your account and provide customer support.
• Send you administrative information, such as security alerts or policy updates.
• Improve our Service through analytics (anonymized/aggregated data).

4. Sharing Your Information

We do not sell your personal data. We may share information with the following third-party service providers who assist us in operating the Service:

• Stripe: For payment processing.
• Vercel: For website hosting and infrastructure.
• PostHog: For privacy-conscious product analytics and usage measurement.
• Supabase/PostgreSQL: For database storage.

These parties are contractually obligated to protect your data and only use it for the purposes we specify.

5. Data Retention

We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.

• Account Data: Retained while your account is active. Deleted 30 days after account closure.
• Trading Records: We may retain historical trading records for up to 7 years if required for legal or tax purposes, or as part of your user history unless deletion is requested.
• Backups: Retained for 90 days.

6. Your Data Rights (GDPR)

Under the UK GDPR, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate data.
• Erasure ("Right to be Forgotten"): Request deletion of your data.
• Restriction: Request that we restrict the processing of your data.
• Portability: Request transfer of your data to another service.

To exercise these rights, please contact us.

7. Security

We use administrative, technical, and physical security measures to help protect your personal information, including encryption (TLS 1.3), access controls, and regular security assessments.

8. Updates to This Policy

We may update this privacy policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible.