This Data Processing Agreement ("DPA") forms part of the Terms of Service between the customer (the "Controller") and TradeFloor Labs S.A. ("TradeFloor", the "Processor"). It applies to the extent that TradeFloor processes personal data on behalf of a Controller that is a legal entity. Individual retail users should refer to the privacy policy instead.
Controller determines the purposes and means of processing. Processor processes personal data strictly on the Controller's documented instructions, which are deemed to be the Terms of Service, this DPA, and any additional written instructions the Controller sends to [email protected].
Provision of the TradeFloor platform: algorithmic execution, trade journaling, analytics, notifications.
For the duration of the subscription, plus a retention tail of 90 days for audit logs (where applicable) and 7 years for financial/commercial records where required by law.
Hosting, transmission, storage, encryption, and deletion of personal data as strictly necessary to operate the platform.
Data subjects: Controller's authorised users (natural persons).
Categories of personal data: email address, display name, hashed password, IP address, user-agent, session metadata, exchange account identifiers, trade history, journal entries the user chooses to write, notification preferences, two-factor secrets (encrypted), billing identifiers (handled by our payment processor, not by us).
TradeFloor does not request, and will not accept, special-category data as defined in Article 9 GDPR.
Processor shall:
The Controller grants TradeFloor general authorisation to engage sub-processors, subject to the safeguards in this section. Sub-processors are bound by contract to data-protection obligations no less protective than those in this DPA.
| sub-processor | purpose | location |
|---|---|---|
| DigitalOcean, LLC | Primary hosting, managed Postgres, managed Redis, object storage. | EU (AMS3) |
| Cloudflare, Inc. | CDN, DDoS protection, TLS termination. | Global edge |
| Resend Inc. | Transactional email delivery. | EU / US |
| Anthropic PBC | Claude API for journal AI insights and news analysis. Inputs are not used for model training; Anthropic's zero-retention mode is enabled. | US |
| Sentry Inc. | Error reporting. Sensitive locals are scrubbed client- and server-side before transmission. | EU |
| Stripe Payments Europe Ltd. | Billing and subscription management. Payment data is collected by Stripe directly; we never see it. | EU |
TradeFloor will notify the Controller of any intended change to the list of sub-processors by email at least 30 days in advance, during which the Controller may object on reasonable data-protection grounds.
Where personal data is transferred outside the EEA, TradeFloor relies on the Standard Contractual Clauses (Commission Decision 2021/914) as the primary transfer mechanism, supplemented by the technical and organisational measures in Annex A (encryption in transit and at rest, strict access control, data minimisation).
TradeFloor provides in-product tooling for data export, rectification, and erasure. For requests that cannot be handled in-product, the Controller may contact [email protected]. TradeFloor will acknowledge within two business days and cooperate without undue delay.
TradeFloor maintains an up-to-date security overview at /security, SOC-equivalent policies, and an annual third-party security review. These artefacts are made available on written request. Additional on-site audits may be arranged at the Controller's expense, with 30 days' notice, no more than once per year, not to exceed one business day, and subject to confidentiality.
On termination of the agreement, TradeFloor will, at the Controller's option and within 30 days: (a) return all personal data to the Controller in machine-readable format, or (b) delete all personal data other than records required to be retained by applicable law (e.g. financial records, audit logs). Backups will be overwritten in the normal rotation within 35 days.
TradeFloor will notify the Controller without undue delay and no later than 48 hours after becoming aware of a personal-data breach, providing: the nature of the breach, categories and approximate numbers of data subjects and records affected, likely consequences, measures taken or proposed, and a designated contact point.
Each party's liability arising out of or in connection with this DPA is subject to the limitations set out in the Terms of Service.
A concise summary; the full set is maintained at /security.
unsafe-inline/unsafe-eval.If you are a business customer and require a countersigned DPA for your compliance records, email [email protected] with your entity name and the name/title of the signatory. We return signed copies within five business days.
// data protection officer · [email protected] · security overview · /security · privacy policy · /app/privacy