← Back

Privacy Policy

Last updated: June 16, 2026

Plain English: We collect only what's needed to run the app. We don't sell your data. You can export or delete everything at any time. No third-party ad networks. No data brokers.

Who we are

TradeFlow Quantum is owned and operated by Crosspoint Capital Inc., a Pennsylvania corporation (S-corp tax election). For purposes of GDPR, CCPA, and other applicable privacy laws, Crosspoint Capital Inc. is the data controller for personal data processed through this service. Contact: support@tradeflowquantum.com.

What we collect

You provide: Email (via Clerk auth), trade data, settings, optional broker OAuth tokens (encrypted at rest), optional Polygon API key (encrypted at rest).
Auto-collected: Page views (PostHog, opt-in, no PII), server request logs (30 day retention via Vercel).
NOT collected: Passwords (Clerk handles), broker account numbers, SSN, geolocation, browsing history, marketing identifiers.

How we use it

Email → authentication + the weekly digest. Trade data → analytics + reports you can see. Broker tokens → auto-syncing your fills (encrypted at rest). Anonymized page views → product improvement. We share nothing with advertisers.

Third-party services we use to run the app

We don’t sell your data. We do processsome of it through these services because we can’t run the product without them. Each one is named, its role, what data it sees, and where it’s hosted. The full canonical list lives at /subprocessors (mirrored here for easy reading; the canonical page is the one our DPAs reference).
ProviderRoleWhat it seesRegion
ClerkAuthenticationEmail, password (hashed), IP at sign-in, optional 2FA factorsUS
SupabaseDatabase + storageAll app data: trades, settings, audit log, broker connectionsUS (configurable)
VercelHosting, request logsIP + URL + user-agent for every request, 30-day retentionUS/EU edge
Polygon.ioPrice feed (calendar quotes + bar replay)Symbols you've traded — fetched only when you visit pages that need bars (calendar, trade-detail replay). No PII, no account info.US
SnapTradeBrokerage aggregator — connect Robinhood, Webull, Fidelity, Vanguard, IBKR, eToro, M1, SoFi, etc.Your brokerage login (handled by SnapTrade — we never see it), trade and position history from the connected accounts, and a per-user identifier issued by SnapTrade. Used only when you opt in to connect a broker via SnapTrade.US/CA
ResendWeekly digest emailYour email address + digest body contentUS/EU
PostHogAnonymized analytics (opt-in)Page-view URL + timestamp. We do not capture form values, clicks on PII, or session replay.US/EU

The optional provider (PostHog) is gated behind your cookie-consent choice — see the Cookies section below.

Broker connections

Read-only access to your trade history at the broker. Tokens are encrypted at rest with AES-256-GCM. Disconnect anytime from the Brokers page — tokens are deleted immediately and your trade history stays. We never place trades on your behalf.

Your rights

Export: Settings → Full data backup (JSON). Includes trades, settings, audit chain, broker connection history. Encrypted columns stripped.
Clear trades: Settings → Danger zone → Clear all trades. Wipes trade history but keeps your account. Type the confirmation phrase to proceed.
Delete account: Settings → Danger zone → Delete account. One-shot full wipe. Cannot be undone. Removes every Supabase row + your Clerk sign-in.
Disconnect brokers: Brokers page. Tokens deleted immediately on disconnect.
Unsubscribe digest: Settings → Preferences → uncheck weekly digest. Or click unsubscribe link in any email footer.
Withdraw analytics consent: Use the cookie-consent banner on first visit, or clear localStorage to re-prompt. PostHog stops tracking on decline.
EU users: GDPR rights apply (access, rectification, erasure, portability — all self-serve via the buttons above). California users: we don't sell personal information.

Cookies

Essential (always set, no consent required, GDPR Art. 6(1)(b) — necessary to perform the service):
__session (Clerk) — your sign-in session.
sb-* (Supabase) — database session bridge for your authenticated requests.

Optional (only set when you accept the consent banner; declined by default):
ph_* (PostHog) — anonymized analytics. Stored in localStorage, not as cookies.

No advertising cookies. No cross-site tracking. No fingerprinting. You can decline optional cookies and the app works fully — only the anonymized analytics + browser-side error reporting are disabled.

Security

Database encrypted at rest. Broker tokens AES-256-GCM. HTTPS everywhere with HSTS preload + strict CSP. Row-level security on every Postgres query. Hash-chained audit log for tamper detection. Clerk auth with optional 2FA. See Terms for the full security posture.

Contact

Crosspoint Capital Inc.
Email: support@tradeflowquantum.com
Questions about this policy? Email support@tradeflowquantum.com and a human will reply within one business day.