Privacy Policy

This Privacy Policy explains how the operator of TradingView Optimizer ("we," "us," or "our"), a sole proprietorship based in the State of Texas, United States, collects, uses, and shares information in connection with our website, desktop application, and related services (collectively, the "Services").

This policy covers only what we collect. It does not cover what third-party services (such as TradingView, Stripe, or your operating system) collect from you directly; their privacy practices are governed by their own policies.

1. Who this policy applies to

The Services are offered to residents of the United States only. If you are not a U.S. resident, please do not submit information to us. We do not knowingly collect information from children under 18; if you believe a child has provided us with information, contact us at [email protected] and we will delete it.

2. Information we collect

2.1 Information you provide

• Waitlist email. If you join the waitlist on our website, we collect the email address you submit.
• Account information. When you create an account, we collect your email address and a unique identifier issued by our identity provider. We do not handle or store your password; all authentication is performed by our identity provider.
• Google sign-in. You may sign in using your Google account. When you do, Google shares with our identity provider your name, email address, and Google profile ID. We receive and store these values solely to create and authenticate your account. No other Google account data is requested or stored.
• Payment information. When you subscribe, Stripe, Inc. collects your payment-card or bank details directly. Stripe may transmit additional details about the transaction to our backend (including your name and billing address) as part of processing, but we only retain a customer identifier, your subscription status, the plan you selected, the last four digits of your payment card (where available), and billing country. We never receive or store full card numbers.
• Consent records. When you accept these Terms and this Privacy Policy from within the desktop application, we record your account identifier, the versions of the documents you accepted, the time of acceptance, and the IP address and user-agent string captured by the server handling the request. We retain this record as evidence of your acceptance for so long as your account exists and for a reasonable period thereafter.
• Communications. If you email us, we keep that correspondence so we can respond and maintain a record of the issue.

2.2 Information collected automatically

• Server logs. Our hosting provider (Cloudflare) records standard request metadata, including IP address, timestamp, user-agent, and the URL requested. These logs are used for security, abuse prevention, and debugging.
• Session cookies. When you sign in, we set a single first-party, HTTP-only cookie to keep you signed in. It contains an encrypted session reference and expires when you sign out or after a period of inactivity.
• Usage counters. For subscribed users, we record a counter of optimization runs associated with your account for billing and fraud-prevention purposes. We do not record what your strategies contain or what parameters you swept.

2.3 Information we do NOT collect from the desktop app

The desktop application stores your TradingView strategy parameters, backtest results, sweep configurations, and run history in a local database (SQLite) on your own computer. This content is never transmitted to us and we have no ability to access it. The only data transmitted from the desktop application is the telemetry described in §2.4.

2.4 Telemetry (desktop application)

Use of the desktop application requires the transmission of anonymous product telemetry. This is a condition of the license granted in our Terms of Service; the application will not run without it. We use telemetry to detect crashes, diagnose bugs, measure performance, and understand which features are used so we can improve the product.

Telemetry consists of:

• A random install identifier (a UUID generated on first launch and stored locally). This is not derived from your hardware and cannot be used to identify you personally.
• Environment metadata: application version, operating system, OS version, CPU architecture, and display locale.
• Feature-usage events: the names of actions you take in the application (for example, that a sweep was started or that the analytics view was opened). We do not include the contents of your strategies, parameter values, symbols, timeframes, or backtest results in these events.
• Performance metrics: timings for significant operations (for example, how long a sweep run took to complete).
• Crash reports: when the application crashes, we receive a stack trace and the environment metadata above. Crash reports may contain fragments of memory; we make reasonable efforts to scrub obvious personal data before storage.

Telemetry is associated with your account identifier so we can correlate issues with reports and contact you if a problem affects you. We do not use telemetry for advertising and do not share it with any third party other than the service providers listed in §5.

If you do not wish to send telemetry, please do not install or run the desktop application. Your account and any website data can still be removed under the rights described in §10.

3. How we use information

We use the information described above to:

• Provide, maintain, and improve the Services;
• Create and authenticate your account and keep you signed in;
• Process subscriptions, billing, and refunds through Stripe;
• Send you transactional messages (receipts, renewal notices, security alerts, service-update notices);
• Respond to your support requests;
• Detect, investigate, and prevent fraud, abuse, and violations of our Terms of Service;
• Diagnose crashes, fix bugs, measure performance, and understand which features are used, through the telemetry described in §2.4;
• Record your acceptance of our Terms and this Privacy Policy, as described in §2.1, for evidentiary purposes;
• Comply with legal obligations and enforce our rights.

We do not sell your personal information, and we do not use your information for advertising.

4. Legal bases for processing

We process your information based on:

• Contract. To provide the Services you have signed up for and process your subscription.
• Legitimate interests. To secure the Services, prevent fraud, and communicate with you about your account.
• Legal obligation. To comply with tax, accounting, and other legal requirements.
• Consent. For any activity where we ask you and you opt in (for example, joining the waitlist).

5. Service providers we use

We rely on a small set of third-party service providers to operate the Services. Each is contractually or by policy restricted from using your information for its own marketing or unrelated purposes.

• Cloudflare, Inc. — hosts our website, edge functions, and stores limited account metadata (such as waitlist emails and session data). See Cloudflare's Privacy Policy.
• Stripe, Inc. — processes all payments and holds payment-card information. See Stripe's Privacy Policy.
• WSO2 LLC (Asgardeo). — our identity provider; handles account sign-up, sign-in, and password management. See WSO2's Privacy Policy.
• Google LLC. — if you choose to sign in with Google, your authentication flows through Google's OAuth service. See Google's Privacy Policy.
• Email delivery. We use a transactional-email provider to send account-related messages (receipts, renewal notices, and support replies).

6. When we share information

We share information only in the following circumstances:

• With service providers listed above, to the extent needed to operate the Services;
• With you, in response to your requests;
• To comply with law, legal process, or a binding government request, or to protect the safety, rights, or property of us, our users, or others;
• In a business transfer, such as a merger, acquisition, or sale of assets, in which case we will notify you and give you the opportunity to object where required by law.

We do not sell or rent your personal information to third parties.

7. Cookies and similar technologies

We use only cookies that are strictly necessary to operate the Services:

• A session cookie to keep you signed in after you log in.
• Cloudflare's security cookies, which protect against abuse and bots.

We do not use advertising cookies, analytics cookies, or cross-site tracking technologies. Because the cookies we use are strictly necessary, no consent banner is required; you can still clear cookies at any time through your browser.

8. Data retention

• Waitlist emails — kept until we have launched and contacted you, or until you ask us to delete them.
• Account data — kept for as long as your account is active, and for a reasonable period after you close it so we can honor ongoing obligations (for example, tax and accounting records).
• Billing records — kept by us and by Stripe for as long as required by applicable tax and financial-reporting laws (typically 7 years in the United States).
• Server logs — rotated automatically on Cloudflare's standard schedule.
• Telemetry — raw event data kept for up to 13 months; aggregate and anonymized statistics may be kept indefinitely.
• Crash reports — kept for up to 13 months.
• Consent records — kept for the life of your account and for up to 6 years after account closure, as evidence of acceptance.
• Support correspondence — kept for up to 3 years after resolution.

9. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect the information we hold, including encryption in transit (HTTPS/TLS), encrypted session cookies, and access controls on our infrastructure. No method of transmission or storage is 100% secure, however. If we become aware of a data breach affecting your personal information, we will notify you as required by applicable law.

10. Your rights

Depending on where you live, you may have the following rights regarding your personal information:

• Access — request a copy of the personal information we hold about you.
• Correction — ask us to correct information that is inaccurate or incomplete.
• Deletion — ask us to delete your personal information, subject to our legal and contractual obligations.
• Portability — receive your information in a structured, machine-readable format.
• Objection / restriction — object to, or ask us to restrict, certain processing.
• Withdraw consent — where we rely on consent, you can withdraw it at any time.

California residents. If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you the rights listed above, the right not to be discriminated against for exercising them, and the right to opt out of the sale or sharing of your personal information. We do not sell or share your personal information as those terms are defined in the CCPA.

Texas residents. If you are a Texas resident, the Texas Data Privacy and Security Act gives you the same set of rights. We do not sell personal data or process it for targeted advertising.

To exercise any of these rights, email us at [email protected] from the address associated with your account. We may need to verify your identity before acting on a request, and we will respond within the timeframe required by applicable law (typically 45 days).

11. International users

The Services are hosted in the United States and offered only to residents of the United States. If you access the Services from outside the United States, you do so on your own initiative and are responsible for compliance with local laws. By using the Services, you consent to the transfer and processing of your information in the United States.

12. Children

The Services are not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a child has provided us with information, contact us at [email protected] and we will delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time. If we make a material change, we will give you reasonable advance notice by email or by in-product notice before the change takes effect. The "Last updated" date at the top of this page always reflects the current version.

14. Contact us

Privacy questions or requests: [email protected].