Privacy Policy

We collect the minimum data necessary to provide the service:

• Account information — Email address, name, and password hash when you create an account.
• Trading account data — Account names, balances, drawdown levels, P&L, and trade executions synced from your connected prop firm accounts.
• Risk metrics — Calculated values like breach proximity, daily loss limits, and trailing drawdown positions.
• Usage data — Basic analytics about how you use the dashboard (page views, feature usage) to improve the product.
• Payment information — Processed by Stripe. We never store your full card number.

Your data is used exclusively to power PropCommand features:

• Display your account balances, P&L, and positions in the dashboard.
• Calculate risk metrics and breach proximity in real time.
• Send you alerts (email, Telegram) when accounts approach risk thresholds.
• Execute trade replication between your connected accounts.
• Generate analytics, calendar heatmaps, and account lifecycle reports.
• Improve the product based on aggregated, anonymized usage patterns.

We believe in minimal data collection. We explicitly do not collect:

• Your trading strategies, indicators, or signal logic.
• Order flow data beyond execution fills.
• Screen recordings, keystrokes, or browsing activity outside PropCommand.
• Data from platforms or accounts you have not explicitly connected.

Your edge is yours. We only see fills and risk data — never your strategy.

We use trusted third-party services to operate PropCommand:

• Supabase — Database and authentication. Your data is stored in Supabase-managed PostgreSQL with row-level security.
• Stripe — Payment processing. Stripe handles all payment data under their own PCI-compliant privacy policy.
• Vercel — Hosting and CDN. Serves the web application with standard web server logs.
• Telegram — Optional alert delivery. Only used if you connect your Telegram account for notifications.

We do not sell, rent, or share your personal data with any third party for advertising or marketing purposes.

• Your data is retained as long as your account is active.
• If you delete your account, we remove your personal data within 30 days.
• Anonymized, aggregated analytics data may be retained indefinitely.
• Payment records are retained as required by law (typically 7 years for tax purposes).

You have full control over your data:

• Export — Request a full export of your data at any time from the Settings page or by contacting support.
• Modify — Update your personal information through the dashboard or by contacting us.
• Delete — Request complete account deletion. We will remove all your data within 30 days.
• Withdraw consent — You can disconnect accounts or disable notifications at any time.

If you have questions about this privacy policy or want to exercise your data rights, contact us at support@propcommand.io.

We aim to respond to all privacy-related inquiries within 48 hours.