Privacy Policy

Last updated: January 28, 2026

This Privacy Policy describes how Edgelab ("we", "us", "our") collects, uses, and protects your personal information when you use our cryptocurrency trading journal platform.

1. Data Edgelab Collects

1.1 Account Information

When you create an account, we receive from our authentication provider (Clerk): your email address, name, and profile information.

1.2 Trading Data

Data you provide or import: trading positions, individual trades, journal notes, trading systems, tags, and dashboard configurations.

1.3 Exchange API Keys

If you connect exchange accounts, we store your API keys encrypted using AES-256 encryption. Edgelab only uses these keys to fetch trade data on your behalf.

1.4 Payment Information

Payment processing is handled entirely by Stripe. Edgelab does not store your credit card numbers or banking details. Edgelab stores your Stripe customer ID and subscription status.

1.5 Usage & Error Data

Edgelab collects error logs and performance data through Sentry for the purpose of improving service reliability. This may include browser type, device information, and error context.

2. How Edgelab Uses Your Data

  • To provide and maintain the Edgelab service
  • To import and display your trading data from connected exchanges
  • To calculate trading analytics and performance metrics
  • To process subscription payments via Stripe
  • To monitor and fix errors and improve service reliability
  • To communicate with you about your account, subscription, or service updates

Edgelab does not sell, rent, or share your personal data with third parties for marketing purposes.

3. Third-Party Service Providers

Edgelab uses the following third-party services:

ProviderPurposeData Shared
ClerkAuthenticationEmail, name, profile
StripePayment processingEmail, payment details
SentryError trackingError logs, device info
Neon (PostgreSQL)Database hostingAll user data (encrypted at rest)
VercelApplication hostingRequest logs

4. Cookies

Edgelab uses the following types of cookies:

  • Essential cookies: Required for authentication (Clerk session cookies) and basic functionality. These cannot be disabled.
  • Analytics/Error tracking: Used by Sentry for error monitoring. These are only set with your consent.
  • Payment cookies: Used by Stripe for fraud prevention during checkout.

You can manage your cookie preferences via the cookie consent banner displayed on your first visit.

5. Data Security

Edgelab takes security seriously and implements the following measures:

  • Exchange API keys are encrypted using AES-256 encryption
  • All data transmitted over HTTPS
  • Authentication handled by Clerk with industry-standard security
  • Database hosted on Neon with encryption at rest
  • Multi-tenancy enforced: users can only access their own data

6. Data Retention

Edgelab retains your data for as long as your account is active. If you delete your account, your personal data and trading data will be permanently deleted within 30 days. Some data may be retained longer if required by law or for legitimate business purposes (e.g., payment records for tax compliance).

7. Your Rights (GDPR)

If you are located in the European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request restriction of processing
  • Objection: Object to processing based on legitimate interests

To exercise any of these rights, contact us at support@edgelab.systems.

8. Legal Basis for Processing (GDPR)

Edgelab processes your personal data on the following legal bases under Article 6 of the GDPR:

  • Contract performance: Processing necessary to provide the Edgelab service (account management, trade data storage, subscription billing)
  • Consent: Non-essential cookies and analytics (Sentry error tracking). You may withdraw consent at any time via cookie preferences.
  • Legitimate interest: Service improvement, security monitoring, and fraud prevention

9. International Data Transfers

Your data may be processed in the United States and other countries where our service providers operate. Specifically:

  • Vercel (hosting),US-based
  • Neon (database),US-based
  • Clerk (authentication),certified under the EU-US Data Privacy Framework
  • Stripe (payments),certified under the EU-US Data Privacy Framework

Where transfers occur outside the EEA, we rely on Standard Contractual Clauses or Data Privacy Framework certifications as appropriate safeguards.

10. Children's Privacy

Edgelab is not intended for use by individuals under the age of 18. Edgelab does not knowingly collect personal data from children.

11. Changes to This Policy

Edgelab may update this Privacy Policy from time to time. Edgelab will notify you of material changes via email or in-app notification at least 30 days before the changes take effect.

12. Contact

For privacy-related inquiries, contact us at support@edgelab.systems.