Install Gamma Trade
Get the full app experience — one tap from your home screen.
Back to Gamma Trade
Legal · Gamma Trade

Privacy Policy

Last updated: February 8, 2026

This Privacy Policy explains what personal information Gamma Trade collects, how we use it, who we share it with, and the choices you have. It applies to https://gextrade.fyi and all related sub-domains, web apps, emails, and push notifications operated by Gamma Trade ("we", "us", "Gamma Trade").

If you have any questions, email support@gextrade.fyi.

1. Information We Collect

Information you provide

  • Account data — email address, password hash (bcrypt), display name, and any optional profile fields you fill in.
  • Billing data — when you subscribe to a paid plan, our payment processor (Stripe) collects payment-card details directly; we never see or store full card numbers. We retain the Stripe customer ID and the last 4 digits + brand of the card on file.
  • Saved analyses, watchlists, alerts, and collar plans — content you create inside the app.
  • Push subscription endpoints — if you opt-in to web push notifications.
  • Optional financial-link consent — if you choose to link external accounts via Plaid (or another aggregator), Plaid collects bank-login credentials directly; we receive only the access token and metadata (account names, masked numbers, balances, transactions) you authorize.

Information we collect automatically

  • Usage telemetry — pages viewed, features used, request IDs, error stack traces.
  • Device data — IP address, user-agent, approximate geolocation derived from IP.
  • Cookies & local storage — session tokens, UI preferences, anti-CSRF tokens. We do not use third-party advertising cookies.

Information from third parties

  • Market data providers — Finnhub, yfinance, USASpending.gov. None of these providers receive your personal information.
  • Identity / KYC — if we add identity-verification (e.g., for higher-tier accounts), the verifier receives only the data needed for the check.

2. How We Use Your Information

  • Provide, secure, and improve the service.
  • Send transactional emails (account, billing, alerts) via Resend.
  • Compute personalized analytics (saved analyses, alerts, collar plans).
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.

We do not sell your personal information. We do not use your data to train third-party machine-learning models.

3. Sub-processors

We share the minimum data needed with each sub-processor:

Stripe
Payment processing · cardholder data
Resend
Transactional email delivery · email address only
MongoDB Atlas
Encrypted-at-rest application database
Emergent k8s
Hosting / compute · all data in transit + at rest is encrypted
Plaid (optional)
Bank-account linking · only data you authorize
Anthropic / OpenAI / Google
AI-generated market briefs · request payload only, no PII
Finnhub
Market data / news · no user PII
USASpending.gov · yfinance
Public-market data · no user PII

4. Data Sharing

  • Service providers listed above, bound by data-processing agreements.
  • Legal compliance — when required by subpoena, court order, or applicable law.
  • Business transfers — if Gamma Trade is acquired or merges with another entity, your data may transfer subject to the same protections.

5. Data Retention

See our Data Retention & Deletion Policy for the full schedule. Summary: active-account data is retained for the life of the account + 90 days for backups; you can request deletion at any time.

6. Security

We follow the practices documented in our Information Security Policy including bcrypt-hashed passwords, TLS 1.2+ in transit, AES-256 at rest, least-privilege access, and continuous monitoring. No system can be 100% secure — please report vulnerabilities responsibly per our Vulnerability Disclosure Policy.

7. Your Rights & Choices

  • Access — request a copy of your account data.
  • Correction — update inaccuracies in your profile.
  • Deletion — request erasure (subject to legal retention obligations).
  • Portability — export your saved data as JSON.
  • Withdraw consent — disconnect Plaid, unsubscribe from emails or push, or close your account anytime.
  • California residents (CCPA) — you may also request the categories of data we collect/share and opt-out of any "sale" (we do not sell).
  • EEA / UK residents (GDPR) — you may lodge a complaint with your local data-protection authority.

To exercise any of these rights, email support@gextrade.fyi. We respond within 30 days.

8. Children

Gamma Trade is not directed to children under 13. We do not knowingly collect data from anyone under 13.

9. International Transfers

Our systems are hosted in the United States. By using Gamma Trade you consent to data transfer to and processing in the US.

10. Changes to this Policy

We will update the "Last updated" date above and, for material changes, notify you by email or in-app banner at least 14 days before the change takes effect.

© 2026 Gamma Trade. Markets data is delayed and for informational use only — not investment advice.
support@gextrade.fyi

Made with Emergent