Privacy Policy

How we collect, use, and protect your information.

Effective date: 2025-08-21

Introduction

This Privacy Policy explains how TRINITY Trade LLC ("TRINITY", "we", "us", "our") collects, uses, and safeguards information in connection with our IRIS web application and related services. We are a small startup and do not collect substantial personal data beyond what is necessary to provide authentication, basic account functionality, and features you choose to use (such as portfolios and watchlists).

Who We Are

Legal entity: TRINITY Trade LLC.

Scope

This Policy applies to our web application and APIs accessible through IRIS and related TRINITY services. It does not apply to third-party websites or services that we do not control.

Data We Collect

We aim to minimize data collection. Currently, we collect:

  • Account and authentication data: Firebase Authentication user identifier (UID), email, and login metadata. We store an HTTP-only session token to keep you signed in.
  • User-provided content: Portfolios, positions, watchlists, and any names/descriptions you create.
  • Service and security logs: Basic server logs (timestamps, IP address, user agent) to operate and secure the service.
  • Cookies: A secure, HTTP-only cookie for authentication. We do not use third‑party advertising cookies.
  • Analytics: Google Analytics for basic, anonymized user flow (for debugging and UX improvements, not for personal profiling). IP anonymization and privacy-preserving settings are used where supported.

We do not collect financial account numbers, government IDs, or sensitive categories unless you explicitly provide content in free‑text fields.

How We Use Data

  • Provide and improve the service: Authenticate users, render dashboards, fetch market/analysis data, and power portfolio features.
  • Security: Protect accounts, detect abuse, ensure availability and integrity.
  • Support: Respond to inquiries and troubleshoot issues.
  • Notifications: If enabled by you, store notification preferences and deliver alerts.
  • Analytics: Measure anonymized usage patterns to improve UX and reliability.
  • Performance of a contract: To provide core functionality you request.
  • Legitimate interests: To secure and improve our services.
  • Consent: For optional features (e.g., notifications) where required.
  • Compliance with laws: As necessary to comply with legal obligations.

Sharing & Processors

We do not sell your personal information. We share limited data with service providers (“processors”) that help us operate the platform:

  • Google Firebase Authentication (user authentication).
  • Google Cloud Platform (App Engine, Cloud Run, Cloud Tasks, Cloud Logging, BigQuery) for hosting, logs, and storage (primary region: us-central1).
  • TRINITY internal services (Atlas, Hermes, Athena, Dionysus) to provide market data, analysis, and portfolio features.
  • Google Analytics for anonymized usage analytics.

Processors are bound by contracts to process data only on our instructions and implement appropriate security measures.

Data Retention

We retain personal data only as long as necessary to provide the service or as required by law. By default:

  • Account data: Retained while your account is active.
  • User-provided content: Retained until you delete it or close your account.
  • Logs: Retained for approximately 60 days by default.

Security

We use encryption in transit (HTTPS/TLS) and at rest (cloud‑provider managed encryption). Authentication is powered by Firebase; session tokens are stored in secure, HTTP‑only cookies with appropriate SameSite and Secure attributes in production. Access to infrastructure is restricted to authorized personnel following least‑privilege principles.

Your Rights

Depending on your location, you may have rights to access, correct, delete, or port your data, as well as to object or restrict certain processing. You can also withdraw consent where processing is based on consent. California residents may have additional rights under the CCPA/CPRA. To exercise rights, contact us at info@trinitytrade.io. We will verify requests as required by law.

Children’s Privacy

Our service is intended for individuals 18 years of age or older and is not directed to children. We do not knowingly collect personal information from children under 18. If you believe a child has provided personal data to us, please contact us to request deletion.

International Transfers

Our infrastructure is hosted in us-central1 (United States) only. We endeavor to process and store data solely in this region.

Changes to This Policy

We may update this Policy from time to time. We will post the updated version with an effective date. If changes are material, we will provide additional notice where appropriate.

Contact Us

For questions or requests related to this Policy, contact: info@trinitytrade.io.

Ready to get started?

Create a portfolio, explore analysis, and manage risk with TRINITY.

Create Portfolio Explore Market