[ KRUX · PRIVACY ]Privacy policyLast updated 2026-05-14
[ ← BACK ]KRUX collects the minimum data needed to run the product. We don't resell data, we don't see your broker credentials, and we don't see your real-time market data — that flows through your machine, not ours.[ 01 · WHAT WE COLLECT ]Account-level: email, display name, hashed password (or OAuth subject ID), profile preferences (theme, layouts, watchlists, saved drawings, alerts).Billing-level (Pro tier only): name, billing email, last 4 digits of card, billing country — collected and stored by Stripe. KRUX never sees your full card number.Analytics: anonymised page views, click events, error logs. Tracked via PostHog with EU-region storage. No fingerprinting beyond standard session identification.
[ 02 · WHAT WE DON'T COLLECT ]• Your broker credentials — they stay on your machine• Real-time market data — it passes through, never persisted• Your trade history from your broker• Your account balance, P&L, or positions
[ 03 · DATA PROCESSORS ]Supabase: account auth + database (EU region).Stripe: billing.Resend: transactional email (magic links, alerts, receipts).PostHog: product analytics + error tracking (EU region).Vercel: web hosting + edge middleware.Cloudflare: DNS + tunnel for the chart data path.
[ 04 · YOUR RIGHTS ]Under GDPR, UK DPA 2018, CCPA, and similar regimes:• Right to access — export everything we hold on you• Right to delete — purge your account + all derived data• Right to rectify — correct anything we've got wrong• Right to portability — receive data in JSON / CSVBoth export and deletion are user-initiated from /settings → Danger. Deletion is irreversible — your data is purged from primary storage immediately and from backups within 30 days.
[ 05 · COOKIES + TRACKING ]KRUX uses Supabase Auth session cookies (`sb-*`) to keep you signed in. That's required for the product to work.PostHog uses a session-level identifier (no fingerprinting, no third-party cookies). EU users get consent prompts where required.Stripe sets a billing cookie when you reach a checkout surface. You can decline; checkout won't function without it.
[ 06 · CONTACT ]Privacy questions, data requests, or complaints: privacy@krux.soWe respond within 5 working days. UK / EU residents can escalate to the ICO (UK) or your national supervisory authority (EU).