Privacy Policy

Last updated: 26 June 2026
Our current privacy practices This page describes how Hermetic Trader handles your data today, including the cookies and advertising tools we use to run and measure our ads. We keep it current as the product evolves and notify active subscribers of material changes. Questions: hello@hermetictrader.com.

1. What we collect

From you directly:

  • Account info: email address, password (hashed, never stored in plaintext)
  • Profile info: display name, optional handle, trading style, preferred contracts, time zone
  • Journal content: daily rituals, trade logs, notes, and anything else you enter into Vigil
  • Payment info: handled directly by Stripe — we do not see or store your card number; we receive only a customer reference (a Stripe customer ID) and subscription status

Collected automatically:

  • Standard server logs from our hosting providers (IP address, browser type, request timing). These exist for security and reliability monitoring.
  • Browser local storage used to keep you signed in and cache Vigil data offline.

We do not use session-recording tools, and we never use your journal content for advertising or model training. We do use limited advertising and measurement tools when we run ads — described in Section 7.

2. Where it's stored

Account data, profile data, and journal content live in Supabase (a managed Postgres service) in their US-East-1 region. Payment processing and card data are handled by Stripe (US). The marketing pages and Vigil itself are served via Cloudflare Pages (global CDN).

We do not sell your data or transfer it for resale. Operationally we share data with the providers needed to run the service (Supabase, Stripe, Cloudflare). When we advertise, a limited set of events may also be shared with advertising platforms such as Meta to measure and improve our ads — described in Section 7.

3. How we use it

  • To run the service: authenticating you, storing your journal, processing your subscription
  • To communicate: emails about your account, subscription, or material service changes
  • To measure our advertising: understanding which ads lead to visits, trials, and subscriptions, so we spend responsibly — see Section 7
  • To improve the product: aggregate, non-identifying patterns of usage may inform what we build next

We do not sell your data, ever. We do not use journal content for advertising, model training, or anything other than rendering it back to you.

4. How long we keep it

Account data is kept while your account is active and for a reasonable period after cancellation (in case you reactivate). If you request deletion, we remove your journal data and personally identifying profile information; we retain transactional records (billing history) as long as required by tax and accounting obligations.

5. Your choices

  • Access: you can see your profile and journal content directly in Vigil
  • Export: contact us and we'll provide a copy of your data
  • Correction: you can edit profile fields in Vigil settings
  • Deletion: email hello@hermetictrader.com to request account deletion
  • Cancellation: in Vigil settings, or via the Stripe customer portal

6. Security

Passwords are hashed by Supabase Auth (industry-standard bcrypt). Connections to the site and to Vigil are encrypted in transit (HTTPS). Payment data is handled by Stripe and never touches our servers. We try to follow reasonable security practices, but no online service is invulnerable — see also the limitation of liability in our Terms.

7. Cookies, local storage & advertising tools

Essential storage. We use browser local storage to keep you signed in and to cache Vigil's interface for performance. This is required for the app to work and is not used for advertising.

Advertising & measurement. When we run ads on platforms such as Meta (Facebook and Instagram), we use their measurement tools — including the Meta Pixel and the Conversions API — to understand whether our ads lead to visits, trials, and subscriptions, and to reach people with similar interests. These tools may set cookies and share a limited set of events (for example, a page view or a completed sign-up) with the platform. We do not share your journal content, your trade logs, or your password, and we never sell your data.

Your controls. You can manage ad personalization in your Meta account settings, and you can clear or block cookies through your browser. Where the law requires it — for example for visitors in the EU, the UK, or California — we honor applicable consent and opt-out requests before loading non-essential advertising tools. Meta's own data practices are described in its Privacy Policy.

If we add, remove, or change these tools, we'll update this policy and, where required, ask for your consent.

8. Children

Hermetic Trader is not intended for use by anyone under 18. We do not knowingly collect data from minors. If we learn that we have, we will delete it.

9. Changes

This policy will be updated when the service changes meaningfully or when a more formal version is reviewed by counsel. Material changes will be communicated to active subscribers.

10. Contact

Privacy questions, data access or deletion requests, or anything else: hello@hermetictrader.com.