Privacy Policy | MetriNote

1. Introduction

MetriNote ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our trading journal application and website (collectively, the "Service").

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Personal Information

When you create an account, we collect:

Email address
Phone number (required for identity verification via SMS)
Name (if provided)
Profile information you choose to add

Payment Information

When you subscribe, payment is processed by Stripe. We do not store your credit card number, CVV, or full card details on our servers. Stripe handles all payment data in accordance with PCI-DSS standards. We store only your Stripe customer ID and subscription status to manage your account.

Verification Information

During phone verification, we collect your phone number and IP address. Phone numbers are checked against our records to prevent duplicate trial accounts. IP addresses are logged for fraud prevention purposes only.

Trading Data

To provide our journaling service, we collect trading information you enter, including:

Trade details (instrument, entry/exit prices, dates, P&L)
Journal notes and reflections
Psychology data (mood, energy levels, emotions)
Screenshots you upload
Custom tags, playbooks, and rules

Automatically Collected Information

We automatically collect certain information when you use the Service, including your IP address, browser type, device information, and usage patterns. This helps us improve the Service and troubleshoot issues.

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve the Service
Calculate your trading statistics, MetriScore, and analytics
Process payments and manage your subscription
Verify your identity via phone number to prevent abuse
Send you important updates about the Service
Respond to your support requests
Detect and prevent fraud or abuse
Comply with legal obligations

4. Data Security

We implement industry-standard security measures to protect your data:

Row Level Security (RLS) on all database tables - users can only access their own data, enforced at the database level
Email verification required for all accounts
Phone verification via SMS required to start a trial, preventing duplicate accounts
Rate limiting on authentication to prevent brute force attacks
CAPTCHA protection on signup and login
Email authentication with strict DMARC, SPF, and DKIM policies
Encryption at rest and in transit via our cloud infrastructure (built on AWS)

We do not connect to brokerages or trading platforms - your trading account credentials are never involved. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

5. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

Stripe (Payment Processing): When you subscribe, Stripe processes your payment and stores your billing information. Stripe's privacy policy governs how they handle your payment data
Twilio (Phone Verification): Your phone number is sent to Twilio to deliver SMS verification codes. Twilio acts as a data processor and does not use your phone number for marketing. Your phone number is not shared with any other third party
Cloud Infrastructure: Our application and database are hosted on secure, industry-standard cloud infrastructure (AWS-based). Your data is encrypted at rest and in transit
Hosting Provider: Our web application is served through a hosting provider that processes web requests but does not access your stored data
Legal Requirements: We may disclose information if required by law or in response to valid legal requests
Business Transfers: If MetriNote is involved in a merger or acquisition, your information may be transferred as part of that transaction

6. Your Rights

You have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your data
Export your trading data
Withdraw consent for optional data processing

To exercise these rights, please contact us at support@metrinote.com.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or legitimate business purposes.

8. Phone Number Usage

Your phone number is collected solely for account verification purposes. We will never call you, send marketing texts, or share your phone number with third parties for any purpose other than identity verification. Your phone number is stored securely and is not visible to other users.

9. Cookies and Analytics

We use essential cookies only to maintain your session and remember your preferences. We do not use tracking cookies, advertising cookies, or third-party analytics that collect personal data.

We use privacy-focused analytics for basic page view statistics. This does not collect personal information, track individual users, or share data with third parties. This is why you won't see a cookie consent banner on our site - there's nothing to consent to.

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

12. Business Location

MetriNote is based in Pennsylvania, United States. Your data is subject to US data privacy laws.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: support@metrinote.com