Legal
Last updated: June 2026 · Applies to all PayoutGuard users globally
PayoutGuard ("we," "our," or "us") respects your privacy. This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights regarding your personal data. We are committed to transparency and to handling your data responsibly.
We collect several categories of information in connection with your use of our Service:
When you register for an account, we collect your name, email address, and a hashed version of your password. If you sign up using a third-party OAuth provider (such as Google), we receive the information that provider shares with us, typically your name and email address.
To provide the core risk management functionality, we collect and store data you input into the platform, including: your trading account configurations, risk rule parameters (such as daily loss limits and drawdown thresholds), trade data synchronized from connected broker accounts (including open and closed positions, profit/loss figures, and account equity), and webhook endpoint configurations. This data is essential to delivering the Service and is not shared with third parties except as described in this policy.
We do not directly collect or store your credit card or payment card details. All payment processing is handled by Stripe, a PCI-DSS-compliant third-party payment processor. We receive from Stripe only non-sensitive billing information such as your subscription status, billing frequency, the last four digits of your card, and payment history. For Stripe's privacy practices, please review their privacy policy at stripe.com/privacy.
We automatically collect certain technical information when you use the Service, including: your IP address, browser type and version, operating system, referring URLs, pages visited, time spent on pages, and actions taken within the platform. This data is used for security monitoring, debugging, and improving the user experience. We do not sell or share this data with advertising networks.
When you contact us for support or via email, we retain a record of that correspondence including your contact details and the content of your messages, so that we can respond to and track your inquiry.
We use the information we collect for the following purposes:
We will not use your personal information for purposes other than those described in this policy without your prior consent, except where required by law.
Your data is stored on servers managed by Supabase, which uses PostgreSQL as its database engine. Supabase operates on infrastructure hosted by AWS (Amazon Web Services) in the United States. All data stored in our database is encrypted at rest using industry-standard AES-256 encryption. All data transmitted between your browser and our servers is protected using TLS 1.2 or higher (HTTPS).
We implement a range of technical and organizational security measures designed to protect your personal data, including: access controls limiting which personnel can access production data, automated security monitoring and alerting, regular security reviews and dependency audits, and row-level security (RLS) policies enforced at the database layer to ensure users can only access their own data.
Supabase maintains compliance with SOC 2 Type 2 standards. Our hosting provider, Vercel, is also SOC 2 compliant. We regularly review the security practices of our subprocessors to ensure they maintain appropriate protections.
Despite our best efforts, no method of transmission over the internet or method of electronic storage is 100% secure. If you have reason to believe that your interaction with us is no longer secure, please notify us immediately at support@payoutguard.us.
We share your data with the following third-party service providers solely to the extent necessary to deliver the Service. These providers act as data processors on our behalf and are contractually obligated to protect your data:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing & subscription management | Email, billing info (no card numbers stored by us) |
| Supabase | Database hosting & authentication | All account and trading data |
| Vercel | Application hosting & CDN | IP addresses, request logs |
| Resend | Transactional email delivery | Email address, email content |
We do not sell, rent, or trade your personal data to any third party for their own marketing or commercial purposes. We will not disclose your data to law enforcement or government entities except where required to do so by law or valid legal process.
We use cookies and similar tracking technologies on a minimal, functional basis. We do not use advertising cookies, tracking pixels from social media networks, or behavioral targeting technologies.
The cookies we use include:
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, disabling functional cookies may cause portions of the Service to not function correctly.
We retain your personal data for as long as your account remains active or as needed to provide you with the Service. Specifically:
Depending on your location, you may have the following rights with respect to your personal data. We honor these rights regardless of where you are located:
Right of Access
You may request a copy of the personal data we hold about you at any time.
Right to Rectification
You may request that we correct any inaccurate or incomplete personal data we hold about you.
Right to Erasure
You may request that we delete your personal data. We will honor this request subject to any legal retention obligations.
Right to Data Portability
You may request an export of your data in a machine-readable format (CSV or JSON).
Right to Restrict Processing
You may request that we limit the ways in which we use your personal data in certain circumstances.
Right to Object
You may object to our processing of your data in certain circumstances, including for direct marketing purposes.
CCPA Rights (California)
California residents have the right to know what data is collected, to opt out of sale (we do not sell data), and to non-discrimination.
GDPR Rights (EU/EEA)
If you are located in the EU or EEA, you have additional rights under the General Data Protection Regulation, including the right to lodge a complaint with your supervisory authority.
To exercise any of these rights, please contact us at support@payoutguard.us. We will respond to all valid requests within 30 days. We may need to verify your identity before processing your request.
A core part of the Service relies on automated processing. PayoutGuard continuously evaluates the trading rules and parameters you configure against your synchronized account data and, when a threshold is met, automatically takes risk actions — such as flattening a position, blocking a new order, or locking your account — without human review at the moment of action. We also compute behavioral metrics, such as a "tilt" score derived from your trading patterns, to power risk warnings.
This automated processing is necessary to deliver the service you have signed up for; without it, the platform could not perform its core risk-management function. The logic is rule-based and operates around the limits and settings you choose. We do not use your personal data for automated decisions unrelated to these risk-management functions, and we do not use it for advertising, credit, employment, or similar profiling.
If you are located in the EU/EEA or United Kingdom, the GDPR gives you rights regarding decisions based solely on automated processing that produce significant effects. You may contact us at support@payoutguard.us to obtain meaningful information about the logic involved, to express your point of view, to contest a decision, or to request human review, subject to applicable law. You can also adjust or disable your rule settings, or disconnect the agent from your trading platform, to change or stop automated actions at any time.
The Service is intended solely for users who are 18 years of age or older. We do not knowingly collect, solicit, or process personal data from individuals under the age of 18. Trading in financial markets requires legal adulthood in virtually all jurisdictions, and use of the Service is conditioned on meeting this age requirement.
If we become aware that we have inadvertently collected personal data from a person under 18, we will promptly delete such information from our records. If you believe we may have any data from or about a minor, please contact us immediately at support@payoutguard.us.
PayoutGuard is operated in the United States. If you access the Service from a location outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where our servers are located and our central database is operated. Data protection laws in the United States may differ from those in your country.
For users in the European Economic Area (EEA), United Kingdom, or Switzerland: By using the Service, you consent to the transfer of your personal data to the United States. We take appropriate safeguards to ensure that your personal data remains protected in accordance with this Privacy Policy and applicable law, including by relying on Standard Contractual Clauses (SCCs) where required under GDPR for transfers to our subprocessors.
If you have concerns about cross-border data transfers, please contact us at support@payoutguard.us and we will work to address your concerns.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this policy, we will provide notice by updating the "Last Updated" date at the top of this page and by sending an email notification to the address associated with your account.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data. Your continued use of the Service following the posting of changes constitutes your acceptance of those changes.
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact our privacy team:
We are committed to resolving any privacy-related complaints promptly. If you are not satisfied with our response, and you are located in the EU, you have the right to lodge a complaint with your local data protection authority.