Privacy Policy

Mindful Trading ("we", "us", or "our") operates the website at mindfultrading.manus.space and the Mindful Trading Chrome extension (together, the "Service"). This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using the Service you agree to the collection and use of information in accordance with this policy. If you do not agree, please discontinue use of the Service.

Account information. When you create an account via Manus OAuth we receive your name and email address. We store these to identify your account and communicate with you.

Trading rules (Playbook). Rules you create or import in the dashboard are stored on our servers so they can be synced across devices and to the Chrome extension. This data belongs to you and is never sold or shared with third parties.

Payment information. Payments are processed by Stripe. We do not store your card number, CVV, or full payment details on our servers. We retain only the Stripe Customer ID and Subscription ID needed to manage your subscription.

Usage data. We collect standard server logs (IP address, browser type, pages visited, timestamps) for security and performance monitoring. This data is retained for up to 90 days.

Chrome extension data. The extension operates locally in your browser. It reads the Robinhood order page only to display your pre-trade checklist. It does not read, store, or transmit your brokerage credentials, account balances, holdings, or order history to our servers.

• To provide, operate, and improve the Service
• To authenticate your account and manage your subscription
• To sync your Playbook rules between the web dashboard and Chrome extension
• To send transactional emails (subscription receipts, password resets)
• To respond to support requests
• To detect and prevent fraud or abuse

We do not use your data for advertising, and we do not sell or rent your personal information to any third party.

The website uses a single session cookie to keep you logged in. The Chrome extension uses chrome.storage.local to cache your rules locally for offline use. No third-party tracking cookies are set.

We share data with the following third parties only to the extent necessary:

• Stripe — payment processing (see stripe.com/privacy)
• Manus OAuth — authentication provider
• OpenAI — if you use the Chart Coach AI feature, your chart image is sent to OpenAI's API for analysis. No personally identifiable information is included in this request. See openai.com/privacy.

We do not share your data with analytics platforms, advertising networks, or data brokers.

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes (e.g., Stripe transaction records, which are retained for 7 years per financial regulations).

We use industry-standard security measures including HTTPS/TLS encryption in transit, hashed session tokens, and access controls on our database. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Export a copy of your data (data portability)
• Opt out of non-essential communications

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. For material changes, we will notify you via email or a prominent notice on the website at least 14 days before the change takes effect.

If you have questions about this Privacy Policy or how we handle your data, please contact us: