Type something to search...
to navigateto selectESC to close

Privacy Policy

Last Updated: April 12, 2026

This Privacy Policy explains how CandleTrainer (“we”, “us”, “our”) collects, uses, discloses, and safeguards personal data when you use our website, applications, and related services (collectively, the “Services”).

By using the Services, you acknowledge the practices described in this Policy.

1. Scope

This Policy applies to:

  • Website visitors
  • Registered users
  • Trial and paid subscribers
  • Individuals who contact support or participate in events

This Policy does not apply to third-party websites, brokers, exchanges, or apps that integrate with our Services.

2. Data We Collect

We may collect the following categories of data:

A. Account and Identity Data

  • Name, email, username, profile details
  • Authentication credentials (hashed/encrypted)
  • Subscription status and plan information

B. Device and Technical Data

  • IP address, browser type, OS, device identifiers
  • Crash logs, diagnostics, and performance telemetry
  • Access timestamps and session records

C. Usage and Product Interaction Data

  • Feature usage, training activity, and preferences
  • Interface settings (language, theme, layout)
  • Clickstream and behavioral analytics

D. Payment and Billing Data

  • Billing address, invoice metadata, transaction status
  • Payment token references from payment processors

We do not store full card numbers or card security codes.

E. Market/Strategy Related Metadata

  • Connected account metadata, API permission scope, execution logs
  • Strategy configuration metadata and training outputs

Unless explicitly required for a hosted feature, we do not collect private keys.

F. Communications

  • Support tickets, feedback, survey responses, and email communications

3. Sources of Data

We collect data:

  • Directly from you
  • Automatically through your use of the Services
  • From service providers (for example, payment, analytics, cloud, and fraud-prevention vendors)
  • From integrations you authorize

4. Why We Use Data

We use personal data to:

  • Provide and operate the Services
  • Authenticate users and secure accounts
  • Process payments and manage subscriptions
  • Improve performance, reliability, and product quality
  • Detect abuse, fraud, unauthorized access, and policy violations
  • Communicate service updates, security notices, and support responses
  • Comply with legal, regulatory, and audit obligations

Depending on your location, we rely on one or more legal bases:

  • Performance of a contract
  • Legitimate interests (such as security, analytics, and product improvement)
  • Consent (for specific optional processing)
  • Compliance with legal obligations

6. Cookies and Similar Technologies

We use cookies and local storage for:

  • Authentication and session continuity
  • Preferences and user experience
  • Analytics and performance measurement
  • Security and abuse prevention

You can manage cookie settings through your browser. Disabling certain cookies may reduce Service functionality.

7. Sharing and Disclosure

We do not sell personal data.

We may disclose data to:

  • Infrastructure and cloud hosting providers
  • Payment processors and billing providers
  • Customer support, analytics, and communication vendors
  • Compliance, legal, and audit partners when required
  • Corporate transaction counterparties (for example, merger or acquisition), subject to confidentiality protections

All disclosures are limited to what is reasonably necessary.

8. International Data Transfers

Your data may be processed in countries different from your residence. Where required, we implement safeguards such as contractual protections and security controls for cross-border transfers.

9. Data Retention

We retain personal data only as long as necessary for:

  • Service delivery and account administration
  • Security and fraud prevention
  • Financial recordkeeping and legal compliance
  • Dispute resolution and enforcement of agreements

Retention periods vary by data category and legal requirements.

10. Security Measures

We maintain administrative, technical, and organizational safeguards, including:

  • Encryption in transit (for example TLS) and encryption at rest for sensitive records
  • Access control, least-privilege policies, and credential protection
  • Security monitoring, logging, and anomaly detection
  • Backup and incident response procedures

No system can be guaranteed 100% secure, but we continuously improve safeguards.

11. Your Rights and Choices

Depending on applicable law, you may have the right to:

  • Access and receive a copy of your personal data
  • Correct inaccurate data
  • Delete certain data
  • Restrict or object to certain processing
  • Withdraw consent (where processing relies on consent)
  • Request data portability

To exercise rights, contact: support@candletrainer.com.

We may need to verify your identity before processing a request.

12. Children

The Services are not intended for children under the age required by applicable law in your jurisdiction. We do not knowingly collect personal data from children without required legal authorization.

13. Third-Party Services

Our Services may contain links to or integrations with third-party services. Their privacy practices are governed by their own policies, not this Policy.

14. Policy Updates

We may update this Policy from time to time. For material changes, we will provide notice through the website, in-product notification, or email where appropriate.

Your continued use of the Services after the effective date means you accept the updated Policy.

15. Contact

If you have privacy questions, requests, or complaints, contact us at:

support@candletrainer.com