Legal
1. Controller: The controller for data processing on https://hiddenticks.com and within the HiddenTicks web application is HiddenTicks, c/o POSTFLEX PFX-981-823, Emsdettener Straße 10. Privacy inquiries can be sent to legal@hiddenticks.com.
2. Scope of the service: HiddenTicks is a web-based trading practice platform with hidden historical market scenarios, user accounts, billing workflows, training statistics, administration features, and the technical security and documentation processes required to run the service.
3. Categories of data: Depending on how you use the service, we process account data such as email address and display name, authentication data, contract and billing data, training and session data, technical usage data, security and log data, communication data, and consent and audit records.
4. Legal bases: Processing required for registration, platform delivery, contract performance, invoicing, and support is generally based on Article 6(1)(b) GDPR. Statutory retention and compliance records may rely on Article 6(1)(c) GDPR. Security, abuse prevention, and service stability may rely on Article 6(1)(f) GDPR. Non-essential cookies and marketing communication require consent under Article 6(1)(a) GDPR and Section 25 TDDDG where applicable.
5. Registration and account: When you register, log in, verify your email, or request a password reset, we process the account and security data required to provide and protect your user account.
6. Systems used: HiddenTicks uses Supabase for authentication, database operations, and access control, Stripe for checkout, subscriptions, invoices, and the billing portal, and IONOS SMTP for transactional emails such as registration and security messages. Additional operational systems may include hosting, monitoring, and support tooling where legally required.
7. Training, replay, and analytics data: We store training sessions, replay scenarios, trades, metrics such as R-multiples, status and timing data, and the derived dashboard and history metrics needed to restore your training progress and provide personal performance analysis.
8. Billing data: HiddenTicks does not store full payment card details. We only store the Stripe-related information required for contract administration, such as customer identifiers, subscription status, invoice references, service periods, status changes, and approved manual access overrides.
9. Cookies, local storage, and consent: HiddenTicks uses essential cookies and similar storage for login state, session security, CSRF protection, consent management, and interface preferences. Non-essential categories such as analytics or marketing are only used if valid consent has been granted. Your choice is documented with a timestamp and version reference and can be changed at any time via the cookie preferences link in the footer.
10. Security logs and login events: To protect the platform, login attempts, role changes, admin actions, user-agent information, and hashed IP-related data may be logged. This helps us detect abuse, harden the system, and audit security-relevant activity.
11. Recipients and international transfers: Data is only shared with recipients who need it to deliver the service, especially hosting, authentication, database, payment, email, and support providers. If a transfer to a third country takes place, it will only happen on the basis of appropriate safeguards such as Standard Contractual Clauses or another lawful transfer mechanism.
12. Retention: Personal data is stored only as long as necessary for contract performance, account operation, security, support, legal defense, or statutory obligations. Training data is deleted or anonymized once it is no longer required for these purposes. Invoice and tax-related records may need to be retained longer due to statutory retention periods.
13. Your rights: Subject to the legal requirements, you have the right to access, rectify, erase, restrict processing, receive your data, and object to certain processing. You may withdraw consent for the future at any time. You also have the right to lodge a complaint with a competent supervisory authority.
14. Contact: Please send privacy-related inquiries to legal@hiddenticks.com. For general support use support@hiddenticks.com; for billing questions use billing@hiddenticks.com.
15. No investment advice: HiddenTicks is strictly a training and simulation product. We do not make automated investment decisions or legally binding scoring decisions based on your training data.
16. Updates: This Privacy Policy will be updated whenever new features, service providers, legal bases, or regulatory requirements make this necessary. The version published on the website is the governing version.