Privacy Policy

Axiont ("we", "us") is a trading journal and discipline tool operated from the European Union. This policy describes what personal data we collect when you use the Axiont app at axiont.app, why we collect it, how long we keep it, and the choices you have.

What we collect

• Account data: email address, display name, time zone, and the encrypted password Supabase manages for authentication.
• Trading data:trades you log manually or sync from your MT5 terminal — symbol, direction, entry/exit, P&L, attached notes, screenshots, setup tags. Linked broker account identifiers (MT5 login + server) so we can associate incoming EA heartbeats.
• Billing data: if you subscribe, Stripe processes your payment details. We store only the Stripe customer id, subscription status, and plan tier — never your card number.
• Support communications: bug reports and help requests you submit, including any screenshots you attach.
• Technical logs: standard request logs (IP, user agent, timestamp) retained for security + debugging for up to 30 days on Vercel. EA telemetry logs (heartbeats) up to 90 days.

Why we collect it

• To provide the app you signed up for — the journal, analytics, discipline engine.
• To bill you (Stripe). Legal basis: contract performance.
• To send essential service emails (signup, password reset, payment receipts, support replies). Legal basis: contract performance + legitimate interest.
• To investigate suspected abuse or to defend against legal claims. Legal basis: legitimate interest.

Who sees your data

• Axiont staff with a back-office role (owner, admin, support, viewer) can view user account metadata, plan status, and bug reports for support purposes. Every staff action is recorded in an append-only audit log.
• Sub-processors: Supabase (EU, database + auth + storage), Stripe (EU/US, billing), Resend (US, transactional email), Vercel (US, hosting + logs). We do not sell data, do not share it with advertisers, and do not aggregate it into public leaderboards.

How long we keep it

• Account + trading data: for the life of your account, plus up to 30 days after deletion for backup rotation.
• Billing records: 7 years (accounting law).
• Support emails: 2 years.
• Request logs: 30 days.

Your rights (GDPR)

• Access — request a copy of your data.
• Rectification — correct inaccurate data.
• Erasure — delete your account at any time from Settings → Danger Zone. The deletion cascades through every table and storage bucket.
• Portability — export your trade history as CSV at any time.
• Objection — contact us if you disagree with our processing.

To exercise any of these, email msftfx@gmail.com. We respond within 30 days.

Cookies

We use first-party cookies only for authentication (a session token managed by Supabase). No third-party analytics cookies, no advertising cookies.

Changes

We'll update the "Effective" date at the top when this policy changes, and email any substantive update to all active users.

Contact

msftfx@gmail.com. For formal GDPR requests include "GDPR" in the subject line.