Last updated: July 2026
When you use TPS, we collect the following categories of information:
TPS uses Google Analytics 4 (GA4) to understand how users interact with the platform. GA4 collects anonymised usage data including page views, navigation paths, and custom events. Data is processed by Google LLC and stored on Google servers.
GA4 uses a first-party cookie (_ga) to distinguish unique users. You can opt out of GA4 tracking by installing the Google Analytics Opt-out Browser Add-on or by disabling cookies in your browser. See our Cookie Policy for details.
Authentication is handled by NextAuth.js using encrypted JWT sessions. When you sign in, a secure HTTP-only session cookie is set on your browser. This cookie is essential for using TPS and cannot be disabled without losing access to your account. Session tokens are signed with a server-side secret and expire after 30 days of inactivity.
Card and SBP payments are processed by YooKassa (LLC YooMoney, Russia). When you pay, you are redirected to or interact with YooKassa's payment interface. TPS receives a payment confirmation webhook from YooKassa but does not see or store your card details. YooKassa's privacy policy governs the data they collect during checkout.
For cryptocurrency payments, you transfer USDT on the TRC20 network and submit your transaction hash (TXID). TPS uses the TronGrid API to verify the transaction on the blockchain. The TXID and payment amount are stored in our database. Blockchain transactions are public and irreversible by nature.
TPS uses the following third-party infrastructure providers:
Resend
Transactional email delivery (account verification, password reset). Resend processes your email address to deliver messages on our behalf.
Neon PostgreSQL
Your account data, trade journal, and subscription records are stored in a PostgreSQL database hosted on Neon. Data is stored in the EU/US region.
Upstash Redis
Used for rate limiting on authentication endpoints (login, registration, password reset). Upstash stores only anonymised IP address hashes and request counts — no personal data.
Vercel
TPS is deployed on Vercel. Vercel may log request metadata (IP address, user agent) for infrastructure purposes. See Vercel's privacy policy for details.
OpenRouter / AI Provider
When you use AI Coach or AI analysis features, anonymised trade data is sent to an AI language model provider via OpenRouter. This data is used solely to generate your report and is not used to train models.
Your data is stored in a Neon PostgreSQL database managed via Prisma ORM. Passwords are hashed with bcrypt (cost factor 12) and never stored in plaintext. All communications use HTTPS/TLS. API endpoints are protected by rate limiting via Upstash Redis.
We apply industry-standard security practices. However, no internet-based system can guarantee 100% security. In the event of a data breach that affects you, we will notify you as required by applicable law.
We retain your data for as long as your account is active. If you delete your account, your personal data and trade history will be permanently deleted within 30 days. Payment records and transaction hashes may be retained for up to 7 years for tax and legal compliance purposes.
You have the right to:
TPS uses an essential HTTP-only session cookie for authentication and a first-party analytics cookie from Google Analytics 4. We do not use advertising or tracking cookies. See our Cookie Policy for a full breakdown.
TPS is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If we discover that a minor has registered, we will delete their account promptly.
We may update this Privacy Policy from time to time. Significant changes will be communicated via email or a notice in the app. Continued use of TPS after changes constitutes acceptance of the updated policy.
For privacy questions or data requests, contact us at support@tps.app.