Privacy Policy
Last updated: July 13, 2026
This Privacy Policy explains what personal data AlphaFlow ("we", "us") collects when you use our website and application, why we collect it, and how we protect it. If you have questions, email hello@alphaflowtrade.com.
1. Data We Collect
Account data
When you sign up, we collect your email address and password (hashed). If you sign in with an OAuth provider such as Google, we receive the basic profile fields you authorize (name, email, avatar). We may also store a display name you set.
Your Content
We store the blueprints, notes, and settings you create in AlphaFlow so we can render them when you return.
Billing data
If you subscribe, our payment processor (Stripe) collects and processes your payment details. We never see or store your full card number. We store a customer identifier and subscription status so we can grant the correct entitlements.
Usage and analytics
We collect basic product analytics — pages viewed, features used, device and browser type, approximate location derived from IP — to understand how the Service is used and to improve it. We do not sell this data.
Communications
If you email us or reply to a transactional email, we retain those messages so we can support you.
2. How We Use Data
- To provide and maintain the Service (authenticate you, save your work, serve your blueprints).
- To process payments and manage subscriptions.
- To send transactional emails (sign-up confirmation, security alerts, receipts).
- To send product updates you have opted into. You can unsubscribe from any marketing email at any time.
- To improve the Service through aggregated analytics.
- To detect, prevent, and address fraud and abuse.
3. Legal Bases (GDPR)
We process personal data on the basis of (a) the contract we have with you as a user, (b) our legitimate interests in operating and improving the Service, (c) your consent where required (for example, optional marketing), and (d) compliance with legal obligations.
4. Where Data is Stored
Account data, blueprints, and application data are stored using Supabase, our backend infrastructure provider, on servers operated within regions selected for that provider. Data may be transferred to and processed in jurisdictions where our processors operate. We rely on standard contractual clauses where required.
5. Sub-processors
- Supabase — database, authentication, storage.
- Stripe — payment processing.
- Cloudflare — hosting, CDN, DDoS protection.
- Email delivery providers — sending transactional email.
- Analytics providers — aggregated product analytics.
6. Cookies
We use strictly necessary cookies to keep you signed in and to remember preferences. We may use analytics cookies to measure usage. You can control cookies through your browser settings; disabling strictly necessary cookies may break parts of the Service.
7. Your Rights
Subject to your local law, you have the right to access, correct, delete, restrict, or export your personal data, and to object to certain processing. Email hello@alphaflowtrade.com to exercise these rights. You may also delete your account from the Settings page, which removes your account and blueprints.
8. Data Retention
We retain personal data for as long as your account is active and for a limited period afterwards to meet legal, accounting, and fraud-prevention obligations. Backups are rotated on a rolling basis.
9. Security
We use encryption in transit (TLS), encrypted storage, hashed passwords, and role-based access controls. No system is perfectly secure — if you believe your account has been compromised, contact us immediately.
10. Children
The Service is not directed to children under 18 and we do not knowingly collect data from them.
11. Changes
We may update this policy. Material changes will be announced in-app or by email.
12. Contact
Email hello@alphaflowtrade.com.
