PropMind sits between you and your broker. That puts us in a position to see things that matter — your trades, your losses, your journal entries about why you took the trade you shouldn't have. We take that seriously.
This policy explains exactly what we collect, exactly who else we let near it, and exactly what we will and won't do with it. If anything below isn't clear, ask us before you sign up.
01Summary in plain language
The honest version, in five lines:
- We collect what we need to run PropMind: your email, your trading data through APIs you authorise, the rules and journal entries you create, and basic device info.
- We don't sell your data. We don't share it with advertisers. We don't use it to train AI models that other customers can query.
- We use a small set of named subprocessors — Stripe, MetaApi, Resend, Cloudflare, Anthropic, Sentry — to deliver specific parts of the service. Each one is listed below with what they see.
- You can export everything, delete your account, withdraw consent for the AI coach, and ask us what we hold on you. We answer within 30 days.
- We hold your data on servers in the European Union and the United States, and we encrypt sensitive fields (broker credentials, journal screenshots) at rest.
The sections below are the precise version of the same thing.
02Who is the data controller
PropMind Technologies (Addis Ababa, Ethiopia) is the controller of personal data processed through the PropMind service. For users in the European Economic Area and the United Kingdom, PropMind acts as a controller in the meaning of the GDPR and the UK GDPR.
You can reach our privacy team at privacy@propmind.app, and our data protection officer at dpo@propmind.app.
03What we collect, and why
Account data
Email, password (stored as an argon2 hash — we never see your clear-text password), display name if you set one, two-factor authentication secret (encrypted), preferred timezone, and the email-verification + login timestamps we need for account security. Legal basis: performance of the contract.
Trading account data
When you connect a broker, we receive — through MetaApi or the broker's API — your account number, account balance, open positions, trade history, and live equity. We do not see your broker password; you enter it directly on the integration provider's page. We store the encrypted integration token, not the password. Legal basis: performance of the contract.
Rules, journal, and content you create
Every rule you configure, every journal entry you write, every screenshot you upload, every conversation with the AI coach. Screenshots are encrypted at rest on Cloudflare R2. Journal text is stored in our primary PostgreSQL database alongside your trades. Legal basis: performance of the contract.
Billing data
The fact that you have a subscription, the tier, the billing interval, the renewal date. We do not store card numbers. Card data is collected and held by Stripe under their PCI-compliant infrastructure. For crypto, we store the transaction hash and the pay-from currency, never the private key. Legal basis: performance of the contract and legitimate interest in operating a paid service.
Usage and device data
IP address, browser user-agent, the pages you visit inside PropMind, the timestamps of your sessions, and any errors your browser hits while using the app. We keep this for 90 days for operational debugging and security, then it ages out of our logs automatically. Legal basis: legitimate interest in keeping the service available, secure, and improving.
Communications
If you email us at hello@propmind.app or any of our other addresses, we keep the message and our reply for as long as we need to resolve your case and for two years after, for audit and tax purposes. Legal basis: legitimate interest in operating support.
04How we use your data
We use the data above to do the following — and nothing else unless we ask you first or are required to by law:
- Run the rule engine on your live trades and decide whether to send a warning, render a lockout, or instruct your broker.
- Render your dashboard, your journal, your analytics, your morning briefing.
- Generate AI coach responses by sending the relevant portion of your trading history and journal context to our AI inference provider (see Section 07).
- Send you transactional emails — verification, trial reminders, billing receipts, security alerts. You cannot opt out of transactional email while you have an active account; you can cancel the account to stop them.
- Charge you for paid subscriptions and run refunds when requested.
- Detect abuse, fraud, and security incidents, and respond to them.
- Comply with legal obligations, including tax and accounting recordkeeping, and lawful requests from competent authorities.
- Analyse your own trading history for behavioural patterns (for example, losing more often after a run of consecutive losses) in order to suggest guardrail rules tailored to you. These are suggestions only — a rule is never created or enforced unless you accept it. See Section 05.
- Improve the service in aggregate — for example, looking at which rules fire most often across the user base to refine defaults. This kind of analysis is always on de-identified, aggregated data.
05AI coach: what flows, what doesn’t
When you use the AI coach, the following gets sent to our AI inference provider (currently Anthropic, model family Claude 4):
- The text of your message.
- A summarised window of your recent trading activity — the specific trades the message references, your current rule configuration, your tilt score, and your last few journal entries.
- The prior turns of the same conversation.
The provider responds, we display the answer in the app, and we store both the prompt and the answer in your account so your next session has context.
We have contractually disabled prompt and response logging for model-training on our inference provider account. Your AI coach conversations are not used to train Anthropic's or anyone else's models. You can delete a conversation at any point and it is removed from our database within 30 days.
You can permanently disable the AI coach for your account from Settings → Privacy. Once disabled, we delete all stored AI coach conversations within 30 days and stop sending anything to the inference provider.
Automated behavioural analysis for rule suggestions
Separately from the chat coach, PropMind runs a periodic analysis of your own trading history to spot risk patterns — for instance, that you lose disproportionately often on trades taken right after a string of losses, or that a small number of days account for an outsized share of your losses. Where a pattern is clear, we use it to propose a tailored guardrail rule (such as a pause after a number of consecutive losses, or a daily-loss alert), with the reasoning and the supporting numbers shown to you. This analysis uses your trades and our AI inference provider; the same contractual no-training protection above applies.
These are recommendations, not automated decisions. PropMind never creates, changes, or enforces a rule from this analysis on its own — a proposed rule does nothing until you choose to accept it, and you can adjust or decline it. Accepted rules start in alert-only (“soft”) mode. We keep an internal record of what was proposed and whether you accepted it so we can review and improve the suggestions. If you no longer want PropMind analysing your trading to suggest rules, email privacy@propmind.app and we will switch the suggestions off for your account.
07Our subprocessors
These are the third parties who process personal data on our behalf. Each one is named, scoped, and located, so you can audit our supply chain.
| Subprocessor | What they handle | Where they process it |
|---|---|---|
| MetaApi (Agiliumlabs OÜ) | Broker handshake for MT4 / MT5 accounts; receives your broker login, account number, trade history. | European Union |
| Stripe, Inc. | Card and wallet payments; receives your billing email, country, card information. | United States, with EU data residency available |
| NOWPayments | Crypto payments; receives the invoice metadata, the pay-from wallet (post-payment), and the transaction hash. | European Union |
| Resend, Inc. | Transactional email delivery; receives your email address and the rendered message. | United States |
| Cloudflare, Inc. (R2) | Object storage for journal screenshots and other binary attachments, encrypted at rest. | Global edge network, primary region EU |
| Anthropic, PBC | AI coach inference; receives the prompt and trading context for each AI coach turn. Training disabled by contract. | United States |
| Functional Software, Inc. (Sentry) | Error monitoring; receives stack traces and the URL of the page where an error occurred. Personally-identifying request bodies are scrubbed on the way out. | United States, EU region available |
| Hetzner / AWS | Application hosting and managed PostgreSQL; stores everything else. | European Union (Falkenstein, Frankfurt) |
We update this list when we add or remove a subprocessor. Active subscribers can subscribe to the change feed by emailing privacy@propmind.app with the subject line subprocessor-changes.
08International data transfers
Several subprocessors are located in the United States. When personal data leaves the European Economic Area we rely on the European Commission's Standard Contractual Clauses, plus supplementary technical measures (encryption in transit, encryption at rest, minimum-necessary scoping) to give that data a level of protection equivalent to what it would receive inside the EEA.
You can request a copy of the SCCs we have in place by emailing dpo@propmind.app.
09How long we keep things
| Category | Retention |
|---|---|
| Account profile, rules, journal, trade history | For the life of your account. Deleted within 30 days of account deletion. |
| AI coach conversations | For the life of your account. Deleted within 30 days of deletion or of you disabling the AI coach. |
| Broker credentials (encrypted token) | Until you disconnect that broker. Then deleted within 72 hours. |
| Login + access logs | 90 days, then aggregated and the raw records purged. |
| Billing records (invoices, receipts) | 7 years, to comply with tax and accounting law. This is the only category we cannot delete on request. |
| Support email threads | 2 years from the last message in the thread. |
| Admin audit log (actions taken on your account by us) | 7 years. Append-only by database trigger — cannot be rewritten, only read. |
10Security
We take the security of the data you trust us with seriously. Concrete controls:
- All traffic to and from propmind.app and api.propmind.app is TLS-encrypted. Certificates are managed by Cloudflare and renewed automatically.
- Passwords are stored as argon2id hashes. We never log or transmit plaintext passwords.
- Broker credentials and 2FA secrets are encrypted at rest using AES-256-GCM with keys held in a managed secrets store. They are decrypted in memory only at the moment of use.
- Admin access to the production database requires hardware two-factor authentication and is logged to an append-only audit table enforced at the database level — even an administrator cannot rewrite that log.
- Backups run daily and are retained for 30 days. Backups are encrypted with a separate key and stored in a different geographical region.
- We monitor for unauthorised access via Sentry, structured logs, and an internal anomaly alert. In the event of a breach affecting personal data, we will notify affected users within 72 hours of becoming aware of it, per GDPR Article 33.
12Your rights
You have the following rights over the personal data we hold about you, regardless of where you live. Some are stronger in some jurisdictions; we extend them to everyone:
- Access — ask us for a copy of everything we hold on you. We return a machine-readable export within 30 days.
- Correction — fix anything inaccurate. Most fields you can edit yourself from Settings; for the rest, email us.
- Deletion — delete your account and the data it contains. Some billing records are retained for tax law, as noted in Section 09.
- Portability — get your data in a structured, common, machine-readable format (we export JSON + CSV).
- Restriction — ask us to stop processing your data temporarily while a complaint or correction is being handled.
- Objection — object to processing we do under a legitimate-interest basis. We respect this unless we have an overriding lawful reason not to (e.g. fraud investigation).
- Withdraw consent — for anything you have opted into separately (the AI coach, optional analytics), pull that consent back from Settings → Privacy at any time.
- Complain to a supervisory authority — EEA / UK users may complain to their national data protection authority. We'd appreciate it if you tell us first so we can fix the issue, but you don't have to.
To exercise any of these rights, email privacy@propmind.app from the email address on your account. We may ask one follow-up question to verify it's really you.
13Children
PropMind is for adults trading their own or a prop firm's capital. The service is not directed at, and we do not knowingly collect personal data from, anyone under 18 years old. If you believe a minor has created an account, email us at privacy@propmind.app and we will delete it.
14Changes to this policy
We may update this policy. The date at the top always reflects the most recent change. For substantive changes that expand the scope of data we collect, the purposes we use it for, or the subprocessors we share it with, we will notify you by email and inside the app at least 14 days before the change takes effect.
15Contact us
General privacy questions: privacy@propmind.app
Data Protection Officer: dpo@propmind.app
Postal address available on request — we are a remote-first team and don't publish a permanent street address for safety reasons.
See also our Terms of Service for the contractual side of the relationship.
Anything you don't understand here, ask us before you sign up. We'd rather take ten minutes to answer than have you trade under terms you didn't read. privacy@propmind.app