LIVE@blakegrindsNVDA+$12,450
LIVE@queenofcallsTSLA+$3,280
LIVE@dragonbtcBTC+$5,120
LIVE@mikemoneyES-$840
LIVE@kira_optionsSPY+$1,940
LIVE@apewolfGME+$23,900
LIVE@thejackalAAPL+$2,847
LIVE@blakegrindsNVDA+$12,450
LIVE@queenofcallsTSLA+$3,280
LIVE@dragonbtcBTC+$5,120
LIVE@mikemoneyES-$840
LIVE@kira_optionsSPY+$1,940
LIVE@apewolfGME+$23,900
LIVE@thejackalAAPL+$2,847
Back to home
LEGAL · PRIVACY

Privacy Policy.

Last updated · May 12, 2026

Sutekka ("we," "our," or "us") is a trading journal — we take your data seriously because the data is the product. This policy lays out what we collect, why, who else touches it, and what you can do about it. By using Sutekka, you agree to the practices below.

01

Information we collect

1.1 Account information

When you create an account we collect your name, email address, and a hashed password. If you sign up via Google, Discord, or Twitter/X OAuth, we receive your name, email, and profile picture from that provider — nothing more.

1.2 Trading data

Everything you enter into the journal: trades, entries, exits, fees, tags, notes, screenshots, plans, and account labels. If you connect a broker via SnapTrade, we receive the trade history and account metadata that connection exposes.

1.3 Usage & analytics

Device, browser, OS, IP address, referrer, the pages you visit, and aggregate interaction data. We use it to debug, measure performance, and decide what to ship next.

1.4 Payment information

Stripe handles all payment processing. We never see or store your full card number. We store only the Stripe customer ID and subscription state. See Stripe's privacy policy for what they do with it.

02

How we use your information

We use what we collect to:

  • Provide, maintain, and improve the Service
  • Process your trades, compute analytics, and display performance
  • Process payments and manage your subscription
  • Send transactional emails (verification, password resets, billing receipts)
  • Respond to support requests
  • Detect, prevent, and address abuse, fraud, and security threats
  • Comply with legal obligations
03

Third-party services

The following services help us run Sutekka and may receive or process your data:

  • Stripe — Payment processing for subscriptions.
  • Resend — Transactional email delivery (verification, receipts, password resets).
  • OAuth providers (Google, Discord, Twitter/X) — Authentication only. We receive basic profile info.
  • SnapTrade — Broker connection layer. Touches your brokerage data on our behalf when you opt in.
  • Polygon.io, Finnhub, Financial Modeling Prep — Market data providers. They see ticker queries, not your account or trades.
  • Google AdSense — Ad delivery for free-tier users only. Uses cookies; see section 04.
  • PostHog — Product analytics (pageviews, feature usage, anonymized session events). Loaded only after you accept the cookie banner; nothing is captured before consent.
  • OpenAI — Generates AI sticker characters and powers analysis features. Prompts may include the trade context you submit.

Each of these vendors operates under its own privacy policy. We pick partners we trust and recommend you review theirs if a specific data flow matters to you.

04

Cookies & tracking

We use four types of cookies:

  • Essential — Auth, session, CSRF. Required to log in. Stored httpOnly.
  • Preference — Theme, language, cookie consent state, last-viewed dashboard.
  • Analytics — Set by PostHog to measure which features get used. Loaded only after you click Accept on the cookie banner — default-deny.
  • Advertising — Used by AdSense for free-tier users only. May track activity across sites.

You can manage cookie preferences via the consent banner at the bottom of the page (Accept or Decline) or via your browser. Declining means PostHog never initializes and no analytics cookies are set; AdSense still loads for free-tier users under its own consent flow. Disabling essential cookies will break login.

05

Data retention

We keep your personal data and trading data while your account is active. If you delete your account, we delete or anonymize your personal data within 30 days. Backup snapshots may persist for up to 90 days before being purged on rolling schedule. Records we are required to retain for tax, accounting, or legal reasons (e.g. Stripe payment records) are kept for the period legally mandated.

06

Data security

We implement industry-standard technical and organizational measures: TLS in transit, encryption at rest for sensitive fields (broker tokens are Fernet-encrypted), Argon2/bcrypt password hashing, rate limiting at the proxy and API layer, security headers (HSTS, CSP, X-Frame-Options), and role-segregated access controls. No internet-facing system is 100% secure — we work to make ours close, but we cannot guarantee absolute security.

07

Your rights

Depending on where you live (GDPR, CCPA, UK GDPR, and similar regimes), you have the following rights regarding your personal data:

  • Access — Request a copy of the personal data we hold about you.
  • Correction — Fix inaccurate or incomplete data.
  • Deletion — Delete your account and associated data. You can do this yourself from Settings → Account, or ask us.
  • Export — CSV export from the app (any tier) or PDF reports (Pro), plus a full data export by email request.
  • Restriction — Restrict how we process your data in certain cases.
  • Objection — Object to processing for marketing or other specified purposes.
  • Portability — Receive your data in a structured, machine-readable format.

To exercise any of these rights, email support@sutekka.com. We respond within 30 days.

08

Children's privacy

Sutekka is not intended for anyone under 18. We do not knowingly collect personal data from children. If you believe a child has provided data, contact us and we will remove it.

09

International data transfers

Your data may be processed in countries other than your country of residence (primarily the United States). Where required, we rely on Standard Contractual Clauses or equivalent mechanisms with our processors to keep transfers compliant with EU and UK data protection laws.

10

Changes to this policy

We may update this policy. Material changes will be announced in-app and via the "Last updated" date at the top of this page. Your continued use of the Service after a change constitutes acceptance.

11

Contact us

Questions, requests, or concerns about your data — please reach out:

Sutekka, Inc.
Email: support@sutekka.com
Or use our contact page.