Legal

Privacy Policy

Last updated: March 2026

CopyOptic ("we", "us", "our") operates the CopyOptic trading analytics platform. This policy explains what data we collect, why we collect it, and how we protect it.

1. Data We Collect

When you use CopyOptic we collect the following categories of information:

Account information — your email address, name and hashed password when you register.
Trading credentials — your broker server name, account number and investor (read-only) password, used solely to connect to your broker via MetaAPI. These are stored encrypted at rest.
Trading performance data — equity curves, trade history, open positions and account statistics synced from your broker. This data belongs to you.
Usage data — pages visited, features used and error logs, collected to improve the product.
Payment data — billing is handled entirely by Stripe. We store only your Stripe Customer ID — we never see or store card numbers.

2. How We Use Your Data

To provide and improve the CopyOptic analytics service.
To send transactional emails (account confirmation, password resets, alert notifications).
To process subscription payments via Stripe.
To detect and prevent abuse or fraudulent activity.

We do not sell, rent or share your personal data with third parties for marketing purposes.

3. Trading Credentials & Read-Only Access

We connect to your broker using your investor password only — this is a read-only credential that cannot place, modify or close trades. We have zero ability to touch your funds. Your credentials are AES-encrypted at rest and transmitted only over HTTPS.

4. Data Sharing

We share data only with the following service providers, strictly as needed to operate the platform:

MetaAPI — broker connectivity for MT4/MT5 accounts.
Stripe — payment processing and subscription management.
SendGrid — transactional email delivery.

Each provider is bound by their own data processing agreements and applicable privacy law.

5. Public Trader Profiles

If you choose to generate a shareable link or appear in the public Trader Directory, certain performance statistics (return, win rate, drawdown) become publicly visible. This is entirely opt-in. You can revoke a share link or remove yourself from the directory at any time from your account settings.

6. Data Retention

We retain your account and trading data for as long as your account is active. If you delete your account, your personal data and trading credentials are deleted within 30 days. Anonymised aggregate statistics may be retained indefinitely for product analytics.

7. Your Rights

Depending on your location you may have rights including access, correction, deletion and portability of your personal data. To exercise any of these rights, contact us at privacy@copyoptic.com.

8. Cookies

CopyOptic uses only essential session cookies required for authentication. We do not use third-party tracking or advertising cookies.

9. Security

All data is transmitted over HTTPS/TLS. Passwords are hashed using bcrypt. Trading credentials are AES-encrypted at rest. We perform regular security reviews and apply patches promptly.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be notified via email or an in-app notice. Continued use of the service after changes constitutes acceptance.

11. Contact

Questions about this policy? Email privacy@copyoptic.com.