Guardrail

Legal

Privacy Policy

Last updated: April 2026

This Privacy Policy describes what information Guardrail collects, how we use it, and what we never do with it.

What we collect

  • Account info: email address, password hash, and (optionally) Google OAuth identifiers used to sign you in.
  • Risk profile: trading rules and preferences you enter during onboarding (max daily loss, max trades, session hours, etc.).
  • Manual Mode entries: trades you log in the journal — symbols, sides, prices, P&L, notes you write.
  • Broker connection metadata:when you connect a broker (e.g., Tradovate), we store the connection state, account label, and an encrypted copy of OAuth tokens. See “How we protect tokens” below.
  • Telegram identifiers: if you opt in, we store your Telegram chat id so the bot can send you alerts.
  • Operational logs: standard server logs for debugging and abuse prevention. Logs never include token values or full credit-card numbers.

How we protect tokens

OAuth access and refresh tokens are encrypted at rest using AES-256-GCM with a 32-byte server-side key. Each encryption uses a fresh random IV; the GCM auth tag rejects any tampering. Tokens are decrypted only on the server, only inside server-side code paths that load them via an ownership-checked function. Tokens are never logged, never returned to the browser, and never sent to third parties.

How we use the data

  • To authenticate you and keep your session active.
  • To evaluate your rules against your journal entries (Manual Mode) or broker reads (when verified).
  • To send you alerts you’ve opted into (Telegram, email, in-app).
  • To improve the product through aggregated, non-identifying analysis.

What we don’t do

  • We don’t sell your data.
  • We don’t use your trade entries to train external machine-learning models.
  • We don’t share your broker token values with anyone.
  • We don’t place, cancel, or modify orders at your broker on your behalf today. Future destructive capabilities (cancel orders, flatten positions, broker-level lockout) will require explicit per-capability opt-in and live-broker verification before they ship.

Third-party processors

We use Stripe for billing, Anthropic for AI-assisted features, and (optionally) Google for sign-in and Telegram for alerts. Each processor receives only the data necessary for that function, under their respective privacy terms.

Cookies

Guardrail uses essential cookies to keep you signed in, protect your account, and operate the service. We do not use advertising cookies unless clearly stated.

Your rights

You can export your data, delete your account, and revoke broker connections at any time from the Settings page. Account deletion removes your stored profile, journal entries, and connection records.

Contact

Questions, requests, or concerns? Contact support@guardrail.trade.