Last Updated: February 2026
1. Information We Collect
When you use Risk Lab, we collect the following information:
- •Account Information: Your email address and encrypted password, used for authentication.
- •Trade Journal Entries: Trade data you enter including ticker symbols, prices, position sizes, notes, and uploaded chart screenshots.
- •Settings & Preferences: Your account size defaults, strategy configurations, and risk preferences.
- •Payment Information: Billing details are processed directly by Stripe and are not stored on our servers.
2. How We Use Your Information
We use your data to:
- •Provide, maintain, and improve the Risk Lab application
- •Process your trades, calculate risk metrics, and display performance analytics
- •Process subscription payments and manage your account
- •Send essential service communications (password resets, billing alerts)
3. Third-Party Processors
We use the following third-party services to operate:
Supabase
Database hosting, user authentication, and file storage. Your trade data and account information are stored securely in Supabase's infrastructure with row-level security policies.
Stripe
Payment processing for premium subscriptions. Stripe handles all credit card and billing information directly. We never store your full card details.
Alpaca Markets
Market data provider for live prices and historical data. If you connect your Alpaca account, your API keys are stored encrypted in our database.
4. Data Security
We implement industry-standard security measures including encrypted connections (HTTPS), row-level security policies on all database tables, and secure authentication via Supabase Auth. Your data is isolated so that only you can access your own trades and settings.
5. Your Rights
You have the right to:
- •Access: Request a copy of all data we hold about you.
- •Correction: Update or correct inaccurate data through your account settings.
- •Deletion: Request permanent deletion of your account and all associated data. Deleting your account removes all trades, strategies, settings, and uploaded images.
- •Portability: Export your trade data at any time from within the application.
To exercise any of these rights, contact us at support@risklab.app.
6. Data Retention
We retain your data for as long as your account is active. If you delete your account, all associated data is permanently removed within 30 days. Payment records may be retained longer as required by law.
7. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last Updated" date.