← TruthTickTerminal

Privacy Policy

Last updated May 14, 2026

1. What we collect

  • Account data: email, optional display name, password (stored as a bcrypt hash — we never see the plaintext), and the marketing source (e.g. daytrader) if you arrived from a tagged link.
  • Sign-in data: if you sign in with Google, we receive your email, name, and profile photo from Google. We do not receive your Google password.
  • Usage data: request logs (IP address, timestamp, path, user-agent) for security and rate limiting. Logs are kept for 30 days then rotated.
  • Billing data: if you subscribe to Pro, Stripe handles your payment information. We store only the Stripe customer and subscription IDs — no card details ever touch our servers.

2. What we don't collect

No tracking pixels, no third-party analytics (Google Analytics, Segment, Mixpanel, etc.), no advertising cookies. We don't sell or rent your data to anyone, ever.

3. How we use it

  • To run the service (sign you in, show your account, gate Pro features).
  • To prevent abuse (rate limiting, bot detection).
  • To bill subscribers via Stripe.
  • To respond when you contact us.

4. Third-party services

  • Stripe — payment processing. Their privacy policy applies to all billing data.
  • Google — OAuth sign-in. Their privacy policy applies to data Google sees during sign-in.
  • Polymarket— public market data we display in the terminal. We don't share your account data with Polymarket.
  • Fly.io — our hosting provider. They process request logs on our behalf.

5. Cookies

We use a single first-party cookie to keep you signed in (the session JWT). No third-party cookies, no advertising cookies, no analytics cookies.

6. Your rights

Email evan@truthtickterminal.com and we'll:

  • Send you a copy of the data we hold on you.
  • Delete your account and all associated data.
  • Correct anything that's wrong.

We'll respond within 30 days. If you cancel a subscription, Stripe retains billing records as required by US tax law — that data lives with Stripe, not us.

7. Security

All traffic is HTTPS. Passwords are bcrypt-hashed. The database lives on a Fly volume with restricted access. Authorized personnel have access to administrative tools but never to plaintext passwords. We have not had a breach; if we ever do, we will notify affected users within 72 hours.

8. Children

The service is not directed at children under 13 and we don't knowingly collect data from them.

9. Changes

We may update this policy. Material changes will be announced via email or in-app at least 14 days before they take effect.

10. Contact

Questions: evan@truthtickterminal.com