Privacy Policy

Last updated: February 25, 2026

Insider Transaction Terminal ("we", "us", "our") operates the website insidertransactionterminal.com. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller responsible for your personal data is the operator of Insider Transaction Terminal. For contact details, see the bottom of this page.

2. What Data We Collect

We collect minimal personal data necessary to provide our service:

Email address — provided when you subscribe, used for account access (magic link login) and service communications.
Payment information — processed securely by Stripe. We do not store your credit card details on our servers.
Usage data — basic server logs (IP address, browser type, pages visited) for security and performance monitoring.

We do not collect passwords. Authentication is handled via secure, time-limited magic links sent to your email.

3. How We Use Your Data

Your personal data is used for the following purposes:

To create and manage your account
To process subscription payments via Stripe
To send magic link login emails
To communicate important service updates

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Legal Basis for Processing

We process your data based on:

Contract performance — processing necessary to provide the subscription service you signed up for (Art. 6(1)(b) GDPR).
Legitimate interests — server logging for security and fraud prevention (Art. 6(1)(f) GDPR).

5. Third-Party Services

We use the following third-party services that may process your data:

Stripe (payments) — Privacy Policy
Resend (transactional email) — Privacy Policy
Cloudflare (CDN and security) — Privacy Policy
Hetzner (server hosting, EU-based) — Privacy Policy

6. Data Storage and Security

Your data is stored on servers located in the European Union (Hetzner, Germany). We implement appropriate technical measures to protect your data, including encrypted connections (HTTPS/TLS), secure authentication tokens, and restricted database access.

7. Data Retention

We retain your account data for as long as your subscription is active. If you cancel your subscription, your data will be deleted within 90 days unless we are required by law to retain it longer. Server logs are retained for a maximum of 30 days.

8. Your Rights (GDPR)

Under the GDPR, you have the right to:

Access your personal data
Rectify inaccurate personal data
Erase your personal data ("right to be forgotten")
Restrict processing of your personal data
Data portability — receive your data in a structured, machine-readable format
Object to processing based on legitimate interests

To exercise any of these rights, contact us using the details below. We will respond within 30 days.

9. Cookies

We use only essential cookies and local storage required for authentication (storing your login session). We do not use tracking cookies, analytics cookies, or advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact

For privacy-related questions or to exercise your rights:

[email protected]