Privacy Policy

Last updated: March 16, 2026

Overview

DamnGoodTrade ("we," "our," or "us") provides a trade review and analysis platform for thinkorswim traders. We are committed to a privacy-first approach, offering you the choice between completely private local processing and cloud-connected convenience.

How Your Data Is Handled

When you use DamnGoodTrade without an account, your trade data is processed entirely in your browser and never sent to our servers.

When you create an account, your data is encrypted and stored securely with row-level security in our database to enable cross-device sync, trade notes, and enrichment features. You can export or delete your data at any time.

We never sell, share, or monetize your trade data.

AI & Smart Features

Our command engine uses AI to interpret your natural language queries (e.g., "Show me my best winning trades on Mondays"). The AI model (Google Gemini) is accessed via OpenRouter, a routing service.

What is sent to the AI:

  • The text of your query.
  • Your current date range scope.
  • Your local timezone.

What is NEVER sent to the AI:

  • Your actual trade data (prices, sizes, P&L).
  • Your account balances or positions.
  • Your CSV files or uploaded content.
  • Your email address or any personal information.

The AI only determines what action to take (e.g., "filter by symbol SPY"). All trade analysis, filtering, and computation happens locally in your browser or on our servers — never by the AI model.

Information We Collect

Information You Provide

  • Email address: Required only for account creation.
  • Trading data: Only stored on our servers if you create an account.
  • Journal notes: Only stored on our servers if you create an account.

Information We Collect Automatically

  • Usage analytics: Anonymous data about feature usage (e.g., "used filter", "opened settings") to improve the platform.
  • Technical information: Browser type, device information, and IP address for security and debugging.

How We Use Your Information

We use your information to:

  • Provide and improve trade review and analysis features.
  • Sync your data across devices (account holders).
  • Compute analytics on your trades when you request them (e.g., via the command bar).
  • Maintain the security and integrity of the platform.

Cookies & Error Monitoring

Essential cookies (always active): We use cookies for authentication (Supabase session). These are required for the service to function and do not require consent.

Error tracking (requires consent): With your consent, we use Sentry to capture error reports on the client side. This includes stack traces, browser information, and session replays when errors occur. No error data is collected on the client until you accept cookies via the consent banner.

Server-side error monitoring (legitimate interest): We collect server-side error data (stack traces, request metadata, response status codes) to maintain service reliability and diagnose outages. This processing is based on our legitimate interest in keeping the platform operational and does not involve client-side cookies. Server-side error data does not include your email address, trade data, or other personal content — only technical request context and error details.

You can manage your cookie preferences at any time via the "Cookie Settings" link in the footer.

Third-Party Services

We use trusted third-party services to operate:

  • Supabase: For database storage and user authentication (account holders).
  • Vercel: For global hosting and content delivery.
  • Stripe: For processing subscription payments.
  • OpenRouter / Google Gemini: For AI-powered command interpretation (query text and date range only — no trade data).
  • Sentry: For error tracking and performance monitoring (with consent for client-side; server-side under legitimate interest).
  • Resend: For transactional email delivery (welcome email, account notifications).

Data Security

We implement industry-standard security measures, including end-to-end encryption for sensitive data and secure authentication protocols. Account data is stored in encrypted databases provided by Supabase. Without an account, your data stays in your browser and is secured by your own device.

Contact Us

If you have questions about this Privacy Policy, send us a message.