1. Company Information

NexTick360 LLC — a New Mexico Limited Liability Company, United States.

Primary Data Residency: United States (Microsoft Azure — Central US).

Contact: Contact Us

2. Information We Collect

A. Account Information

When you create an account, we collect:

• Name
• Email address
• Authentication provider identifier (Google, Microsoft, or email/password)
• Tenant ID
• Subscription status

We do not collect or store payment card numbers.

B. Social Login (OAuth)

If you sign in using Google or Microsoft, we receive your name, email address, and a unique provider identifier. The authentication provider may receive information that you are signing into NexTick360 as part of the OAuth redirect flow. We do not receive or store your Google or Microsoft password. Social login is governed by the respective provider's privacy policy.

C. Execution Platform Credentials (Local Only)

If you connect NexTick360 to a supported execution platform (e.g., Rithmic):

• Your username and password are stored only on your local Windows machine.
• Credentials are encrypted using Windows DPAPI (user-scoped encryption).
• Credentials are never transmitted to NexTick360 servers.
• Credentials are never stored in the cloud.

We do not have access to your execution platform credentials.

D. Trade & Execution Data

We collect and process trading analytics data including per-trade data (symbol, side, quantity, entry/exit prices, timestamps, realized PnL, commissions, fees, slippage metrics, MFE/MAE, strategy tags, and user notes), per-fill data (fill price, quantity, timestamp, bid/ask/spread at fill), and execution quality metrics such as slippage, mark-outs, aggression score, and market regime context.

This data is stored locally in SQLite on your device and optionally synchronized to Azure SQL databases using per-tenant database isolation.

E. Market Data Handling

NexTick360 does not operate as a market data redistributor. Raw tick data is captured locally in a short buffer (approximately 60 seconds) around trade executions for execution analytics. Raw tick data is not transmitted to NexTick360 cloud servers. Cloud storage contains only derived metrics and contextual Level 1 snapshots. Users must maintain valid market data entitlements through their execution platform provider.

F. Journal & Psychology Data

If you use journaling features, we collect journal titles and markdown content, mood/stress/focus scores, day ratings, goals, rules violated, behavioral scoring metrics, and chart image URLs. This data is stored in Azure SQL databases with per-tenant isolation.

G. AI-Powered Features

When you use AI-powered features (e.g., Quick Ask or Strategy Builder), relevant trade summary context and your question text may be sent to OpenAI or Microsoft Azure OpenAI for processing. When using the Strategy Builder, your conversation history (questions and AI-generated responses) is stored in our cloud database for continuity and audit purposes. Execution platform credentials are never transmitted to AI providers. AI-generated responses are informational only and are not financial advice.

Third-party AI providers process data under their own privacy policies.

H. Device, Telemetry & Audit Data

Telemetry is disabled by default and requires explicit opt-in. If enabled, we may collect application version, performance metrics, and session events.

Audit logging may occur independently of telemetry settings for security and compliance purposes. Audit records may include machine name, IP address, user ID, and event type.

We use Google Analytics (website usage analytics), Azure Application Insights (cloud service telemetry), and Sentry (sales website error reporting only). We do not use advertising trackers, behavioral advertising systems, or session recording tools.

I. Payment Processing

Payments are processed exclusively by Stripe. We share your email, display name, and tenant reference with Stripe. We receive subscription status and customer/subscription identifiers from Stripe. We never receive or store full credit card numbers.

3. How We Use Information

We use collected information to:

• Provide execution analytics and performance metrics
• Deliver behavioral and discipline insights
• Generate AI-assisted performance summaries
• Maintain secure account access
• Improve product reliability and performance
• Manage subscriptions and billing
• Detect and prevent misuse of the Service

We do not sell personal information.

4. Data Storage & Security

Cloud infrastructure is hosted in Microsoft Azure (Central US region). Production storage uses geo-redundant replication within the United States. All data resides within the United States. Each tenant is logically isolated using dedicated databases. Local desktop data remains on the user's device unless optional cloud sync is enabled.

We implement reasonable technical and organizational safeguards to protect user data, including encryption in transit (TLS) and at rest.

5. Data Retention

We retain account and trading data for as long as your account remains active. Upon account termination, cloud data may be deleted after a reasonable retention period (typically 30 days). Local data remains under user control. AI conversation history stored in our cloud database is deleted with your account data.

6. Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify affected users within a reasonable timeframe and in accordance with applicable law.

7. Your Rights

You may:

• Access your stored data
• Request correction of inaccurate data
• Request account and data deletion
• Disable telemetry features
• Export your trading data

To exercise these rights, contact us.

8. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You may request details about the personal information we collect, use, and disclose.
• Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out of Sale: We do not sell personal information to third parties.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, contact us.

9. Children's Privacy

The Service is not intended for individuals under 18 years of age.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted with a revised Effective Date. We will notify users of material changes via email or in-app notification.

11. Contact Information

NexTick360 LLC — Contact Us