Table of Contents
1. Privacy Overview
Traders Helmet Academy ("we," "us," or "our") is committed to protecting your privacy and ensuring you have a positive experience on our website and while using our services.
Our Commitment
We are committed to being transparent about what data we collect, how we use it, and providing you with control over your personal information.
Key Principles
- Transparency: We clearly explain what data we collect and why
- Purpose Limitation: We only use data for specified, legitimate purposes
- Data Minimization: We collect only what's necessary for our services
- Security: We implement appropriate technical and organizational measures
- User Control: You have rights over your personal data
Scope of This Policy
This Privacy Policy applies to:
- Our website at tradershelmetacademy.com
- Our trading education platform and services
- Email communications and newsletters
- Customer support interactions
- Payment processing for subscriptions
2. Information We Collect
Personal Information You Provide
We collect information you voluntarily provide to us, including:
| Category | Data Types | Purpose |
|---|---|---|
| Account Information | Name, email address, phone number, country | Account creation, identity verification, communication |
| Payment Information | Billing address, payment method details | Processing subscriptions and payments |
| Profile Information | Avatar, preferences, trading experience level | Personalizing your experience |
| Communication Data | Messages, support tickets, feedback | Providing customer support, improving services |
Information Automatically Collected
When you use our platform, we automatically collect certain information:
Technical Information
- IP address and location data
- Browser type and version
- Operating system
- Device identifiers
- Screen resolution and device type
Usage Information
- Pages visited and time spent
- Features used and click patterns
- Login times and frequency
- Course progress and completion
- Search queries and preferences
Communication Metadata
- Chat message timestamps
- Email open and click rates
- Support ticket history
- Notification preferences
Data Collection Methods
We collect this information through cookies, log files, web beacons, and similar tracking technologies. You can control many of these through your browser settings.
3. How We Use Your Information
We use the collected information for various purposes, always within the scope of our legitimate business interests and your consent where required.
Core Service Provision
- Account Management: Creating and maintaining your account
- Service Delivery: Providing access to educational content and features
- Payment Processing: Handling subscriptions and billing
- Customer Support: Responding to inquiries and resolving issues
- Authentication: Verifying your identity and securing your account
Service Improvement
- Analytics: Understanding how our platform is used
- Personalization: Customizing content and recommendations
- Feature Development: Building new tools and capabilities
- Performance Optimization: Improving site speed and reliability
- User Experience: Enhancing interface design and usability
Communication
- Service Notifications: Account updates, security alerts
- Educational Content: Course updates, new materials
- Marketing Communications: Promotional offers (with consent)
- Technical Updates: Platform changes, maintenance notices
- Legal Communications: Policy updates, compliance notices
Legal and Security
- Fraud Prevention: Detecting and preventing fraudulent activity
- Security Monitoring: Protecting against unauthorized access
- Legal Compliance: Meeting regulatory requirements
- Risk Management: Assessing and mitigating business risks
- Dispute Resolution: Handling complaints and legal issues
Legal Basis for Processing
We process your personal data based on:
- Contract: To provide services you've subscribed to
- Legitimate Interest: For business operations and improvement
- Consent: For marketing communications and optional features
- Legal Obligation: To comply with applicable laws
4. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
Service Providers
We work with trusted third-party service providers who assist us in operating our platform:
| Service Type | Provider Examples | Data Shared |
|---|---|---|
| Payment Processing | Stripe, PayPal | Billing information, transaction data |
| Cloud Hosting | Supabase, AWS | Account data, usage information |
| Email Services | SendGrid, Mailgun | Email addresses, communication preferences |
| Analytics | Google Analytics | Anonymized usage data |
| Customer Support | Zendesk, Intercom | Contact information, support history |
Legal Requirements
We may disclose your information when required by law or in good faith belief that such action is necessary to:
- Comply with legal processes or government requests
- Enforce our Terms of Service
- Protect the rights, property, or safety of our users or the public
- Investigate and prevent fraud or other illegal activities
- Respond to claims of intellectual property infringement
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will:
- Provide notice before your information is transferred
- Ensure the new entity honors this Privacy Policy
- Give you the option to delete your account before transfer
Data Protection Agreements
All third-party service providers are bound by strict data protection agreements and are required to implement appropriate security measures.
5. Data Security
We implement comprehensive security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.
Technical Safeguards
- Encryption: Data encrypted in transit (TLS/SSL) and at rest (AES-256)
- Access Controls: Multi-factor authentication and role-based access
- Network Security: Firewalls, intrusion detection, and monitoring
- Secure Development: Regular security audits and vulnerability testing
- Data Backup: Regular backups with encryption and secure storage
Organizational Safeguards
- Employee Training: Regular security awareness and privacy training
- Access Limitation: Need-to-know basis for data access
- Background Checks: Screening for employees with data access
- Incident Response: Defined procedures for security breaches
- Vendor Management: Security assessments for all service providers
Security Monitoring
- 24/7 security monitoring and alerting
- Regular penetration testing and vulnerability assessments
- Automated threat detection and response
- Security incident logging and analysis
- Compliance with industry security standards
Security Standards
We follow industry best practices including OWASP guidelines, ISO 27001 principles, and SOC 2 Type II standards where applicable.
Data Breach Response
In the unlikely event of a data breach, we will:
- Contain the breach and assess the scope within 24 hours
- Notify relevant authorities within 72 hours if required
- Inform affected users without undue delay
- Provide clear information about the breach and response measures
- Take steps to prevent future occurrences
6. Data Retention
We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements.
Retention Periods
| Data Category | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account + 3 years | Service provision, legal compliance |
| Payment Records | 7 years after last transaction | Tax and accounting requirements |
| Communication Data | 2 years from last interaction | Customer support, service improvement |
| Usage Analytics | 26 months (anonymized) | Platform optimization, trend analysis |
| Marketing Data | Until consent withdrawn | Marketing communications |
Data Deletion Process
When data reaches the end of its retention period, we:
- Securely delete personal identifiers
- Anonymize data where possible for statistical purposes
- Remove data from all backup systems
- Verify complete deletion through audit processes
- Maintain deletion logs for compliance purposes
Account Deletion
When you delete your account:
- Personal information is removed within 30 days
- Transactional records may be retained for legal compliance
- Anonymized usage data may be retained for analytics
- You'll receive confirmation of deletion completion
7. Cookies and Tracking
We use cookies and similar tracking technologies to enhance your experience, analyze usage, and provide personalized content.
Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Basic site functionality, security, authentication | Session/1 year |
| Performance Cookies | Site analytics, error tracking, performance monitoring | 2 years |
| Functional Cookies | User preferences, language settings, features | 1 year |
| Marketing Cookies | Personalized ads, conversion tracking | 1-2 years |
Cookie Management
Third-Party Cookies
We may allow selected third parties to place cookies for:
- Google Analytics - Website performance and usage analysis
- Stripe - Payment processing and fraud prevention
- Intercom - Customer support chat functionality
- Facebook Pixel - Advertising measurement (if enabled)
Browser Settings
You can also control cookies through your browser settings:
- Block all cookies or specific types
- Delete existing cookies
- Set preferences for future visits
- Enable/disable JavaScript
Cookie Limitations
Disabling essential cookies may affect site functionality. Some features may not work properly without performance or functional cookies.
8. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information. We respect these rights and provide tools to exercise them.
Right to Access
Request a copy of the personal data we hold about you, including how it's used and who it's shared with.
Right to Rectification
Request correction of inaccurate or incomplete personal information in your account.
Right to Erasure
Request deletion of your personal data, subject to legal retention requirements.
Right to Restrict
Request limitation of processing your personal data in certain circumstances.
Right to Portability
Request your personal data in a structured, machine-readable format for transfer.
Right to Object
Object to processing of your personal data for marketing or legitimate interests.
How to Exercise Your Rights
To exercise any of these rights, please:
- Contact us at privacy@tradershelmetacademy.com
- Include your full name and account email address
- Specify which right(s) you want to exercise
- Provide any additional information to help us process your request
Response Timeline
- Acknowledgment: Within 3 business days
- Simple Requests: Within 30 days
- Complex Requests: Up to 60 days (with notification)
- Urgent Requests: Prioritized when legally required
Verification Process
To protect your privacy, we may need to verify your identity before processing requests. This may involve:
- Confirming your email address
- Answering security questions
- Providing account-related information
- Additional verification for sensitive requests
Data Protection Authority
If you're not satisfied with our response to your privacy request, you have the right to lodge a complaint with your local data protection authority.
9. Children's Privacy
Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18.
Age Verification
- Account registration requires confirmation of being 18 or older
- We may request age verification for suspicious accounts
- Parental consent is required for users under 18
- Educational content includes age-appropriate disclaimers
Parental Rights
If a parent or guardian becomes aware that their child has provided personal information without permission, please contact us immediately. We will:
- Verify the parental relationship
- Delete the child's account and information
- Provide confirmation of deletion
- Implement additional safeguards if needed
Trading Education Warning
Trading and financial education involves complex concepts and substantial risks that may not be suitable for minors. Adult supervision is strongly recommended.
10. International Users
We serve users globally and comply with applicable data protection laws in different jurisdictions.
Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure adequate protection through:
- Standard Contractual Clauses (SCCs) for EU data transfers
- Adequacy decisions where available
- Certification schemes and codes of conduct
- Additional safeguards for high-risk countries
Regional Compliance
| Region | Applicable Laws | Additional Rights |
|---|---|---|
| European Union | GDPR | Data portability, right to be forgotten |
| California, USA | CCPA/CPRA | Right to know, delete, opt-out of sale |
| United Kingdom | UK GDPR | Similar to EU GDPR rights |
| Canada | PIPEDA | Access, correction, withdrawal of consent |
Data Localization
For certain jurisdictions with data localization requirements:
- We maintain local data centers where required
- Personal data may be stored within the country/region
- Cross-border transfers are limited and protected
- Local legal representatives may be appointed
11. Third-Party Services
Our platform may contain links to or integrate with third-party services. This Privacy Policy does not apply to those external services.
Integrated Services
- Payment Processors: Stripe, PayPal - have their own privacy policies
- Social Media: Sharing buttons may track your activity
- Analytics: Google Analytics with IP anonymization
- Support Tools: Live chat and helpdesk services
- Educational Tools: Video players and interactive content
Your Responsibility
When using third-party services through our platform:
- Review their privacy policies independently
- Understand what data they collect
- Configure privacy settings on their platforms
- Contact them directly for privacy concerns
Recommendations
We recommend you:
- Read privacy policies of all services you use
- Use strong, unique passwords for all accounts
- Enable two-factor authentication where available
- Regularly review connected app permissions
12. Marketing Communications
We may send you marketing communications about our services, educational content, and special offers, but only with your consent.
Types of Communications
- Educational Newsletters: Trading tips, market insights, course updates
- Promotional Emails: Special offers, discounts, new tier announcements
- Product Updates: New features, platform improvements
- Event Invitations: Webinars, live trading sessions
Consent and Opt-Out
You can control marketing communications by:
- Adjusting preferences in your account settings
- Clicking "unsubscribe" in any marketing email
- Contacting our support team
- Updating your communication preferences
Legitimate Interest
We may send certain communications based on legitimate interest:
- Service announcements and updates
- Security and account notifications
- Legal and compliance communications
- Course completion certificates and achievements
Easy Unsubscribe
You can opt out of marketing emails at any time with one click. This won't affect essential service communications like security alerts or billing notifications.
13. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements.
Notification Process
When we make significant changes, we will:
- Update the "Last Updated" date at the top of this policy
- Send email notifications to registered users
- Display a prominent notice on our website
- Provide a summary of key changes
- Allow time for review before changes take effect
Types of Changes
- Minor Updates: Clarifications, contact information, formatting
- Material Changes: New data uses, sharing practices, rights
- Legal Updates: Compliance with new regulations
- Service Changes: New features affecting privacy
Your Options
If you don't agree with policy changes:
- Contact us to discuss concerns
- Adjust your privacy settings
- Delete your account before changes take effect
- Exercise your data subject rights
Version History
We maintain records of previous policy versions. You can request information about changes by contacting our privacy team.
14. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please don't hesitate to contact us.
Privacy Team
Our dedicated privacy team is here to help with all your data protection needs.
Data Protection Officer
For complex privacy matters or regulatory inquiries:
- Email: dpo@tradershelmetacademy.com
- Role: Independent privacy oversight and compliance
- Response Time: Within 5 business days
- Languages: English, Spanish, French
Mailing Address
Privacy Department
123 Trading Street
Lagos, Nigeria
ZIP Code: 100001
Quick Response Tips
For faster assistance, please include:
- Your account email address
- Specific privacy concern or request
- Any relevant screenshots or documentation
- Preferred communication method