Privacy Policy

Last updated: June 11, 2026

EquityTruth (“we”, “us”) operates the EquityTruth Analyzer service at equitytruth.io. This policy explains what data we collect, why, and what control you have over it. The short version: we collect only what the service needs to work, we don't run advertising or tracking, and we never sell your data.

1. Data we collect

Account data. When you create an account: your email address and a password (stored only as a cryptographic hash, never in plain text). If you sign in with Google, we receive your Google account identifier and email address instead of a password.

Trading data you upload. The service exists to analyze trading histories. When you upload a report (MT4/MT5 statement, Myfxbook or signal CSV, backtest), we parse and store the data it contains: trades, balance operations, and account metadata present in the file (such as broker name, account number, or account currency). This is the core content of the service and is treated as confidential by default — see “Report visibility” below.

Technical data. Standard server logs (IP address, request path, timestamp) used for security, rate limiting, and debugging. We use only essential cookies: a session cookie to keep you signed in and a CSRF token to protect forms. We do not use advertising cookies or third-party analytics trackers.

Error reports. When something breaks, technical error details are sent to Sentry (hosted in the EU). Error reporting is configured to exclude personal data and request bodies — your trading data is never included in error reports.

2. How we use your data

• To provide the service: computing equity curves, metrics, and reports from your uploads.
• To operate your account: authentication, email verification, password resets.
• To keep the service secure: abuse prevention, rate limiting, debugging.

We do not sell or rent your data, and we do not use it for advertising.

3. Report visibility

Reports created under your account are private by default — only you can open them. You can change a report to unlisted (anyone with the secret link) or public; that choice is yours and you can reverse it at any time.

Reports created without an account are unlisted: reachable only via the secret link generated at upload time.

4. Where your data lives, and who processes it

Data is stored on servers in Germany (EU), hosted by Hetzner. We use a small set of processors to run the service:

• Hetzner (Germany) — hosting and backups.
• Resend — transactional email (verification, password reset).
• Google — only if you choose “Sign in with Google”.
• Sentry (EU) — error monitoring, with personal data excluded.

5. Retention and deletion

• Account data and uploaded trading data are kept until you delete them. You can delete individual datasets, or your entire account with all its data, from your profile — deletion is immediate and removes your datasets, trades, and reports.
• Raw uploaded files are automatically deleted from our servers within 180 days of upload (the parsed data remains in your account until you delete it).
• Server logs are rotated and kept for a limited period.

6. Your rights

If you are in the EU/EEA, you have the rights provided by the GDPR: access, rectification, erasure, restriction of processing, data portability, and objection. Most of these are self-service (your profile lets you view, manage, and delete your data); for anything else, email us and we will respond within 30 days.

7. Children

The service is not directed at children and is not intended for anyone under 16.

8. Changes to this policy

If we make material changes, we will update this page and the “last updated” date above.

9. Contact

Privacy questions and requests: support@equitytruth.io