Privacy Policy
1. Introduction
Paytience (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the Paytience platform (paytience.org) and related services.
By using our Service, you consent to the collection and use of information in accordance with this policy. We encourage you to read this policy carefully and contact us if you have any questions.
2. Data We Collect
We collect the following categories of personal data:
2.1 Account Information
- Email address — Used for account creation, authentication, and communication.
- Username / display name — Used for platform identification and leaderboards.
- Password hash — Securely hashed and stored; we never store passwords in plain text.
2.2 Voice Passphrase Data
- Voice passphrase hash — A cryptographic hash of your voice passphrase used for biometric authentication. We do not store raw audio recordings; only the derived hash is retained.
2.3 Trading Data
- Trade history — Entries, exits, instruments, position sizes, and timestamps.
- Performance metrics — Win rate, drawdown, profit/loss, consistency scores, and discipline ratings.
- Behavioural data — Session duration, trading frequency, tilt indicators, and pattern analysis.
2.4 Technical Data
- IP address, browser type, device information, operating system.
- Pages visited, timestamps, referring URLs, and session identifiers.
3. How We Use Your Data
We use the data we collect for the following purposes:
- AI Coaching: Analysing your trading behaviour to provide personalised discipline coaching, tilt detection alerts, and performance recommendations.
- Risk Monitoring: Automated real-time monitoring of drawdown limits, daily loss limits, and consistency thresholds to enforce challenge rules and protect capital.
- Platform Improvement: Aggregated, anonymised data analysis to improve our AI models, platform features, and user experience.
- Communication: Sending account-related notifications, challenge updates, payout confirmations, and (with your consent) marketing communications.
- Security: Detecting and preventing fraud, abuse, and unauthorised access to accounts.
- Legal Compliance: Meeting regulatory, tax, and legal obligations as required by applicable law.
4. Third-Party Services
We share data with the following third-party service providers, strictly as necessary to operate the platform:
Card payments are processed by Stripe, Inc. When you pay by card, your payment details are submitted directly to Stripe and are never stored on Paytience servers. Stripe collects your name, card number, billing address, and email. Stripe's Privacy Policy governs their data handling. See stripe.com/privacy.
Cryptocurrency payments are processed through our self-hosted on-chain payment infrastructure. Payments are verified directly against public blockchain data (TronGrid, Blockstream, Etherscan, etc.). Only your wallet address and transaction hash are recorded. No personal data is transmitted to blockchain networks.
DNS, CDN, DDoS protection, and web application firewall. Processes IP addresses and request metadata to protect the platform from attacks and ensure availability.
Anonymised usage analytics to understand platform engagement. No personally identifiable information is shared with analytics providers.
We do not sell your personal data to any third party. We do not share your data with any party for their own marketing purposes.
5. Cookies and Tracking
We use cookies and similar tracking technologies to:
- Essential Cookies: Required for platform functionality, including authentication, session management, and security. These cannot be disabled.
- Preference Cookies: Remember your settings, language preferences, and display options.
- Analytics Cookies: Collect anonymised usage data to help us improve the platform. You can opt out of analytics cookies via your browser settings.
We do not use advertising or third-party tracking cookies. You can manage or delete cookies through your browser settings, but disabling essential cookies may affect platform functionality.
6. Data Retention
We retain your personal data for as long as your account is active or as necessary to provide the Service. Specific retention periods:
- Account data: Retained for the lifetime of your account plus 30 days after deletion request.
- Trading data: Retained for 24 months after your last platform activity for AI model training and audit purposes.
- Payment records: Retained for 7 years as required by financial regulations.
- Technical logs: Automatically purged after 90 days.
7. Your Rights
Depending on your jurisdiction, you have the following rights regarding your personal data:
- Right of Access: Request a copy of all personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Request deletion of your personal data (“right to be forgotten”), subject to legal retention requirements.
- Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
- Right to Restriction: Request limitation of processing of your data in certain circumstances.
- Right to Object: Object to processing of your data for direct marketing or based on legitimate interests.
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days of receiving your request.
8. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- Encryption of data in transit (TLS 1.3) and at rest (AES-256).
- Secure password hashing using industry-standard algorithms.
- Regular security audits and penetration testing.
- Access controls and principle of least privilege for internal systems.
- Cloudflare WAF and DDoS protection at the network edge.
While we take all reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.
9. GDPR Compliance
If you are located in the European Union or European Economic Area, the General Data Protection Regulation (GDPR) applies to our processing of your personal data. Our legal bases for processing include:
- Contract Performance: Processing necessary to fulfil our contractual obligations to you (e.g., providing the Service, managing your account).
- Legitimate Interest: Processing necessary for our legitimate business interests (e.g., fraud prevention, platform security, service improvement), balanced against your rights.
- Consent: Processing based on your explicit consent (e.g., marketing communications), which you may withdraw at any time.
- Legal Obligation: Processing required to comply with applicable laws and regulations.
You have the right to lodge a complaint with your local data protection authority if you believe your data has been processed unlawfully.
10. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally recognised transfer mechanisms.
11. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will take steps to delete such information.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised “Last updated” date and, where appropriate, by email notification. Your continued use of the Service after any changes constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: