atredactur PRO
Privacy Policy
How atredactur collects, uses, and protects your data. עברית
Last updated: April 25, 2026
1. Introduction
atredactur ("we", "our", "the Service") is an educational trading platform focused on ICT and Smart Money Concepts. This policy describes what data we collect, how we use it, and your rights. We operate in compliance with the Israeli Protection of Privacy Law 5741-1981, the Data Security Regulations 5777-2017, and — for EU users — the General Data Protection Regulation (GDPR).
The Service is available as a website (atredactur.com) and as native apps for iOS (via the Apple App Store) and Android (via Google Play). This policy applies to all of them.
2. Data We Collect
Account data (when you sign up)
- Email address
- Encrypted password (we never see it in plaintext)
- Display name (optional)
- Onboarding responses: experience level, preferred strategy
Usage data (stored under your account)
- Trades you log in the journal (asset, entry/exit prices, stop loss, take profit, setup, notes, screenshots if you upload them)
- Long-term investments you track
- Trivia and daily quiz results
- App preferences (language, theme, accessibility settings)
Subscription & billing data
- iOS users: Apple is the merchant of record. Apple bills you, retains your payment details, and sends us only the product ID, anonymous transaction ID, and entitlement status. We never see your credit card or Apple ID payment details.
- Web users: billing handled by our payment processor (currently in development). We will receive transaction status, last 4 digits of the card, and billing country. We never store full card numbers — they are tokenized by the processor.
- Subscription status (active, trialing, cancelled, expired) and renewal date.
AI Coach & AI Analyst data
- When you trigger the AI Coach, we send a compressed summary of your last 50 trades (no images, no real names) to Anthropic for analysis. The summary is processed in real time and not retained by us beyond the response.
- When you upload a chart screenshot to the AI Analyst, the image is sent to our AI provider for analysis and not stored after the response is returned.
- A counter of your daily AI Coach usage is stored under your account (used for rate limiting). It contains no content of the analysis itself.
Technical data
- Basic anonymous analytics (page views, device type, language) via Google Analytics 4
- Error logs (no personal content, for debugging)
- On iOS: device identifier used by RevenueCat for receipt validation (not used for advertising, not shared)
3. How We Use Your Data
- To provide the service: store your trades, quiz history, and preferences so they are available across your devices.
- To improve the product: understand aggregate usage patterns (never individual behavior) to prioritise features.
- For AI features: chart analysis (Groq), trade-journal coaching (Anthropic Claude), and natural-language Q&A. Each is invoked only when you actively use the feature.
- To process subscriptions: confirm purchase status, manage renewals, restore purchases on a new device.
- To send authentication emails: verification, password reset.
- To comply with legal obligations: e.g. retaining tax invoices issued via the App Store or our payment processor.
We do not sell your data. We do not share it with advertisers or third-party marketers. We do not use your trades to train any AI model.
4. Third-Party Services
The Service relies on the following data processors. Each is bound by contract to use the data only for the specified purpose.
- Supabase (Supabase Inc.) — authentication, profile storage, and encrypted database (EU region).
- Vercel (Vercel Inc.) — hosting, CDN, and serverless functions.
- Anthropic (Anthropic, PBC) — AI Coach. Receives a compressed, non-identifying summary of your trade journal when you actively run an analysis. Anthropic's policy: anthropic.com/legal/privacy.
- Groq (Groq Inc.) — AI chart analysis & in-app Q&A.
- Apple App Store & RevenueCat — subscription billing and entitlement management for iOS users. RevenueCat receives an anonymous app-user ID and the transaction status; it does not see your name, email, or card details.
- PayPlus (PayPlus Ltd.) — payment processor for direct web subscriptions (when activated). We will only receive transaction status and the last 4 digits of the card; full card details remain with PayPlus and are governed by PCI-DSS.
- Stripe (Stripe Payments Europe Ltd.) — currently inactive; reserved for future international web subscriptions.
- Google Analytics 4 — anonymous usage statistics. IP-anonymisation is enabled.
- Hostinger SMTP — delivery of authentication emails only.
5. Data Retention
We retain your account data for as long as your account is active. You can delete your account at any time from Settings → Manage Account → Delete Account. Upon deletion, all your personal data is permanently removed within 30 days from both our active systems and our backups.
Tax invoices and subscription transaction records are retained for the period required by law (7 years under Israeli tax law and equivalent EU regulations). These records contain only the amount, date, and counterparty (Apple Distribution International / PayPlus), not the personal identity of the underlying end user where the merchant of record is a third party.
6. Your Rights
Under the Israeli Protection of Privacy Law and the GDPR (for EU residents) you have the following rights:
- Access: request a copy of all data we hold about you.
- Rectify: update inaccurate personal information from your profile.
- Delete: remove your account and data (Settings → Manage Account → Delete).
- Export: download your trade journal as CSV from the Journal page.
- Restrict processing: ask us to stop processing your data while a complaint is being investigated.
- Object: object to processing based on our legitimate interest (e.g. analytics).
- Withdraw consent: opt out of analytics via the in-app cookie banner or your browser's Do-Not-Track setting.
- Lodge a complaint: with the Israeli Privacy Protection Authority or, for EU residents, your local Data Protection Authority.
To exercise any of these rights, email hello@atredactur.com. We respond within 30 days.
7. International Data Transfers
Some of our processors are located outside Israel and the EU (Anthropic, Groq, Apple, RevenueCat — all in the United States). Where the destination country does not have an adequacy decision, transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission and the Israeli Privacy Protection Authority.
8. Security
All data is transmitted over TLS (HTTPS). Passwords are hashed with bcrypt. Database access is restricted by row-level security — you can only access your own data. We conduct periodic security reviews. In the unlikely event of a personal-data breach, affected users will be notified within 72 hours, as required by GDPR Article 33 and the Israeli Data Security Regulations.
9. Children
atredactur is not directed at children under 13. Trading content is appropriate for audiences 17 and older. We do not knowingly collect data from users under 13. If you believe we have inadvertently collected such data, contact us immediately and we will delete it.
10. iOS App-Specific Notice
The iOS app uses Apple's StoreKit framework for In-App Purchases via RevenueCat. We do not use the IDFA (Identifier for Advertisers), Apple's tracking framework, or any cross-app tracking. The app does not require permission under the App Tracking Transparency framework. Required-reason API declarations are listed in our PrivacyInfo.xcprivacy file shipped with the app.
11. Changes to This Policy
We may update this policy. Material changes will be announced in-app and via email. The "Last updated" date above reflects the latest revision.
12. Contact
For any privacy question, data request, or complaint: