Privacy Policy

MarketTriage ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our weekly CFTC Commitment of Traders analysis newsletter and website.

Information We Collect

Newsletter Data

When you subscribe to our COT (Commitments of Traders) newsletter, we collect:

• Email address

Legal Basis: Consent (opt-in). You actively subscribe by entering your email address.

Data Retention: Your email address is retained until you unsubscribe. You can unsubscribe at any time via the link in every newsletter or by contacting us.

Technical Data

We automatically collect certain technical information:

• Browser type and version
• IP address (anonymized)
• Access times and pages visited

How We Use Your Information

We use the collected information to:

• Deliver our newsletter: Send weekly COT market analysis to subscribers
• Analyze traffic sources: Understand where visitors come from (with your consent via Google Analytics)
• Improve our service: Analyze usage patterns and optimize performance
• Comply with legal obligations: Meet regulatory requirements (GDPR)

Newsletter & Email Communications

We offer a weekly COT (Commitments of Traders) newsletter providing market analysis of institutional vs. retail positioning data. Subscribing is entirely optional and requires your explicit consent.

What We Collect

• Email address: The only personal data collected for the newsletter

How We Use It

• Deliver the weekly COT market analysis newsletter
• Send service-related updates about the newsletter (e.g., schedule changes)

We do not use your newsletter email for marketing other products, and we never share your email with third parties for their own marketing purposes.

How to Unsubscribe

• Click the unsubscribe link included in every newsletter email
• Contact us at support@markettriage.com

Upon unsubscribing, your email address is removed from our mailing list. Processing may take up to 48 hours.

Data Sharing and Third Parties

We share data only with essential service providers:

• Cloudflare: Infrastructure, CDN, and security services
• Google Analytics: Website traffic analysis (only with your explicit consent. IP addresses are anonymized.)
• Microsoft Clarity: Heatmaps and session recordings to improve user experience (only with your consent)
• Stripe: Payment processing for subscriptions
  • Data sent: Name, email, payment method details, billing address
  • Purpose: Process subscription payments and manage billing
  • Legal basis: Contract performance (Art. 6(1)(b) GDPR)
  • Data processing: EU/US under Stripe's DPA and Standard Contractual Clauses
  • Credit card details are processed directly by Stripe and never stored on our servers
  • Privacy policy: Stripe Privacy Policy
• Firebase Authentication (Google): User identity and sign-in
  • Data sent: Email, display name, OAuth provider tokens
  • Purpose: Authenticate users via Google, Apple, or email link sign-in
  • Legal basis: Contract performance (Art. 6(1)(b) GDPR)
  • Privacy policy: Firebase Privacy Policy
• Brevo: Email delivery for our COT newsletter
  • Data sent: Email address only
  • Purpose: Deliver weekly newsletter emails
  • Data processing location: EU (Brevo servers)
  • Privacy policy: Brevo Privacy Policy

Cookies and Tracking

We use cookies and browser storage to provide our service. We use Klaro, a privacy-friendly consent manager, to give you control over cookie preferences.

Types of Cookies We Use

• Essential Cookies (Required):
  • Cloudflare cookies: Security, DDoS protection, and performance
  • Session storage: Temporary data during your session
• Analytics Cookies (Optional, enabled by default):
  • Google Analytics: Tracks traffic sources and website usage
  • Microsoft Clarity: Heatmaps and session recordings

We do not use advertising cookies or cross-site tracking. All analytics cookies require your consent.

Google Analytics

We use Google Analytics 4 (GA4) to understand where our visitors come from and how they use our website. This helps us improve our service and understand which channels are most effective.

What Data is Collected

• Traffic sources: How you found us (organic search, social media, direct, referral)
• Website usage: Pages visited, time spent, navigation patterns
• Device information: Browser type, device type, screen resolution
• Geographic location: Country and city (derived from anonymized IP)
• User interactions: Clicks, scrolls, form submissions

Privacy Measures

• Consent required: Google Analytics only tracks you if you accept analytics cookies
• IP anonymization: Your IP address is anonymized before being sent to Google
• No personal data: We do not send personally identifiable information to Google Analytics
• Consent Mode V2: We use Google's latest consent framework for GDPR compliance
• Data retention: Analytics data is retained for 14 months, then automatically deleted

How to Opt-Out

You can control Google Analytics tracking in several ways:

• Cookie Settings: Decline analytics cookies in our cookie banner
• Browser Extension: Install Google Analytics Opt-out Browser Add-on
• Do Not Track: Enable "Do Not Track" in your browser settings

Data Processing Agreement

We have entered into Google's Data Processing Amendment for GDPR compliance. Your data is processed according to Google's Privacy Policy and the Google Analytics Terms of Service.

Payment Data

When you subscribe to a paid plan, payment processing is handled entirely by Stripe. Credit card numbers and payment credentials are never transmitted to or stored on Kolmira UG servers.

We store the following billing-related data in our database: subscription tier, billing status, billing period dates, and a Stripe customer reference ID. This data is necessary to provide and manage your subscription.

Retention: Billing data is retained for the duration of your subscription plus the legally required retention period for commercial records under German law (§257 HGB: 10 years for accounting records, §147 AO: 10 years for tax-relevant documents).

Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the following rights:

• Right to Access: Request a copy of your data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Opt out of certain data processing
• Right to Withdraw Consent: Revoke consent at any time

To exercise these rights, contact us at support@markettriage.com

Data Security

We implement industry-standard security measures:

• HTTPS encryption for all data transmission
• Secure Cloudflare Workers environment
• Regular security audits and updates

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

International Data Transfers

Your data may be processed in countries outside the EEA. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) with service providers
• Cloudflare's global compliance framework

Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a minor, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect the most recent changes. Continued use of our service after changes constitutes acceptance of the updated policy.