VortexTick VORTEX TICK
PRICING

Legal · Document 2 of 5

Privacy Policy

Effective Date: July 2, 2026

This Privacy Policy explains what VortexTick Technology Inc. collects, why we collect it, and the choices you have. It applies to vortextick.com and the VortexTick terminal. We built this platform for traders who take operational security seriously, and this policy is written to the same standard: specific, short, and free of surprises.

1. What We Collect

2. What We Do With It

We use your data to operate the Platform (authentication, order routing, risk enforcement, journaling), to bill subscriptions, to secure the service (fraud, abuse, and intrusion detection), to comply with law, and to communicate service notices. We do not sell or rent personal information, and we do not share your trading records with prop firms, brokers, or any third party except as directed by you or required by law.

3. Legal Bases

Where the GDPR or similar law applies, we process data to perform our contract with you (Art. 6(1)(b)), to satisfy legal obligations (6(1)(c)), and for legitimate interests in securing and improving the service (6(1)(f)), balanced against your rights.

4. Service Providers

We share data only with processors necessary to run the service: our hosting provider (Ratel PaaS), our payment processor (Stripe), an SMS delivery provider (for verification codes), and market-data/broker connectivity partners (which receive order instructions, not your identity documents). Each is bound by contract to process data only on our instructions.

5. Retention

Account and journal data are retained while your account is active. After account deletion, personal data is removed or irreversibly anonymized within 30 days, except: audit-ledger entries and billing records retained as required for security forensics, tax, and accounting (up to 7 years), and data we must preserve for legal holds. Trade records may be retained in anonymized form for aggregate service analytics.

6. Security

Security measures include Argon2id password hashing, mandatory multi-factor authentication (SMS plus TOTP), TLS on all connections, zero-residual in-memory handling of broker secrets, time-ordered UUIDv7 identifiers, least-privilege infrastructure isolation, and an immutable audit ledger. No system is impenetrable; we will notify affected users and regulators of any qualifying breach as required by law.

7. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, export, restrict, or delete your personal data, and to object to certain processing. Exercise them by emailing privacy@vortextick.com from your registered address; we respond within 30 days. You may also lodge a complaint with your local supervisory authority. We do not discriminate against users who exercise privacy rights.

8. International Transfers

Our infrastructure is operated in data centers that may be located outside your country. Where required, transfers are protected by standard contractual clauses or equivalent safeguards.

9. Children

The Platform is not directed to persons under 18, and we do not knowingly collect data from them. If you believe a minor has created an account, contact privacy@vortextick.com and we will delete it.

10. Changes and Contact

We will post any revision here with a new effective date and, for material changes, notify you by email or in-terminal notice before it takes effect. Questions: privacy@vortextick.com · VortexTick Technology Inc.