Privacy Policy

This Privacy Policy explains how LiquiCharts collects, uses, shares and protects personal data when you visit our website and use our charting and market-analytics services (the “Service”). We are committed to handling your data lawfully and transparently, in line with the UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection (the “UAE PDPL”).

1. Who we are (Data Controller)

The controller responsible for your personal data is LiquiCharts FZC, Business Center, Sharjah Publishing City Free Zone, Sharjah, United Arab Emirates (“LiquiCharts”, “we”, “us”).

For any privacy question or to exercise your rights, contact us at privacy@liquicharts.com.

2. The personal data we collect

We collect only what we need to run the Service. Specifically:

• Account and identity. Your email address and username. Authentication is handled by our identity provider; your password is set and stored only by that identity system in hashed form — we never see, receive or store your password.
• Billing and subscription. Your payment-provider customer reference, your subscription plan and status, and your transaction and invoice history (amounts, currency, dates). Your card details are entered directly with our payment provider and are never transmitted to or stored on our servers.
• Technical and usage data. Your IP address, browser user-agent, and a log of account events (for example sign-ups, log-ins, subscription changes and alert events). IP address and user-agent are treated as personal data.
• Approximate location. We derive an approximate country from your IP address using an offline database held on our own servers, solely to suggest a default billing currency. Your IP address is not sent to any third party for this purpose.
• Messaging (optional). If you choose to link our messaging bot, we store the messaging chat identifier needed to deliver the alerts you request. This is entirely opt-in and you can unlink it at any time.
• Communications. The transactional emails we send you (for example welcome messages, receipts and cancellation notices).
• Optional programmes. If you take part in any optional referral or revenue-share programme we may offer, we additionally process the payout balances and the payment/withdrawal details you provide for that purpose.

We do not knowingly collect special categories of data (such as health, religion or biometric data), and we do not ask you for them. The Service is not a brokerage and does not connect to your trading accounts, so we do not receive your trading account credentials, balances or brokerage statements.

3. Why we use your data and our legal bases

• To provide the Service, your account and your subscription. Legal basis: performance of our contract with you.
• To keep financial, tax and accounting records. Legal basis: compliance with a legal obligation.
• To keep the Service secure — audit logging, fraud and abuse prevention, and rate-limiting. Legal basis: our legitimate interests in protecting the Service and our users.
• For analytics and any marketing emails. Legal basis: your consent, which you can withdraw at any time without affecting prior processing.

4. Cookies and analytics

We use a small number of cookies and similar technologies, including strictly necessary cookies (such as your encrypted session) and analytics cookies. For the full list and durations, see our Cookie Policy.

5. Who we share your data with

We do not sell your personal data. We share it only with service providers (processors) who help us run the Service, each bound by a data-processing agreement and permitted to use it only on our instructions:

• Stripe — payment processing and subscription billing. See Stripe’s privacy policy.
• Google Analytics (Google Ireland Ltd / Google LLC) — website analytics. See Google’s privacy policy.
• Brevo — delivery of transactional emails. Processed in France. See Brevo’s privacy policy.
• Telegram — delivery of alerts, only if you opt in to link the bot. See Telegram’s privacy policy.
• Hetzner — hosting and infrastructure. Located in Germany.
• Our own first-party systems — we self-host our identity and logging/observability systems on our own infrastructure. These logs may contain IP addresses, as described above.

Our charting interface uses the TradingView charting library, which runs in your browser. It may set its own local storage and make its own requests; its behaviour is governed by TradingView’s own terms and privacy policy.

We may also disclose data where required by law, to enforce our terms, or to protect our rights, users or the public.

6. How long we keep your data

• Account data: for as long as your account is active, and for up to 30 days after you close it.
• Financial and transaction records: 7 years, to meet tax and accounting obligations.
• Security and activity logs (IP, user-agent, events): up to 90 days.
• Analytics data: up to 14 months.
• Messaging link: until you unlink the bot or close your account.

When you ask us to erase your account, we delete your account and personal identifiers. We retain the financial transaction records we are legally required to keep, but we remove your identity from them so they can no longer be linked to you.

7. Your rights

Subject to applicable law, you have the right to:

• access the personal data we hold about you, and receive a copy;
• have inaccurate data corrected;
• have your data erased (the “right to be forgotten”), subject to our legal retention duties;
• restrict or object to certain processing, including processing based on our legitimate interests;
• receive your data in a portable, machine-readable format;
• withdraw any consent you have given, at any time.

To exercise any of these rights, email privacy@liquicharts.com. We will respond within one month. You also have the right to lodge a complaint with the UAE Data Office.

8. How we protect your data

We use encryption in transit (HTTPS), encrypted and signed session cookies, and access controls. Passwords are handled and hashed by our identity provider, and card data is isolated entirely within our PCI-DSS-compliant payment provider (we operate under PCI SAQ-A, meaning card data never reaches our servers).

9. Children

The Service is intended for adults (18 years or older) and is not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us data, contact us and we will delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version here and revise the “Last updated” date, and we will notify you of material changes where required.

11. Contact

Questions about this policy or our data practices can be sent to privacy@liquicharts.com.