Legal Documents

Our commitment to transparency and your rights

PRIVACY POLICY

Last Updated: July 13, 2025

1. Introduction

Toodegrees ("we," "us," or "our") is an Italy-based company that provides trading indicators for educational and informational purposes. We are committed to protecting the privacy and security of the personal information we collect from our users. This Privacy Policy outlines how we gather, use, and safeguard your information when you access or use our website, products, and services (collectively, the "Services").

By continuing to use our Services, you confirm that you have read, understood, and agreed to this Privacy Policy in full.

2. Information We Collect

2.1. Information You Provide

We collect the following information that you provide to us:

  • Contact information, such as your name and email address
  • Billing information submitted through our payment processor (we do not store payment data)
  • Your TradingView username, Discord handle, or other license identifiers
  • Support inquiries or messages you send through our contact channels

2.2. Information Collected Automatically

We also collect certain information automatically when you use our Services, including:

  • IP address, browser type, device model, operating system, and session timestamps
  • Usage data, such as pages visited, login times, access logs, and affiliate tracking information
  • Cookies or analytics IDs used for secure access and usage monitoring

Most of the data we collect is tied to and managed through your Whop profile, which serves as the primary identity and subscription layer for accessing our Services.

3. How We Use Your Information

We use the information we collect to:

  • Verify and manage your access to our charting tools via your Whop and TradingView accounts
  • Provide support, resolve issues, and respond to your inquiries
  • Monitor account usage, detect potential abuse, and enforce our licensing restrictions
  • Comply with tax, audit, and subscription processing requirements, as required by Italian law
  • Issue alerts, receipts, or essential service notifications

We do not sell your data, profile you, or use your information for automated decision-making.

4. Google Analytics

We use Google Analytics to help us understand how users interact with our website. Google Analytics may collect general site behavior data, such as pages visited and time on site, as well as browser and device information (with IP addresses anonymized where required). We use this information solely to improve our Services and do not use it to personalize ads or create user profiles.

You may prevent Google Analytics from tracking your future visits by disabling cookies in your browser settings. However, doing so may prevent parts of the Services from functioning correctly.

5. Cookies and Session Tracking

We use essential cookies and session identifiers to maintain login sessions, link affiliate referrals to valid conversions, and protect against unauthorized access or sharing. You can disable cookies via your browser settings, but this may prevent parts of the Services from functioning correctly.

6. Sharing of Information

We do not sell your personal information. We may share limited information only as required and under the following conditions:

  • With Whop, TradingView, or other integrated platforms necessary for access and verification
  • With vetted service providers involved in our technical infrastructure or email communications
  • If required by Italian or EU law, subpoena, regulatory request, or to comply with a legal obligation
  • To investigate abuse, fraud, or violations of our Terms of Service
  • In connection with a business transfer, such as a merger, acquisition, or reorganization
  • With Toodegrees team members or social media moderators

All third parties must process data only as instructed and maintain confidentiality.

7. Data Security

We implement appropriate security controls to protect your information, including role-based access control, logging and audit trails, and ongoing review of abuse signals and access anomalies. Although no system is completely immune to breaches, we take reasonable and proactive steps to secure all data within our control.

7.1. Data Breach Response and Notification

In the event of a data breach that compromises the security, confidentiality, or integrity of your personal information, we will:

  • Promptly investigate the incident and take necessary containment measures
  • Assess the nature and scope of the breach, including the types of information involved and the risk of harm
  • Notify affected individuals within 30 days of discovery, or as required by Italian or EU law, providing details about the breach and steps we are taking to mitigate potential harm
  • Report the breach to relevant regulatory authorities, if required by applicable laws
  • Implement additional security measures to prevent similar incidents in the future

We maintain a comprehensive Incident Response Plan that is reviewed and updated annually to ensure we can respond effectively to security incidents.

8. Data Retention

We retain your information only as long as necessary to:

  • Deliver our Services and maintain access verification
  • Respond to legal, tax, and financial audit requirements, as per Italian or EU regulations
  • Support fraud detection and historical access analysis

Typical retention periods include:

  • Access logs: Whop-dependent
  • Purchase metadata: 6-7 years, or as required by Italy or EU record-keeping laws
  • Support inquiries: 3 days

9. Your Rights

Subject to applicable laws, you have the following rights regarding your personal data:

  • Access: Request a copy of the information we hold
  • Correction: Update or correct any inaccurate details
  • Deletion: Request deletion of your data, where permissible
  • Withdraw Consent: Opt out of any optional communications
  • Object to Processing: Limit how your data is used under specific grounds
  • Portability: Request export of your data in a machine-readable format

To exercise your rights, please email [email protected]. We may require identity verification to process your request. We will respond to all legitimate requests within 30 days.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect data from minors. If we discover that a child has provided us with personal data without verified parental consent, we will delete the information promptly, as required by data privacy laws.

11. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. When updates are made, we will update the "Effective Date" at the top of this document and may notify you by email or dashboard notice (for material changes). Continued use of the Services after changes constitutes your acceptance of the revised policy.

12. Impact Assessments and Monitoring

We conduct periodic assessments of our data handling practices to ensure we collect only what is necessary, retain data only as long as justified, and process user information with integrity, security, and transparency. These assessments include:

  • Quarterly internal audits of data collection, processing, and storage practices
  • Annual comprehensive privacy impact assessments for all systems and processes
  • Monthly reviews of third-party data processors' compliance with our privacy standards
  • Bi-annual staff training on data protection and privacy best practices
  • Continuous monitoring of regulatory developments in Italy and the EU data privacy landscape

When issues or areas for improvement are identified during these assessments, we implement a structured remediation process that includes:

  1. Documenting the identified issue and its potential impact
  2. Developing a specific action plan with clear responsibilities and timelines
  3. Implementing necessary changes to policies, procedures, or technical systems
  4. Verifying the effectiveness of the implemented changes
  5. Updating relevant documentation and training materials

These regular assessments help us maintain compliance with Italy and EU data privacy regulations and demonstrate our ongoing commitment to protecting your personal information.

13. Governing Law and Dispute Resolution

13.1. Governing Law

This Privacy Policy and any disputes arising out of or related to it shall be governed by and construed in accordance with the laws of Italy and the European Union, without giving effect to any choice or conflict of law provision.

13.2. Dispute Resolution Process

In the event of any dispute, claim, question, or disagreement arising from or relating to this Privacy Policy or the breach thereof, the parties shall use their best efforts to settle the dispute through the following process:

  1. Informal Negotiation: We encourage users to contact us directly at [email protected] with any concerns or complaints. We will make good faith efforts to address your concerns promptly and fairly within 30 days of receipt.
  2. Mediation: If informal negotiation does not resolve the dispute within 60 days, either party may initiate mediation by providing written notice to the other party. The mediation shall be conducted in Italy by a mutually agreed-upon mediator, with costs shared equally between the parties.
  3. Litigation: If the dispute cannot be resolved through negotiation or mediation within 90 days of the initial notice, any legal suit, action, or proceeding arising out of or related to this Privacy Policy shall be instituted exclusively in courts located in Italy and each party irrevocably submits to the exclusive jurisdiction of such courts.

Nothing in this section shall prevent either party from seeking injunctive or other equitable relief from the courts for matters related to data privacy, intellectual property, or unauthorized access to the Services.

14. Contact Information

If you have any questions about this Privacy Policy or your data, please email us at: [email protected].

15. Frequently Asked Questions (FAQs)

Q: How do I know what information you have collected about me?

A: You can request a copy of your personal information by emailing [email protected] with the subject line "Data Access Request." We will verify your identity and provide the information within 30 days.

Q: How can I delete my account and all associated data?

A: To request deletion of your account and associated personal information, please email [email protected] with the subject line "Account Deletion Request." Please note that we may retain certain information as required by law or for legitimate business purposes.

Q: Will you notify me if there are changes to this Privacy Policy?

A: Yes. For material changes to this Privacy Policy, we will notify you via email or through a notice on our website before the changes become effective. We encourage you to periodically review this policy for the latest information on our privacy practices.

Q: How do you protect my payment information?

A: We do not store your payment information directly. All payment processing is handled by our secure third-party payment processors, who maintain PCI DSS compliance.

Q: What happens to my data if you go out of business or are acquired?

A: In the event of a merger, acquisition, bankruptcy, or other sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information.

Acknowledgment

By continuing to use our Services, you confirm that you have read, understood, and agreed to this Privacy Policy in full.