Privacy Policy

NeuraEdge operates the GEX/SIG platform at neuraedge.app and beta-gex-dashboard.vercel.app. References to "NeuraEdge," "we," "us," or "our" in this policy refer to the NeuraEdge platform and its operator.

For any privacy-related questions or requests, contact us at: support@neura-edge.com

We collect the minimum data necessary to operate the platform securely:

• Email address — collected at signup, used for authentication, account management, and product communications
• Password — never stored in plaintext. Hashed and salted using bcrypt via Supabase Auth before storage. We cannot read your password
• Session tokens — generated on login, stored in your browser's local storage, used to authenticate your dashboard sessions
• Device session records — we log up to 3 concurrent active sessions per account (device type, session timestamp, last activity) to enforce our concurrent session policy
• Consent timestamp — we record the date and time you accepted our disclaimer and terms at signup
• Beta qualification responses — your answers to the 4 onboarding questions used to assess platform fit (stored to determine waitlist vs. approved status)
• Email watermark — your email is injected into the dashboard UI at low opacity as an IP protection measure

We do not collect your trading account data, brokerage credentials, financial information, or any data from your trading platform.

Your data is used exclusively for the following purposes:

• Authentication — verifying your identity on login and across dashboard sessions
• Account management — approving or waitlisting your application, managing your subscription status
• Session enforcement — limiting concurrent sessions to 3 devices per account per our terms of service
• Product communications — sending account approval emails, trial reminders, and critical platform updates via Resend
• IP protection — the email watermark in the dashboard serves as a deterrent against unauthorized screen sharing or content redistribution
• Platform improvement — aggregate, non-identifiable usage patterns may be reviewed to improve the product

We do not use your data for advertising, profiling, or any purpose not listed above.

We use the following third-party services to operate the platform. Each has access to only the data necessary to perform their function:

• Supabase — database and authentication infrastructure. Stores your email, hashed password, session records, approval status, and consent timestamp. Hosted in the US (East). Supabase Privacy Policy →
• Resend — transactional email delivery. Receives your email address to send account approval and access emails. Resend Privacy Policy →
• Stripe — subscription billing and payment processing. Handles payment data directly; we do not store your credit card or billing information. Stripe Privacy Policy →
• Vercel — platform hosting and serverless API functions. May log request metadata (IP address, timestamp) for infrastructure purposes. Vercel Privacy Policy →

We do not sell, rent, or trade your personal data to any third party.

Your password is never stored in plaintext at any point in our system. When you create an account, your password is immediately hashed and salted using bcrypt via Supabase Auth — an industry-standard, one-way cryptographic process — before being written to our database.

This means:

• We cannot read, retrieve, or recover your password
• Even in the unlikely event of a database breach, your raw password is not exposed
• Our support team will never ask you for your password

If you forget your password, you must reset it via the password reset flow — it cannot be looked up or recovered.

We retain your data for as long as your account is active or as needed to provide the service:

• Active accounts — data retained for the duration of your subscription
• Cancelled accounts — account data retained for up to 90 days post-cancellation, then deleted
• Inactive sessions — device session records expire automatically after 7 days of inactivity
• Waitlisted accounts — retained indefinitely unless you request deletion
• Consent records — retained permanently as a legal record of agreement to our terms

NeuraEdge does not use tracking cookies or advertising cookies of any kind.

We use browser local storage to maintain your authenticated session between page loads. This stores your session token and email address locally on your device so you remain logged in across visits. This data stays on your device and is only transmitted to our servers for session validation.

Clearing your browser's local storage will log you out of the dashboard.

You have the following rights regarding your personal data:

• Access — you may request a copy of the personal data we hold about you
• Correction — you may request correction of inaccurate data (e.g., email address)
• Deletion — you may request deletion of your account and associated data at any time
• Portability — you may request your data in a portable format
• Objection — you may object to specific uses of your data

To exercise any of these rights, email us at support@neura-edge.com. We will respond within 30 days.

Note: deletion of your account will result in permanent loss of your founding member rate and dashboard access.

NeuraEdge GEX/SIG is intended for adults aged 18 and older. We do not knowingly collect personal data from anyone under the age of 18. If you believe a minor has created an account, please contact us at support@neura-edge.com and we will delete the account promptly.

We may update this privacy policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If changes are material, we will notify active subscribers via email.

Continued use of the platform after changes are posted constitutes acceptance of the updated policy.

For any privacy questions, data requests, or concerns, contact us at:

support@neura-edge.com