1. Data controller

MindMarketEdge is operated from Spain and acts as the data controllerfor information processed through the Site. Email: support@mindmarketedge.com. Supervisory authority: Agencia Española de Protección de Datos (AEPD), Calle Jorge Juan 6, 28001 Madrid.

2. Scope

This Policy applies to data collected online via the Site and through our customer-support channels. It does not cover third-party websites or services that may integrate with MME (e.g. TradingView, Stripe).

3. Data we collect

• Account Data — name, email, hashed password, time-zone, subscription tier.
• Billing Data — cardholder name, partial card digits, billing address (processed by Stripe; we never store full card numbers).
• Usage Data — IP address, rough geolocation (city), device/browser type, pages viewed, clicks, referring URL.
• Communication Data — emails, live-chat messages, survey responses, support tickets.
• Cookie & Tracking Data — see our Cookie Policy.
• Marketing Preferences — email-newsletter opt-in status, unsubscribe history.

4. How we use your data

• Create, authenticate & manage your account.
• Process payments & detect fraud.
• Provide personalised dashboards, saved layouts & dark/light theme.
• Analyse Site performance & improve features.
• Respond to enquiries & provide customer support.
• Send service emails (receipts, technical notices) and—only with your consent—marketing updates. You can opt out at any time.
• Comply with legal obligations (tax, accounting, security).

5. Legal bases (GDPR Art. 6)

• Contract — account creation, subscription delivery.
• Legitimate Interests — analytics, security, product improvement.
• Consent — non-essential cookies, marketing emails.
• Legal Obligation — invoicing, fraud-screening, regulatory compliance.

6. Who we share data with

• Cloud & infrastructure — Vercel (hosting), Supabase (database), AWS (object storage).
• Analytics — Plausible Analytics (self-hosted EU instance, no cookies).
• Payments — Stripe (PCI-DSS compliant).
• Customer support — HelpScout, encrypted in transit.
• Affiliates / Ad-partners — none at present; if that changes we will update this Policy.
• Legal / authorities — when compelled by court order or to prevent fraud/abuse.

7. International transfers

Some vendors operate outside the EEA. When data leaves the EEA we rely on EU Standard Contractual Clauses, UK Addendum or an adequacy decision. Copies of SCCs are available on request.

8. Security measures

Data in transit is protected by TLS 1.3; data at rest is encrypted with AES-256. Access is restricted by role-based permissions and MFA. Annual penetration tests and quarterly vulnerability scans are performed. No system is perfectly secure, but we follow industry best-practice.

9. Data retention

Account & billing records: active + 6 years (tax). Analytics logs: 24 months. Support emails: 36 months. We erase or anonymise data earlier upon valid deletion request—unless law requires retention.

10. Your rights

You may:

• Request access to the personal data we hold.
• Correct inaccurate or incomplete data.
• Erase data (right to be forgotten).
• Restrict or object to processing.
• Receive data in portable format (CSV/JSON).
• Withdraw consent at any time (marketing / cookies).
• Lodge a complaint with the AEPD or your local authority.

11. Automated decision-making

MME does not use your personal data for fully automated decision-making that produces legal or similarly significant effects.

12. Children’s privacy

The Site is not directed at children under 18. We do not knowingly collect personal data from minors. If you believe a child has provided us data, contact us and we will delete it.

13. Changes to this Policy

We will update this Privacy Policy when our practices change or to remain compliant. Material changes will be announced via the Site or email. The version number & date at the top indicate the latest revision.

14. Contact & DPO

For privacy questions or data-subject requests email support@mindmarketedge.com. Data-Protection Officer (DPO): not yet appointed; enquiries handled by the privacy team.