Privacy Policy
Last updated: 25 March 2026
StratosIQ reserves the right to update this Privacy Policy at any time. The current version will always be published at this URL with the date of last update. Your continued use of the platform following any update constitutes acceptance of the revised Privacy Policy.
1. Data Controller
[STRATOSIQ_ENTITY_NAME]
UEN: [UEN_NUMBER]
[REGISTERED_ADDRESS]
support@stratosiq.trade
[STRATOSIQ_ENTITY_NAME] is the data controller for the personal data described in this policy.
Responsibility for data protection compliance has been designated internally. You may contact our designated data protection contact at support@stratosiq.trade for any data protection queries.
2. Scope
This policy applies to personal data processed through the StratosIQ website (stratosiq.trade) and related services, including the Patrol, Strike, and Recon quantitative analysis model outputs.
3. Categories of Personal Data Collected
| Category | Examples |
|---|---|
| Account data | Name, email address, authentication provider (Google or email), account creation date |
| Usage data | Pages visited, product selections, preference settings, session/auth status |
| Payment data | Subscription status, payment metadata (processed by Stripe; we do not store full card numbers) |
| Communications data | Waitlist/signup consent records, support correspondence |
| Notification data | Telegram identifier (if you enable Telegram notifications) |
4. Purposes and Legal Bases
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Account creation and authentication | Performance of contract / pre-contractual steps (Art. 6(1)(b)) |
| Subscription billing and invoicing | Performance of contract (Art. 6(1)(b)) / Legal obligation (Art. 6(1)(c)) |
| Essential service communications (e.g. password reset, account alerts) | Performance of contract (Art. 6(1)(b)) |
| Optional marketing and waitlist emails | Consent (Art. 6(1)(a)) |
| Security, fraud prevention, abuse prevention | Legitimate interests (Art. 6(1)(f)) |
| Bookkeeping, tax, legal compliance | Legal obligation (Art. 6(1)(c)) |
| Preference storage (e.g. UI settings, product selections) | Legitimate interests (Art. 6(1)(f)) or Consent (Art. 6(1)(a)) |
5. Third-Party Processors
| Processor | Purpose | Data location |
|---|---|---|
| Cloudflare (Workers, Pages) | Website hosting, edge delivery, session handling | US / EU |
| Resend | Transactional and notification email delivery | US |
| Stripe | Payment processing | US |
| Google (OAuth, Sheets) | Authentication, customer management sync | US |
| Telegram | Notification delivery (only if user enables) | Various |
| [ADDITIONAL_PROCESSORS_TO_CONFIRM] | ||
6. International Data Transfers
Some of our processors are based outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs) or the processor's participation in an approved transfer mechanism.
[Transfer mechanisms to be confirmed for each processor by legal counsel.]
7. Retention Periods
| Data category | Retention period |
|---|---|
| Account data | While account is active + [12 months] after closure |
| Billing and invoicing records | [5 years] (Danish bookkeeping obligation — bogføringsloven) |
| Authentication and security logs | [6 months] |
| Marketing consent records | Until withdrawal + [12 months] evidence retention |
| Support correspondence | [24 months] from resolution |
[Retention periods are scaffolds and must be confirmed by legal counsel.]
8. Your Rights Under GDPR
Under the General Data Protection Regulation, you have the following rights regarding your personal data:
- Access — Request a copy of the personal data we hold about you.
- Rectification — Request correction of inaccurate or incomplete data.
- Erasure — Request deletion of your data where there is no compelling reason for continued processing.
- Restriction — Request that we limit how we process your data in certain circumstances.
- Data portability — Receive your data in a structured, commonly used, machine-readable format.
- Objection — Object to processing based on legitimate interests.
- Withdraw consent — Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at support@stratosiq.trade. We will respond within 30 days.
Please note that a reasonable administrative fee may be charged for processing access requests. If a fee applies, we will inform you of the amount before processing your request.
9. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Danish Data Protection Agency:
Datatilsynet
https://www.datatilsynet.dk
10. No Sale of Personal Data
[STRATOSIQ_ENTITY_NAME] does not sell, rent, or trade your personal data to third parties.
11. Data Breach Notification
In the event of a personal data breach, StratosIQ will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where required by applicable law. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.
12. California / CCPA Notice
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete personal information, and the right to opt out of the sale of personal information. StratosIQ does not sell personal information. To exercise your rights, contact support@stratosiq.trade.
13. Cookies
For details on how we use cookies and similar technologies, see our Cookie Policy.
14. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated via the website or email. The "Last updated" date at the top of this page reflects the most recent revision.
15. Contact
[STRATOSIQ_ENTITY_NAME]
UEN: [UEN_NUMBER]
[REGISTERED_ADDRESS]
support@stratosiq.trade