Privacy Policy
Last updated: February 2026
Elite Trading Academy ("we", "us", "our") respects your privacy and is committed to protecting the personal data you share with us. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
1. Data We Collect
Information You Provide
- Account information: Name, email address, and password (stored as a secure hash) when you create an account.
- Profile information: Country of residence, preferred currency, and optional tax ID (NIT) for invoicing purposes.
- Payment information: Payment details are collected and processed directly by our payment providers (Stripe and NOWPayments). We do not store your credit card numbers or cryptocurrency wallet addresses on our servers.
- Course activity: Lesson completion status, quiz scores, assessment scores, workbook progress, and community forum posts.
Information Collected Automatically
- Usage data: Pages visited, features used, time spent on lessons, and general interaction patterns with the platform.
- Technical data: Browser type, operating system, device type, and IP address (for security and fraud prevention).
2. How We Use Your Data
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account creation and management | Name, email, password hash | Contract performance |
| Delivering course content and tracking progress | Account info, course activity | Contract performance |
| Processing payments and generating invoices | Name, email, country, tax ID, currency | Contract performance, legal obligation |
| Customer support | Name, email, account data | Contract performance |
| Platform security and fraud prevention | IP address, technical data | Legitimate interest |
| Service improvements | Aggregated usage data | Legitimate interest |
3. Third-Party Services
We use the following third-party services to operate the platform. Each has its own privacy policy governing how they process your data:
- Stripe (stripe.com/privacy) — Processes credit and debit card payments. Stripe receives your payment card details directly; we only receive a confirmation of payment status and a customer identifier.
- NOWPayments (nowpayments.io/privacy-policy) — Processes cryptocurrency payments. NOWPayments handles the crypto transaction; we receive payment confirmation and a transaction identifier.
- Cloudflare (cloudflare.com/privacypolicy) — Hosts our platform, serves our content, and provides DDoS protection and CDN services. Cloudflare may process your IP address and request metadata as part of their infrastructure services.
We do not sell, rent, or trade your personal data to any third party for marketing or advertising purposes.
4. Cookies and Local Storage
Our platform uses the following browser storage mechanisms:
- Authentication token: A JWT token stored in your browser's local storage to keep you logged in between sessions. This is essential for the platform to function.
- Preference settings: Your selected currency and display preferences may be stored locally for convenience.
We do not use third-party tracking cookies or advertising cookies. We do not use analytics tracking scripts such as Google Analytics.
5. Data Retention
- Account data: Retained for as long as your account is active, plus 12 months after account closure to allow for reactivation.
- Payment and invoice records: Retained for a minimum of 5 years after the transaction date, as required by tax and accounting regulations.
- Course progress data: Retained for as long as your account is active. Deleted upon account deletion request (subject to invoice retention requirements).
- Community posts: Retained for as long as the content is relevant. Posts may be anonymized rather than deleted to preserve discussion context for other students.
6. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of any inaccurate or incomplete personal data.
- Deletion: Request deletion of your personal data (subject to legal retention requirements for payment records).
- Data portability: Request your data in a structured, machine-readable format.
- Restriction: Request restriction of processing in certain circumstances.
- Objection: Object to processing based on legitimate interests.
To exercise any of these rights, contact us through the platform or at the email address provided on our website. We will respond to your request within 30 days.
7. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Passwords are hashed using bcrypt before storage (we never store plaintext passwords).
- All data is transmitted over HTTPS/TLS encryption.
- Authentication uses signed JWT tokens with expiration.
- Payment data is handled directly by PCI-compliant payment processors (Stripe).
- Database access is restricted through Cloudflare Workers bindings.
8. Children's Privacy
Our Service is not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 18, we will take steps to delete that information.
9. International Data Transfers
Your data may be processed in countries other than your country of residence through our use of Cloudflare's global infrastructure and third-party payment processors. These transfers are protected by the security measures described in this policy and the respective data protection practices of our service providers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically. Continued use of the Service after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us through the platform or at the email address provided on our website.