◆ PRIVACY · SHORT VERSION · WE COLLECT ALMOST NOTHING

YOUR VISIT IS MOSTLY YOUR BUSINESS.

TradingGuru is a static, paper-mode research site. It does not have user accounts, does not need cookies, and does not embed third-party analytics or advertising trackers by default. The only data the project necessarily sees is the nginx access log, and even that is minimised. Last reviewed: 2026-05-24.

WHAT IS COLLECTED

SERVER LOGS · NOTHING ELSE BY DEFAULT

CATEGORYWHATWHY
nginx access log Truncated IP (last octet zeroed), user-agent, timestamp, route, response code, byte count Operational — abuse mitigation, error triage, capacity planning
Server error log Stack traces and 5xx events Operational — debugging
Telemetry feed Per-account paper-mode state from the trading agent (not from visitors) That is the content of the site — it’s not about you
◆ NOTICE — IP truncation is performed at the log layer. The full IP is not stored at rest. If a content delivery network (CDN) is ever added in front of nginx, this page will be updated to describe what that CDN processes on the project’s behalf, before the change goes live.
WHAT IS NOT COLLECTED

NO COOKIES · NO TRACKERS · NO ACCOUNT DATA

NO COOKIES

The site sets no first-party cookies. Browser storage (localStorage / IndexedDB) is not used.

NO ANALYTICS

No Google Analytics, no Plausible, no Fathom, no Mixpanel, no Posthog — by default. If that ever changes, this page will list the vendor and the data they receive.

NO TRACKERS

No Meta Pixel, no Google Ads tags, no LinkedIn Insight tag, no TikTok Pixel, no third-party fingerprinting scripts.

NO ACCOUNT DATA

There are no user accounts. There are no sign-ups. There is no email list. Nothing for the site to forget about you because nothing was stored.

NO PII SOLD

Nothing about you — truncated IP, user-agent, route, time — is ever sold, traded or rented to a third party. There is no commercial pipeline for it.

FONTS

Fonts are loaded from Google Fonts. This causes a request from your browser to fonts.googleapis.com. If that is unacceptable, please block the request via browser settings; the site still renders with system fonts.

RETENTION & DELETION

SHORT WINDOWS · NO BACKDOORS

DATARETENTIONDELETION
nginx access logRotated daily, retained 14 daysAutomatic via logrotate
Server error logRotated daily, retained 30 daysAutomatic via logrotate
Email correspondenceIndefinite (operator’s inbox)On request — see /contact
◆ NOTICE — If a regulator or court order requests access to server logs, the project will comply with applicable law in its jurisdiction. There is no “warrant canary” on this site at this time.
YOUR RIGHTS

GDPR · CCPA · ETC.

Because the project does not store personally-identifying information beyond truncated server logs, most data-subject requests resolve to “there is nothing on file matching that identifier.” You may still ask. Use /contact and prefix the subject with [DATA REQUEST].

RIGHT TO ACCESS

You can request what — if anything — the project holds about you. Usually the answer is “truncated log lines from your IP block” or nothing.

RIGHT TO ERASURE

You can request deletion of any email correspondence. Server logs are auto-rotated within the windows above.

RIGHT TO OBJECT

You can ask the project to stop processing your data in a specific way. Given the minimal collection, this typically resolves to “already done.”

NOT-A-LAWYER NOTE

This page is plain-English. It is not legal advice. If you need a formal disclosure for compliance, use /contact.