Privacy Policy

1. Summary

• GammaLedger does not operate hosted trading accounts and does not intentionally collect your full trade journal on our servers.
• Most app data is stored locally in your browser or in files you import or export.
• Optional integrations, including market data APIs and AI providers, may send selected data from your device to third parties you configure.
• Public project interactions, such as GitHub issues and pull requests, are visible to others.
• We do not sell personal information or use trading records for advertising.

2. Scope

This Policy applies to GammaLedger-controlled websites and project materials. It does not apply to third-party websites, brokers, exchanges, API providers, AI providers, GitHub, hosting providers, package registries, or self-hosted deployments operated by someone else. Those services are governed by their own terms and privacy policies.

3. Information We Handle

Depending on how you use GammaLedger, the following information may be handled:

• Local app data: Trades, positions, notes, strategies, settings, imported broker files, generated reports, screenshots prepared for import, and exported backups that you store on your device or in browser storage.
• API credentials: Optional API keys for services such as Finnhub or Gemini-compatible AI providers. These keys are stored locally and may be encrypted when browser cryptography is available. If browser cryptography is unavailable, local fallback storage may be less protected.
• Third-party request data: Tickers, API keys, market-data queries, provider settings, prompts, portfolio snapshots, chat history, screenshots, metadata, and other request content sent to providers when you enable optional integrations.
• Website data: Basic technical logs and analytics that may include IP address, browser type, device information, pages visited, referring URLs, timestamps, and error information collected by hosting, DNS, CDN, or analytics providers.
• Project communications: Public GitHub issues, pull requests, comments, profile information, email or contact information you choose to provide, and other communications with maintainers.

4. Local Storage and Device Control

GammaLedger primarily stores app data under browser storage keys and in files you control. We generally cannot access, recover, delete, correct, or back up data that remains only on your device.

You can remove local app data by using in-app controls where available, clearing browser storage for GammaLedger, deleting exported files, removing saved API keys, or uninstalling local/self-hosted copies. These actions may permanently delete your data.

Your browser, operating system, backup software, cloud sync provider, endpoint security tools, employer device management, or other local software may access, copy, sync, or delete local GammaLedger data according to your configuration.

5. Optional Integrations and External Transfers

If you enable optional integrations, selected data may leave your device:

• Market data providers: Requests may include API keys, ticker symbols, date ranges, and other query parameters. Providers may return prices, news, fundamentals, recommendations, company profiles, earnings data, or other information.
• AI providers: Requests may include your prompt, chat history, portfolio summaries, open position snapshots, imported screenshot images, filenames or metadata, and other context needed to generate a response or extract draft trade rows.
• GitHub and community tools: Information you submit in issues, pull requests, discussions, or repositories may be public and indexed by search engines.

Third-party providers may process, store, log, transfer, or use submitted data according to their own policies. Do not enable an integration or submit information to a provider unless you are comfortable with that provider's terms, privacy policy, data retention practices, security controls, and jurisdictional transfers.

6. How We Use Information

We may use information we can access to:

• Operate, maintain, secure, debug, and improve the website and project.
• Respond to issues, pull requests, support requests, security reports, licensing inquiries, and other communications.
• Analyze aggregate project usage, such as repository traffic, downloads, build errors, or site performance.
• Protect against abuse, spam, malware, security incidents, license misuse, or violations of the Terms.
• Comply with legal obligations and enforce project rights.

We do not use your locally stored trade journal to train AI models, target advertising, sell personal information, or provide brokerage/advisory services because we do not intentionally collect that journal on our servers.

7. Cookies and Similar Technologies

The public website may use cookies, local storage, server logs, CDN logs, analytics tools, or similar technologies for security, site operations, performance, abuse prevention, and basic analytics. The app uses browser storage to save local data and preferences. We do not intentionally use advertising cookies or behavioral advertising pixels for GammaLedger trading data.

8. Information Sharing

We may share or disclose information we can access:

• With service providers that host, secure, monitor, deliver, or support the website, repository, documentation, or project infrastructure.
• With third-party providers you choose to configure or contact through the Services.
• Publicly, if you submit information to public GitHub repositories, issues, pull requests, discussions, social channels, or other public forums.
• When required by law, legal process, safety needs, security investigations, enforcement of rights, or prevention of harm.
• In connection with a project transfer, reorganization, licensing transaction, or similar event, subject to appropriate handling of available information.

9. Sensitive Information

Do not submit Social Security numbers, taxpayer IDs, full account numbers, passwords, seed phrases, government IDs, confidential client information, non-public personal information, material non-public information, or other sensitive data to public project channels or optional AI prompts. If you import broker files or screenshots, review them first and redact anything you do not want stored locally or transmitted to an optional provider.

10. Retention

Local app data remains on your device until you delete it, your browser deletes it, or your device/storage configuration changes. Public GitHub content may remain available according to GitHub's policies and repository history. Website logs and analytics are retained according to our service providers' settings and operational needs. Third-party providers retain submitted data according to their own policies.

11. Security

We use reasonable measures for project infrastructure, but no website, browser app, local device, API integration, encryption method, or storage system is completely secure. You are responsible for device security, browser security, account security, API key restrictions, backups, access controls, and redaction of sensitive information.

If you believe you found a security issue, report it through the project's recommended security channel or contact the maintainers without posting exploit details publicly.

12. Children and Minors

GammaLedger is not directed to children or minors and is intended for adults. We do not knowingly collect personal information from children under 13. If you believe a child provided personal information through a GammaLedger-controlled channel, contact us so we can take appropriate action.

13. Privacy Choices and Rights

Depending on your location, you may have rights to request access, correction, deletion, portability, restriction, objection, or appeal regarding personal information we control. Because most app data is local, many requests can be completed directly by you by deleting or modifying local storage or exported files.

For information we control, contact us through the project repository or listed maintainer channels. We may need information to verify and process your request. You may also need to contact third-party providers directly for data they control.

14. International Use

GammaLedger is an open-source project that may be accessed globally. Website infrastructure, GitHub, optional API providers, AI providers, maintainers, and contributors may be located in different countries. By using the Services or optional integrations, you understand that information may be processed in jurisdictions with different data-protection laws than your own.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date indicates when this page was last changed. Continued use of the Services after changes are posted means you accept the updated Policy.

16. Contact

For privacy questions or requests, contact the maintainers through the GammaLedger GitHub repository or other channels listed in the repository. Do not post confidential, sensitive, personal, account, or trading information in public issues.