Edgewise — Privacy Policy
Last updated: 2026-06-08 · Version 0.2 (draft)
⚠️ Draft — not yet legally reviewed. This is an AI-prepared framework. It has not been reviewed by a qualified data-protection lawyer, contains unfilled placeholders (controller details, contact addresses, named processors), and must be reviewed before public launch. See also our
Terms of Service.
1. Who We Are
Edgewise Ltd. operates the Edgewise platform. This Privacy Policy explains how we collect, use, store, and protect your personal data.
[TODO — confirm registered company name, registered address, and (for UK) ICO registration number. Privacy contact: e.g. privacy@edgewise.trade]
2. What Data We Collect
Information you provide:
- Email address — when you join the waitlist or create an account
- Account details — name, billing information (only if you subscribe to a paid tier)
- Communications — any messages you send us
Information collected automatically:
- Device/connection data — standard server logs (e.g. IP address, browser type) used for security and to operate the Service
- Local storage — we store your waitlist email in your browser's local storage so the form remembers it; this is functional, not tracking
Information we do not collect:
- Trading account details, exchange API keys, or wallet addresses
- Sensitive personal data (race, religion, health, political opinions)
- Content of your trading activities on other platforms
3. Cookies & Analytics (current state)
At present, Edgewise uses only essential/functional storage and does not deploy analytics or tracking cookies, advertising pixels, or third-party trackers.
| Type | Purpose | In use today? |
|---|
| Essential / functional | Session handling; remembering your waitlist email (browser local storage) | Yes |
| Analytics (optional) | Aggregate usage patterns | No — not currently deployed |
| Advertising / tracking | — | No |
If we introduce optional analytics in future, we will do so on an opt-in basis with a consent banner, and we will update this policy before any such cookies are set.
4. How We Use Your Data
We use your data to:
- Provide and maintain the Edgewise Service
- Send you Service updates (and marketing only with your consent)
- Maintain the security and integrity of the Service
- Comply with legal obligations
We will never sell your personal data to third parties.
5. Legal Basis (UK GDPR / EU GDPR)
For users in the UK and European Economic Area (EEA) we process data on the basis of:
- Consent — for marketing emails (and any future optional analytics)
- Contractual necessity — to provide the Service you signed up for
- Legitimate interests — to operate and secure the Service (balanced against your rights)
- Legal obligation — where required by law
6. Data Storage, Security & Processors
- Data is stored on secure, access-controlled infrastructure
- We use industry-standard encryption for data in transit and at rest
- Access to personal data is restricted to authorised personnel
Processors we currently rely on:
- Cloudflare — network/edge delivery for the public site
Processors that will apply when the relevant feature is enabled (not all live yet):
- Stripe — payment processing (paid tiers)
- [TODO] — transactional/marketing email delivery
- [TODO] — hosting provider (e.g. Railway / AWS) once deployed
[TODO — lawyer: put a Data Processing Agreement (GDPR Art. 28) in place with each named processor before it goes live.]
7. Data Retention
- Email (waitlist/account): retained until you request deletion or the account is inactive for 2 years
- Billing records: retained for 6 years (UK tax/financial compliance)
- Server logs: retained for a limited period for security, then deleted or anonymised
8. Your Rights (UK / EU GDPR)
You have the right to: access, rectification, erasure ("right to be forgotten"), restriction, portability, objection, and to withdraw consent at any time for consent-based processing.
To exercise any right, contact us at [TODO — privacy contact address]. We respond within the statutory timeframe (generally one month).
9. Data Breaches
If a personal-data breach occurs that is likely to result in a risk to your rights, we will notify the relevant supervisory authority within 72 hours where required, and affected users without undue delay.
10. International Data Transfers
If your data is transferred outside the UK/EEA (for example, to a US-based processor such as Stripe), we rely on appropriate safeguards such as the UK International Data Transfer Agreement or EU Standard Contractual Clauses.
11. Children's Privacy
Edgewise is not intended for individuals under 18. We do not knowingly collect data from minors.
12. Changes to This Policy
We may update this Policy from time to time. Material changes will be notified via email or a notice on the Service. The "Last updated" date reflects the most recent revision.
13. Contact & Complaints
For privacy inquiries: [TODO — privacy contact address].
If you are in the UK or EEA and believe we have not adequately addressed your concern, you have the right to complain to your local data protection authority (in the UK, the Information Commissioner's Office, ICO).
Disclaimer: This document is a framework draft and has not been reviewed by a qualified legal professional. It should be reviewed by a lawyer before being used in a live service.
← Back to Edgewise