Privacy Policy

We collect the categories of information described below.

Account information. When you sign up, we collect your email address, an encrypted hash of your password (if you use email/password), and the public profile data your identity provider returns (if you sign in with Google or another provider). We assign you a unique user ID.

Subscription and billing data. If you become a Pro subscriber, our payment processor (Stripe) collects and stores your payment-method details. We receive a customer ID, plan, status, and billing events from Stripe. We do not store full card numbers.

Usage data. When you use the Service we record activity necessary to provide it: research and chat history, watchlist entries, paper-strategy steer prompts, alert preferences, API keys you create, and similar product state. We also collect basic access logs (IP address, user agent, timestamps) and analytics events (page views, feature usage) for security and product improvement.

Trading data (optional). If you enable auto-trading, we collect: your on-chain account address; the public address of the trade-only agent we generate for you; the encrypted agent private key (stored in Supabase Vault and used only server-side at trade time); your strategy configurations (steer, allocations, leverage, risk limits); your equity history; and your trade activity log. We never take custody of your funds, and we do not collect government-issued identification, social-security or tax-ID numbers, or any other KYC data. The flow is fully non-custodial: withdrawals from your trading account always require your wallet’s signature, not ours. Hyperliquid is a decentralized exchange and Privy is an embedded-wallet provider; neither performs KYC on you in this flow.

AI prompts. When you use the analyst chat or generate research, your prompts and the surrounding context (your watchlist summaries, live strategies, account state) are sent to our LLM provider for processing. See “LLM processing” below.

Cookies. We use a small number of strictly necessary cookies for authentication and session management. If analytics are enabled in your region (e.g., Google Analytics), additional cookies may be set. See section 7.

• To operate, maintain, and improve the Service;
• To authenticate you, protect your account, and prevent abuse;
• To process payments and manage your subscription;
• To execute trades you authorize (if you opt in to auto-trading);
• To send you product emails, security notices, trade-event notifications, and the daily newsletter (if subscribed);
• To respond to your support requests;
• To comply with applicable laws and enforce our Terms.

The Service relies on large language models served through OpenRouter, which in turn routes to upstream model providers (currently including Anthropic, OpenAI, and Google). When you use AI features (such as the analyst chat, research generation, or the watcher), portions of your account state and conversation are sent to these providers for inference. Per our provider configurations, model providers are not permitted to use your data for model training. We do not include payment-card data or full government-ID data in prompts under any circumstances.

We do not sell your personal information. We share information only with the service providers (“sub-processors”) we rely on to operate the Service, and only as necessary to provide it:

• Supabase: database, authentication, and encrypted secret storage;
• Stripe: payment processing;
• Privy: embedded wallet creation and key custody (your funds, not ours);
• Hyperliquid: perpetual-futures trading venue (executes orders you authorize);
• OpenRouter and underlying model providers (Anthropic, OpenAI, Google): LLM inference;
• Resend: transactional email delivery;
• Our hosting providers: application and database hosting;
• Google Analytics (in regions where enabled): anonymized usage analytics.

We may also disclose information if required by law or legal process, or if necessary to protect the safety, rights, or property of Tomorrow Terminal, our users, or others.

We retain personal information only as long as we need it for the purposes described.

• Account and subscription records: for the lifetime of your account, plus 90 days after account closure for billing reconciliation, fraud prevention, and to handle any disputes; longer where required by tax or financial-record-keeping law (typically up to 7 years for invoices and payment records).
• Trading activity and equity history: for the lifetime of your account, plus 90 days after account closure, then deleted unless retention is required by law or to defend a claim. You can export your activity log at any time.
• Encrypted agent key: deleted within 30 days of you disconnecting auto-trading or closing your account.
• Chat history: until you click “new” in the analyst panel to clear it, or 12 months after the last message in a conversation, whichever comes first; deleted within 90 days of account closure.
• Access logs and security events: up to 12 months from the event.
• Marketing email lists: until you unsubscribe; we retain a hashed record of the unsubscribed address to honor the request indefinitely.
• Aggregated and anonymized data: may be retained indefinitely; this data cannot be used to identify you.

When retention periods expire, we delete or anonymize the data within a reasonable schedule, typically within 30 days.

We use industry-standard safeguards including TLS encryption in transit, encryption at rest for sensitive fields (including encrypted agent keys in Supabase Vault), access controls, and audit logging. No system is perfectly secure, and we cannot guarantee absolute protection against unauthorized access.

If we become aware of a security incident affecting your personal information, we will notify you and applicable regulators as required by law, generally within 72 hours of discovery for incidents that meet the notification threshold under GDPR or applicable state breach-notification statutes.

Depending on your location, you have rights to access, correct, port, restrict, delete, and object to processing of your personal information. You can:

• access and update most account data from your dashboard;
• delete your chat history from within the analyst panel;
• disconnect auto-trading at any time from the trading dashboard;
• cancel your subscription from your dashboard;
• unsubscribe from marketing emails via the link in every marketing email;
• for any other request (including access, correction, portability via a machine-readable export, deletion, restriction, or objection), email privacy@tomorrowterminal.com with the subject line “Privacy Request” and a description.

Response time. We acknowledge requests within 10 days and respond substantively within 45 days. We may extend by an additional 45 days if a request is unusually complex; we will tell you in writing if so. Where the law (such as GDPR Article 12) requires a different timeline, we follow the required timeline.

Verification. To protect your information, we may need to verify your identity before responding to a request. For account-related requests we typically verify via the email address on file. We will not honor requests we cannot reasonably verify.

No retaliation. We do not discriminate against you for exercising any of these rights, including denial of service, different pricing, or different quality of service.

The information in the table below is provided pursuant to the California Consumer Privacy Act, as amended by the California Privacy Rights Act. Capitalized terms have the meaning given to them in the CCPA.

Categories of Personal Information we collect. Identifiers (email, account ID, IP address); Commercial Information (subscription history, billing events); Internet or Other Network Activity Information (usage events, access logs); Geolocation Data (approximate, from IP); Financial Information (your wallet address and trading activity); Inferences drawn from any of the above (such as which features you use).

Categories of Sensitive Personal Information we collect. Account credentials (passwords, hashed). We do not collect government-ID numbers, financial- account numbers, precise geolocation, race, ethnicity, religion, union membership, biometric data, or contents of messages with a third party. We do not use Sensitive Personal Information for any purpose other than as permitted under Cal. Civ. Code 1798.121(a) (providing the service).

Sale and sharing. We do not sell Personal Information, and we do not share Personal Information for cross-context behavioral advertising, as those terms are defined under the CCPA. We have not sold or shared Personal Information in the preceding 12 months.

Financial incentives. We do not offer financial incentives in exchange for personal information.

Your California rights. To know, correct, delete, request a portable copy, limit use of Sensitive Personal Information, opt out of sale or sharing (we do neither), and to be free from retaliation. Submit requests using Section 6. You may designate an authorized agent to make a request on your behalf; we will require written authorization and verification.

Data controller. Tomorrow Terminal is the controller of personal information we collect about you for the purposes described above.

Lawful bases.

• Performance of a contract (Article 6(1)(b)) for processing necessary to provide the Service to you (account creation, authentication, executing trades you authorize, processing payments).
• Legitimate interests (Article 6(1)(f)) for security, fraud prevention, product improvement, and direct marketing to existing customers, balanced against your interests.
• Consent (Article 6(1)(a)) for analytics cookies (where required), marketing emails to non-customers, and any other processing we identify at the point of collection as consent-based. You can withdraw consent at any time without affecting prior processing.
• Legal obligation (Article 6(1)(c)) for tax, anti-money-laundering, and other regulatory record-keeping.

International transfers. We transfer personal information to the United States and other countries where our sub-processors operate. For transfers from the EEA, UK, or Switzerland to countries without an adequacy decision, we rely on the Standard Contractual Clauses (SCCs) or equivalent mechanisms; copies are available on request.

Right to complain. You have the right to lodge a complaint with the supervisory authority in your jurisdiction (the ICO in the UK; your national DPA in the EEA; the FDPIC in Switzerland). We’d appreciate the chance to address your concerns first.

Automated decision-making. The auto-trading agent and the watcher make automated decisions that affect you (placing or closing trades on your account). These decisions are based on the inputs and parameters you set; you can change those parameters, pause the agent, or close out positions at any time. You have the right to obtain human intervention, express your view, and contest decisions. Email us and we will review.

Residents of the following U.S. states have rights similar to those described above under their state consumer-privacy laws. Submit requests through Section 6 above; we treat all U.S. state privacy requests through the same intake.

• Virginia (Virginia Consumer Data Protection Act, VCDPA): rights to access, correct, delete, port, and opt out of sale, targeted advertising, and profiling that produces legal or similarly significant effects. We do not sell personal data, do not engage in targeted advertising, and do not perform such profiling.
• Colorado (Colorado Privacy Act, CPA): rights to access, correct, delete, port, and opt out of sale, targeted advertising, and profiling. Same as above; we do not engage in any of these activities.
• Connecticut (Connecticut Data Privacy Act, CTDPA): rights to access, correct, delete, port, and opt out of sale, targeted advertising, and profiling. Same.
• Texas (Texas Data Privacy and Security Act, TDPSA): rights to confirm, access, correct, delete, port, and opt out of sale, targeted advertising, and profiling. Same.
• Utah (Utah Consumer Privacy Act, UCPA): rights to access, delete, port, and opt out of sale and targeted advertising. Same.
• Oregon (Oregon Consumer Privacy Act, OCPA): rights to access, correct, delete, port, opt out of sale / targeted advertising / profiling, and obtain a list of specific third parties to whom we disclosed personal data.
• Montana (Montana Consumer Data Privacy Act, MCDPA): same general rights as the above.
• Other states. If you live in another U.S. state with a comprehensive consumer-privacy law in effect when you read this Policy, we will honor the rights granted to you under that law as if listed above.

For all of the above, we generally do not sell personal data, do not engage in cross- context behavioral advertising, and do not engage in profiling that produces legal or similarly significant effects (other than the auto-trading agent operating on parameters you explicitly set; see Section 6b on automated decision-making).

Appeals. If we deny a privacy request, you may appeal by replying to our denial within 60 days. We will respond within 60 days of receipt. If your appeal is denied, you may file a complaint with your state attorney general.

We use the following categories of cookies and similar technologies:

• Strictly necessary — for sign-in, session management, and security. These cannot be disabled in our service without breaking it.
• Functional — to remember your dashboard preferences (such as the chat panel’s open/closed state).
• Analytics — in regions where enabled, we use Google Analytics with anonymized IP and no advertising integrations. You can opt out via your browser settings or a consent banner where applicable.

We do not use advertising cookies, retargeting pixels, or social-media tracking pixels. We honor Global Privacy Control (GPC) signals as a valid opt-out from sale or sharing under state law (we do not sell or share regardless, but we treat GPC as an additional confirmation).

The Service is not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a child has provided us personal information, please contact us so we can delete it.

Tomorrow Terminal is operated from the United States and we use sub-processors in the United States and the European Union. By using the Service, you consent to your information being transferred to and processed in those locations. We rely on Standard Contractual Clauses or equivalent mechanisms where required by law.

We may update this Policy to reflect changes to the Service or to comply with the law. We will post the updated Policy on this page and update the “Last updated” date. Material changes will additionally be communicated by email or an in-product notice.

Questions or requests under this Policy? Email privacy@tomorrowterminal.com.