Skip to content

Privacy Policy

Effective date: 20 April 2026. Last updated: 20 April 2026.

This Privacy Policy explains what personal information ClockTrades collects when you use our trade journaling and review platform, how we use it, who we share it with, and the choices and rights you have. Please read it alongside our Terms of Service.

1. Who we are

ClockTrades (“ClockTrades”, “we”, “us”, or “our”) provides a behaviour-focused trade journaling, planning, and review platform (the “Service”). For the purposes of applicable data-protection laws (including the Protection of Personal Information Act, 2013 of South Africa (“POPIA”) and, where relevant, the EU/UK General Data Protection Regulation), ClockTrades is the responsible party / controller of the personal information described below.

For privacy questions contact us at hello@implimint.com.

2. Scope

This Policy applies to personal information we process when you create a ClockTrades account, use the Service (including our web application, onboarding, dashboards, journal, compliance coach, deep analytic insights, notifications, and settings), subscribe to a paid plan, contact support, or otherwise interact with us. It does not apply to third-party websites, services, or brokers that you may link to or use alongside ClockTrades; those are governed by their own privacy policies.

3. Information we collect

a. Account and authentication information

  • Email address and password used to create your account.
  • If you sign in with Google, we receive your email address, basic profile information, and an authentication identifier via our authentication provider. We do not receive or store your Google password.
  • Authentication session tokens, stored in your browser to keep you signed in.

b. Profile and preferences

  • Base currency, timezone, onboarding status, last-used trading plan.
  • Habit preferences that control whether you receive in-app reminders such as pre-session plan prompts, post-session journal prompts, and weekly review nudges.

c. Trading journal content

  • Trading plans, including plan names, active/archived state, risk configuration, criteria checklists, and plan audit history.
  • Trade entries, including instrument, direction, entry/stop/take-profit levels, position size, result, computed metrics, notes, emotional state, tags, and mistakes.
  • Screenshots and attachments you upload, including any descriptions you add.
  • Rule-compliance results computed from your trades against your plan.
  • Weekly review completions and up to three weekly focus actions you write.

You choose what to record in your journal. Please do not upload sensitive information, information about other people, or content you are not entitled to share.

d. Subscription and billing information

  • Subscription tier, billing cycle, period start/end, cancellation status, pending downgrades, and refund metadata.
  • Paystack customer and subscription codes used to manage your subscription. Payments are processed on Paystack’s hosted checkout; we do not collect or store your full card number, CVV, or bank credentials.
  • Subscription-related events returned by Paystack webhooks for audit and reconciliation.

e. Technical and usage data

  • Basic technical data that our hosting and authentication providers automatically log, such as IP address, browser type, device identifiers, request timestamps, and error logs. This is used to operate the Service, maintain security, and prevent abuse.
  • Product analytics events are generated only for diagnostic purposes and, on the marketing site, only if a Google Tag Manager ID is configured and you have not opted out of tracking at the browser level.

4. How we use your information

  • Create and authenticate your account and keep you signed in.
  • Provide core features: trading plans, journal, trade compliance results, dashboards, deep analytic insights, compliance coach, weekly reviews, and notifications.
  • Process your subscription, billing, upgrades, downgrades, refunds, and cancellations via Paystack.
  • Compute insights, metrics, and coaching-style messages from data in your own journal.
  • Send transactional communications (email verification, password reset, account notices).
  • Respond to support requests and manage account-deletion workflows.
  • Operate, secure, debug and improve the Service and prevent fraud or abuse.
  • Comply with legal obligations and enforce our Terms of Service.

5. Legal bases

Where GDPR or similar laws apply, we rely on performance of a contract, legitimate interests, legal obligation and consent (where specifically requested — you can withdraw consent at any time). Under POPIA we rely on the corresponding lawful grounds.

6. Sharing

We do not sell your personal information and we do not share it with advertisers. We share personal information only with:

  • Our hosting, database, storage, and authentication provider — a reputable cloud platform that hosts the application, stores your journal, and handles sign-in. Each user’s records are restricted so that only the owning account can read or modify them.
  • Paystack — payments. When you subscribe or change a plan, you are redirected to Paystack’s hosted checkout.
  • Google — if you choose to sign in with Google, your Google account provides authentication details, which are passed to our authentication provider to create or look up your account.
  • Hosting, email, and infrastructure providers — who help deliver the Service.
  • Authorities and successors — if required by law, valid legal process, or in connection with a corporate transaction.

7. International transfers

Some providers may process personal information outside your country of residence. Where we transfer personal information internationally, we rely on appropriate legal mechanisms to provide an adequate level of protection.

8. Retention

We retain your personal information for as long as your account exists and for as long as reasonably necessary to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Account deletion requests enter a 14-day pending period and can be cancelled during that window.

9. Your rights

  • Access, correction, deletion, objection / restriction, portability, and withdrawal of consent.
  • To exercise these rights, email hello@implimint.com. We may need to verify your identity before acting on a request.
  • You may lodge a complaint with your supervisory authority (e.g., the Information Regulator of South Africa or your local data-protection authority).

10. Security

We take appropriate technical and organisational measures to protect personal information, including encryption in transit, authentication controls, strict per-account access rules on user data, and private access to uploaded screenshots. No method of transmission or storage is completely secure.

11. Cookies and local storage

ClockTrades uses browser storage (including local storage and cookies set by our authentication provider) to keep you signed in, remember preferences, and operate the application. We do not use advertising cookies or cross-site tracking.

12. Children

ClockTrades is not directed to children. The Service is intended for users who are at least 18 years old (or the age of majority in their jurisdiction).

13. Changes to this Policy

We may update this Policy from time to time. Material changes will be reflected in the “Last updated” date and, where appropriate, through notice in the Service or by email.

14. Contact

For privacy questions, requests, or complaints, contact hello@implimint.com. For general support, contact hello@implimint.com.