VibeTradez

Privacy Policy

Last updated: April 2026

1. Scope

This policy describes what data VibeTradez collects from visitors and subscribers, how that data is used, and which third-party processors handle it on our behalf. It applies to the vibetradez.com website, the daily picks email, and the auto-execution pipeline operated by the project maintainer.

VibeTradez is a one-person side project. There is no analytics SDK, no advertising network, no cross-site tracker, and no third-party data broker involved. The data footprint is intentionally small.

2. What We Collect

If you sign in or subscribe, we collect:

  • Email address (from Google OAuth) and the Google account display name. Used to send you the daily picks email and to identify you in server logs.
  • An opaque session token issued by the auth service after you sign in with Google. Stored as an HTTP-only cookie on vibetradez.com (named vt_session) so you stay logged in across visits.
  • Email-delivery state: timestamps of when each daily picks email was sent to you, plus your active/unsubscribed status. No open or click tracking pixels.

If you do not sign in, the only data we collect is what your browser sends automatically (IP address, user agent, referrer) for the duration of each request, in standard server logs.

3. How We Use It

The data above is used for exactly these things, and nothing else:

  • Authenticating you on subsequent visits to the dashboard.
  • Sending you the daily picks email at 9:25 AM ET, the EOD summary at 4:05 PM ET, the Friday weekly digest, and occasional one-shot announcements about feature changes.
  • Keeping subscription state correct (active vs unsubscribed).
  • Diagnosing operational issues (e.g. understanding why a particular request 500'd, who saw a particular bug).

We do not sell, rent, share, or trade your data. We do not use it to train any machine learning model. We do not run targeted advertising.

4. Third-Party Processors

VibeTradez relies on a small number of external services to function. Each is a standard, contracted data processor handling a narrow slice of the workload:

  • Google OAuth (Google LLC) authenticates sign-ins. Google sees your email address and grants us read-only access to your basic profile (name + email + avatar URL).
  • Resend (Resend, Inc.) delivers transactional email. They process recipient email addresses, the email body, and delivery metadata (sent/bounced/etc.) on our behalf.
  • Anthropic (Anthropic PBC) powers the trade picker. We send Claude the daily market signals payload and our standard analysis prompt; we do not send Claude any subscriber data, account data, or personally-identifying information.
  • Schwab(Charles Schwab & Co., Inc.) provides market data (quotes, option chains) and, in live trading mode, executes orders against the project maintainer's personal brokerage account. Schwab does not see any subscriber data; the Schwab integration is one-way (we read from them, and the maintainer writes to them).
  • Digital Ocean (DigitalOcean LLC) hosts the application server and the managed Postgres database. They process all data above as the underlying infrastructure provider.
  • GoDaddy (GoDaddy.com, LLC) is the domain registrar. They see DNS lookups for vibetradez.com.

5. No Payment Data

VibeTradez is and always will be free. There is no subscription tier, no premium upgrade, no paywall. We do not process credit cards, bank accounts, or any other payment information. Stripe, PayPal, and similar payment processors are not part of this stack.

6. Retention & Deletion

Subscriber records (email + name + active status) are retained for the lifetime of the project. If you unsubscribe, your row remains in the database with active = false so we can honor the unsubscribe across re-signups; we do not re-add you automatically.

Server logs (request metadata) are retained for approximately 30 days for operational debugging, then rotated out.

If you want your data fully deleted (not just deactivated), email the maintainer using the contact info below and the row will be hard-deleted from the subscribers table.

7. Your Rights

Depending on where you live, you may have legal rights to access, correct, port, or delete the data we hold about you. We honor reasonable requests regardless of jurisdiction; just email the maintainer.

You can also unsubscribe from all email at any time by clicking the unsubscribe link at the bottom of any email, or via the dashboard account menu.

8. Cookies

VibeTradez sets exactly one cookie:

  • vt_session— HTTP-only, SameSite=Lax, Secure (in production). Holds the opaque access token issued by the auth service. Required for sign-in to work. Cleared when you sign out, expires after 30 days of inactivity.

No analytics cookies, no ad cookies, no fingerprinting.

9. Security

All traffic to vibetradez.com is served over HTTPS via Let's Encrypt. The Postgres database is on a private network only the application server can reach. The Anthropic and Schwab API keys are stored as environment variables on the server, never in client-side code or version control. Subscriber-list emails are sent via Resend with subscriber addresses BCC'd so recipients don't see each other.

That said: this is a side project, not a regulated financial institution. Treat the security posture accordingly. The data we hold is minimal by design specifically because we don't want to be a target.

10. Changes to This Policy

If this policy changes materially (e.g. we add a new third-party processor, or change what data we collect), we will email subscribers via the rollout system before the change takes effect, and bump the "Last updated" date at the top of this page.

11. Contact

This project is built and maintained by Jayce Bordelon. For privacy questions, data deletion requests, or anything else policy-related, reach out via the contact information on the personal site.

Back to top