Skip to main content
candlestick_chartRunOpti
Legal

Privacy Policy

Last updated: May 2026

1. Data Controller

RunOpti is the data controller responsible for your personal data. For privacy-related inquiries, contact us at hello@runopti.com.

RunOpti — privacy@runopti.com

Under GDPR Art. 37, RunOpti is not required to appoint a Data Protection Officer (DPO). Our core business activity is software tooling (trading strategy optimization) — not large-scale, regular and systematic monitoring of individuals, and we do not process special-category data as a core activity.

2. Information We Collect

We collect the following categories of data when you use our service:

  • Account Data: Email address and name provided during registration.
  • Usage Data: Running parameters, optimization results, and settings you create within the platform.
  • Analytics Data: Page views, session duration, device type, and interaction patterns collected through Google Analytics 4 (with Consent Mode v2), Microsoft Clarity (heatmaps and session recordings), and Umami (self-hosted analytics). Analytics data is collected only with your consent, except for Umami which is privacy-focused and does not use cookies.
  • Error & Diagnostics: Anonymized error reports and stack traces collected through Sentry to help identify and fix issues.
  • A/B Testing: Experiment exposure data collected through GrowthBook (self-hosted) to evaluate feature variations. No personal data is shared with third parties for this purpose.
  • Contact Data: Messages submitted through the contact form.

3. Legal Basis for Processing

We process your data based on the following legal grounds:

  • Contract performance: To provide the optimization service you registered for.
  • Legitimate interest: To improve our service, prevent fraud, maintain security, and conduct A/B testing for product improvement.
  • Consent: For analytics cookies, marketing cookies, and optional communications. You can withdraw consent at any time through the cookie settings banner.
  • Legal obligation: To comply with applicable laws and regulations.

4. How We Use Your Information

  • Provide and improve the optimization service
  • Send transactional emails (verification, password reset) via Resend
  • Analyze aggregated usage patterns to improve performance and user experience
  • Identify and fix errors through anonymized error tracking
  • Conduct A/B tests to evaluate and improve features
  • Respond to support requests and contact form messages
  • Protect against fraud, abuse, and unauthorized access

5. Cookies & Tracking Technologies

We use cookies and similar technologies, organized into three categories. You can manage your preferences through our cookie consent banner at any time.

  • Necessary Cookies: Required for the website to function. Includes session authentication tokens and CSRF protection. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our website. Includes cookies from Google Analytics 4 (with Consent Mode v2), Microsoft Clarity, and Umami. Enabled only with your consent.
  • Marketing Cookies: Used for advertising measurement and campaign attribution. Includes Meta Pixel and TikTok Pixel. These are currently inactive and will only be enabled with your explicit consent.

6. Third-Party Services

We share data with the following third-party services, each under their own privacy policies:

  • Google Analytics 4: Web analytics with Consent Mode v2. Data processing subject to Google's privacy policy.
  • Microsoft Clarity: Heatmaps and session recordings. Subject to Microsoft's privacy policy.
  • Umami: Self-hosted, privacy-focused analytics. No data is shared with third parties.
  • Sentry: Error tracking and performance monitoring. Receives anonymized error reports.
  • Resend: Transactional email delivery (verification, password reset).
  • GrowthBook: Self-hosted A/B testing platform. No data is shared with third parties.
  • Formbricks: Self-hosted in-app survey platform. Receives user ID, email address, and subscription plan for targeted survey triggering. No data is shared with external third parties.
  • Meta Pixel: Advertising measurement (currently inactive). Will be enabled only with consent.
  • TikTok Pixel: Advertising measurement (currently inactive). Will be enabled only with consent.

7. Data Retention

  • Account data: Retained while your account is active. After deletion, personal data is permanently removed within 30 days.
  • Optimization data: Free plan data retained for 7 days; Pro plan data retained while account is active.
  • Analytics data: Google Analytics data retained per Google's default retention policy. Umami data retained on our self-hosted server.
  • Error logs: Sentry error reports retained for 90 days.
  • Audit logs: Retained for 90 days for security purposes.
  • Authentication tokens: Automatically cleaned up after expiration.

8. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. Third-party services such as Google Analytics, Sentry, and Resend process data in the United States. We implement Standard Contractual Clauses (SCCs) and other appropriate safeguards where applicable.

9. Data Security

We implement reasonable security measures appropriate to the nature of the data, including encryption in transit (TLS), hashed passwords (bcrypt), HTTP-only secure cookies, CSRF protection, and rate limiting. We periodically review and update our security practices.

In the event of a personal data breach that may result in a risk to your rights and freedoms, we will notify affected users and, where required by law, your applicable data protection supervisory authority, as required by applicable law and within the applicable timeframe (typically within 72 hours under GDPR).

10. Your Rights

Under applicable data protection laws (including GDPR), you have the right to:

  • Access: Request a copy of your personal data.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your data (available through account settings).
  • Data portability: Export your data in a machine-readable format.
  • Restriction: Request restriction of processing in certain circumstances.
  • Objection: Object to processing based on legitimate interest.
  • Withdraw consent: Withdraw consent at any time for consent-based processing (e.g., analytics and marketing cookies).

To exercise these rights, visit your account settings or contact hello@runopti.com.

11. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

12. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

13. Contact

For privacy-related inquiries, contact us at hello@runopti.com.

For data subject requests under applicable data protection laws (access, rectification, erasure, portability), please write to privacy@runopti.com.

14. Chrome Extension Data

When you use the RunOpti Chrome Extension, the extension may transmit the following diagnostic data to our servers if a DOM element cannot be located on a TradingView page:

  • TradingView chart URL — to identify which page layout triggered the failure
  • Sanitized DOM excerpt (failed element HTML, parent CSS selector chain, sibling count) — to update our element selectors after TradingView UI changes
  • Hashed IP address (SHA-256, non-reversible) — for rate limiting only; raw IP is never stored

This data is used exclusively to maintain the extension's core function. It is not linked to your user account, not sold, and not used for any purpose other than keeping the extension operational.

Retention period: 90 days.

Chrome Web Store Limited Use Compliance

The RunOpti Chrome Extension's use of information received from Chrome extension APIs adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Extension-collected data is used solely to operate and improve the extension's ability to interact with TradingView's Strategy Tester. This data is not sold to third parties, not used for advertising, not used for creditworthiness determinations, and not transferred for any purpose unrelated to the extension's single purpose.