Privacy Policy
How we collect, use, and protect your information.
Contents
1. What We Collect
1.1 Information you provide
| Data | When collected | Required? |
|---|---|---|
| Email address | Registration | Yes |
| Password (hashed — we never store plain text) | Registration | Yes |
| First name (optional) | Profile settings | No |
| Timezone preference | Auto-detected on login / profile settings | No |
| Payment details | Checkout — processed directly by PesaPal, not stored by us | Only if subscribing |
1.2 Automatically collected data
- IP address and approximate geographic location (country/city)
- Browser type, operating system, and device information
- Pages visited, time spent on pages, and navigation path
- Referring URL (how you arrived at the Platform)
- UTM campaign parameters (if you arrive via a marketing link)
2. How We Use Your Data
- Account management — creating and maintaining your account, authenticating you on login
- Service delivery — displaying the correct tier of content, showing session times in your timezone
- Payment processing — verifying payments and activating subscriptions via PesaPal IPN callbacks
- Transactional emails — subscription confirmation, expiry reminders, daily briefings (Analyst+)
- Platform improvement — understanding which features are used to prioritise development
- Security — detecting and preventing fraud, abuse, and unauthorised access
- Legal compliance — meeting any applicable legal obligations
We do not sell your personal data to any third party. We do not use your data for automated profiling or decision-making that produces legal or similarly significant effects.
3. Data Storage & Security
Your data is stored on a secured VPS server. We implement industry-standard measures including:
- HTTPS/TLS encryption for all data in transit
- Passwords stored as bcrypt hashes via Django's authentication system
- Database access restricted to the application server only
- Regular backups of user data
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security and will not be held liable for breaches outside our reasonable control.
4. Third-Party Services
PesaPal (Payments)
Payment processing is handled entirely by PesaPal. When you subscribe, you are directed to PesaPal's secure checkout. ForexSignals Pro receives a payment confirmation via IPN callback — we store only the payment reference number, plan, amount, and status. We never see or store your card number, M-Pesa PIN, or banking credentials.
PesaPal's privacy policy governs their handling of your payment data.
Google Fonts
We load fonts from Google Fonts CDN. Google may log your IP address when fonts are requested. See Google's privacy policy for details.
Telegram (optional, Pro tier)
If you connect a Telegram account for push alerts, your Telegram chat ID is stored to send you signal notifications. You can disconnect this at any time from your profile settings.
5. Cookies
We use the following cookies:
| Cookie | Purpose | Duration |
|---|---|---|
sessionid |
Keeps you logged in (Django session) | 2 weeks (or until logout) |
csrftoken |
Security — prevents cross-site request forgery | 1 year |
We do not use advertising cookies, tracking pixels, or any third-party analytics cookies. No cookie consent banner is required for strictly necessary cookies under applicable law, but you can block cookies in your browser settings (note: this will prevent login from working).
6. Your Rights
You have the right to:
- Access — request a copy of the personal data we hold about you
- Correction — update your email or timezone in profile settings at any time
- Deletion — request deletion of your account and associated personal data
- Portability — request your data in a machine-readable format
- Objection — opt out of transactional emails (other than security-critical account notifications)
To exercise any of these rights, contact us using the details below. We will respond within 30 days.
7. Data Retention
We retain your account data for as long as your account is active. If you request account deletion, we will delete your personal data within 30 days, except where we are required by law to retain it (e.g., payment records for tax purposes, which we retain for 7 years). Anonymised, aggregated analytics data may be retained indefinitely.
8. Children's Privacy
ForexSignals Pro is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has registered, please contact us and we will remove the account promptly.
9. Changes to this Policy
We may update this Privacy Policy from time to time. We will notify you by email of material changes. The "last updated" date at the top reflects the most recent revision. Continued use of the Platform after changes take effect constitutes acceptance of the revised Policy.
10. Contact
For any privacy-related requests or questions, contact us via the profile page or through our support channels. We aim to respond within 48 hours.