Legal Disclosure

Privacy Policy

This Privacy Policy explains, in comprehensive form, how the platform collects, records, stores, secures, uses, discloses, transfers, retains, and otherwise processes personal data and operational records across account, learning, challenge, admin, mentor, security, analytics, prop, funded-account, and support workflows.

Last updated: April 4, 2026Controlling version: English
Important Notice. The platform is provided on an as-is, as-available basis. This Privacy Policy is drafted broadly to address ordinary usage, edge cases, abuse handling, outages, disputes, third-party integration failures, security events, and other reasonably foreseeable scenarios.

What this covers

Identity data, authentication, challenges, assignments, groups, journals, messaging, admin review, security logging, and funded-feature operations.

How to read it

This document is intentionally detailed and protective. It covers both normal platform use and less obvious failure, abuse, retention, and evidence-preservation scenarios.

Risk allocation

Users remain responsible for device security, credential hygiene, legal compliance, third-party dependencies, and decisions made based on platform outputs.

1. Scope, Acceptance, and Priority of Terms

This Privacy Policy applies to personal data and related operational records processed through the platform for visitors, applicants, registered users, students, mentors, administrators, invite recipients, support contacts, and any other person whose information is handled in connection with the service.

By accessing, browsing, registering for, logging into, integrating with, or otherwise using the platform, you acknowledge that you have read and understood this Privacy Policy and agree that information may be processed as described here. If you do not agree, you must not use the platform.

This Privacy Policy must be read together with the Terms of Service, challenge rules, assignment rules, funded-account rules, prop-program rules, feature notices, and any other binding platform policies. If another valid document imposes additional restrictions or disclosures, that document supplements this Privacy Policy. To the maximum extent permitted by law, the English version controls interpretation even if translations are later provided for convenience.

2. Service Nature, Platform Role, and Non-Assumption of Duty

The platform is an education, simulation, challenge-management, mentorship, analytics, and operational administration system. Except where a feature expressly and lawfully states otherwise, the platform is not a bank, broker, dealer, exchange, investment adviser, fiduciary, custodian, insurer, payment processor, legal adviser, tax adviser, or emergency service.

Processing personal data for platform operation does not create any duty to monitor, guarantee, reimburse, insure, preserve, recover, or compensate for user outcomes, financial losses, market exposure, legal compliance, tax treatment, device compromise, account misuse, third-party failures, or any other adverse result.

3. Categories of Information We May Process

Depending on how the service is used, we may process different information categories. Not every category applies to every user at all times, and some categories appear only when optional or admin-enabled features are used.

  • Identity and account data, including email address, first name, last name, username, user number, role, locale preference, avatar, onboarding state, access tier, invite status, and lifecycle state.
  • Authentication and security data, including password hashes, password timestamps, refresh-token records, email-verification records, password-reset records, Telegram-linking state, reCAPTCHA verification tokens, session metadata, rate-limit data, device or browser signals, IP-address-related information, and security audit logs.
  • Learning and participation data, including assignment activity, enrollments, challenge participation, waitlist status, group membership, rankings, comments, badges, certificates, highlights, journals, notifications, support history, and related administrative records.
  • Trading and analytics data, including demo balances, positions, orders, fills, wallet balances, chart interactions, P/L data, challenge outcomes, prop-program records, funded-account lifecycle data, credential-verification outcomes, reconciliation history, and enforcement logs where relevant.
  • Communications and user-submitted content, including support requests, mentor communications, admin communications, uploaded profile media, journal entries, notes, comments, form submissions, and any data voluntarily included in messages or attachments.
  • Technical and usage data, including pages visited, feature interactions, errors, logs, browser storage usage, account-selection state, locale storage, cookies, and performance or abuse-prevention telemetry needed to operate the service responsibly.
  • Derived or inferred data, including abuse-risk indicators, eligibility decisions, verification outcomes, moderation flags, readiness states, performance classifications, and other conclusions derived from raw platform data.

4. Sources of Information

Information may be obtained directly from you, automatically from your browser or device, from mentors and administrators acting inside the platform, from challenge or program operators, from messaging and email providers, from Telegram integrations, from market-data providers, from funded or exchange-side providers when enabled, and from internal logs or analytics produced during normal service operation.

Some records are created internally when the platform computes rankings, challenge states, access decisions, analytics, moderation outcomes, operational readiness, or abuse signals. Those system-derived results may be treated as platform records even if you disagree with them.

5. Purposes of Processing

We process information whenever reasonably necessary to operate, secure, maintain, improve, document, defend, and administer the platform and related services. Processing includes both ordinary feature delivery and exceptional or edge-case scenarios.

  • Creating and managing accounts, authenticating sessions, verifying email ownership, enabling password recovery, and supporting Telegram-based sign-in or linking flows.
  • Provisioning and operating assignments, demo accounts, challenge participation, mentor workflows, rankings, certificates, groups, prop programs, funded accounts, and related user features.
  • Detecting, preventing, investigating, documenting, and responding to abuse, scraping, automation, credential stuffing, cheating, collusion, account sharing, suspicious access, fraud, rule breaches, and other policy violations.
  • Monitoring service health, rate limits, delivery success, failures, retries, and platform reliability, including retaining evidence of failed or partial workflows.
  • Communicating with users about security, verification, support, account status, policy enforcement, operational notices, password resets, and other transactional messages.
  • Administering audits, legal holds, rights enforcement, risk review, internal governance, and preparation for disputes, investigations, or litigation.
  • Improving product features, analytics, workflows, anti-abuse controls, and reporting using identifiable, pseudonymized, aggregated, or de-identified data where appropriate.

6. Legal Bases and Permission Structure

Where legal bases are required, we generally rely on one or more of the following: performance of a contract or pre-contractual steps, legitimate interests in operating and protecting the platform, compliance with legal obligations, protection of rights and safety, and consent where a specific activity legally requires it.

If you withdraw consent for a consent-based activity, or if you block the technical mechanisms required to provide a feature, we may suspend, restrict, or degrade the relevant workflow without liability to you. We are not required to maintain unsupported, unlawful, insecure, or operationally unreasonable processing activities.

7. Feature-Specific Processing Scenarios

Different feature families create different privacy implications. Processing may vary based on your role, challenge state, enrollment state, access tier, funded-account status, or whether optional integrations are enabled.

  • Registration and verification workflows may retain incomplete submissions, proof-of-work or reCAPTCHA verification state, failed sign-in attempts, email-verification history, and password-reset events for integrity and abuse prevention.
  • Challenges, assignments, and groups may generate visible participation, progress, ranking, waitlist, and result records that mentors, admins, and eligible users can review as part of the feature design.
  • Demo and simulated trading features may record balances, positions, orders, fills, chart interactions, journal activity, and performance analytics for scoring, review, and fraud detection.
  • Prop and funded workflows may process provider references, encrypted credentials, credential-verification outcomes, reconciliation runs, lifecycle states, breach history, wallet balances, positions, and timeline data needed to operate those features.
  • Notification and messaging features may process send attempts, failures, rate limits, delivery metadata, and message-routing state for troubleshooting, compliance, and service integrity.
  • Uploaded media and profile content may be stored, cached, resized, served, migrated between storage backends, or deleted according to technical and operational needs.

8. Cookies, Browser Storage, Caching, and Similar Technologies

The platform uses cookies, session storage, local storage, and comparable client-side mechanisms to authenticate users, maintain sessions, remember locale choices, preserve account-selection context, support refresh-token flows, and improve stability and performance.

If you block, clear, alter, or corrupt cookies or browser storage, the service may not function correctly, sessions may terminate, cached state may become inconsistent, and some features may show stale or missing data. You accept responsibility for the operational impact of privacy tools, extensions, shared devices, kiosk usage, private browsing behavior, or manual storage tampering.

9. Role-Based Visibility, Mentors, Admins, and Other Users

Information inside the platform is not necessarily private from all other platform actors. Depending on feature design and your role, mentors, administrators, group owners, challenge operators, and eligible participants may see parts of your profile, progress, rankings, participation state, comments, certificates, challenge results, or related operational records.

If you join ranked, group-based, mentor-led, waitlisted, invited, prop, or funded workflows, you acknowledge that some participation and performance information may be visible to others because that visibility is inherent to how those workflows function.

10. Third-Party Services, Integrations, and External Dependencies

The platform may rely on third-party providers for hosting, storage, email, messaging, anti-bot verification, market data, analytics, media handling, and operational integrations. When password login hardening is enabled, reCAPTCHA verification data may be sent to Google. Telegram-related features may involve Telegram. Funded or exchange-side features may involve external provider APIs.

Third-party providers have their own privacy, security, and retention rules. We do not control and do not assume liability for third-party actions, omissions, downtime, policy changes, access decisions, suspensions, errors, or compromise. Use of integrated third-party functionality is at your own risk and may require separate acceptance of outside terms.

11. Disclosures and Sharing

We may disclose information where reasonably necessary to operate the platform, protect rights, prevent abuse, support integrated workflows, preserve evidence, or comply with legal obligations.

  • To service providers and subprocessors that host, store, transmit, secure, analyze, or otherwise support the platform.
  • To mentors, administrators, operators, reviewers, or support staff who need access to manage users, assignments, challenges, groups, moderation actions, or funded-account operations.
  • To messaging, anti-bot, market-data, storage, analytics, or integration providers where technical disclosure is necessary to deliver a requested feature.
  • To auditors, insurers, advisers, purchasers, successors, counterparties, or affiliates during financing, diligence, restructuring, merger, acquisition, insolvency, or similar transactions.
  • To law enforcement, regulators, courts, counterparties, or other parties where we believe disclosure is reasonably necessary to comply with law, preserve evidence, or reduce risk.
  • In aggregated, statistical, de-identified, or otherwise non-personal form where we determine the data is no longer reasonably linked to a specific person.

12. International Transfers

Information may be processed or stored in countries other than the country where you live. Those jurisdictions may provide privacy protections that differ from your home jurisdiction. By using the platform, you understand and accept that data may cross borders where legally permitted or required.

We may use contractual, organizational, or technical safeguards where appropriate, but we do not guarantee that any transfer framework will satisfy every authority or legal theory. If you are not comfortable with cross-border processing risk, you must not use the platform.

13. Security, Integrity Controls, and No Absolute Guarantee

We use administrative, organizational, and technical safeguards intended to reduce risk, such as authentication controls, selective encryption, role-based access, audit logging, abuse controls, and operational monitoring. However, no system is perfectly secure, available, or error-free.

You acknowledge that unauthorized access, malware, phishing, insider misuse, credential theft, human error, software defects, cloud-provider failures, browser compromise, device compromise, synchronization delay, stale cache, backup inconsistency, translation mismatch, supply-chain issues, and force-majeure events may still occur. We do not guarantee confidentiality, integrity, recoverability, or uninterrupted availability.

14. Liability Allocation, Assumption of Risk, and No Responsibility for Losses

To the maximum extent permitted by law, the platform and its operators disclaim responsibility for direct, indirect, incidental, consequential, exemplary, punitive, reputational, educational, regulatory, employment, business, or financial losses arising from or related to data processing, data exposure, unauthorized access, failed notifications, stale information, moderation action, service interruption, integration failure, challenge outcomes, ranking changes, funded-account state changes, or any combination of those events.

You are solely responsible for your device security, browser hygiene, credential secrecy, backup strategy, lawful authority to submit data, accuracy of the information you provide, and the consequences of relying on platform outputs. The platform does not accept responsibility for losses caused by user error, mentor judgment, admin judgment, participant behavior, exchange or provider behavior, email or messaging delay, anti-bot decisions, regional blocking, legal restrictions, or unauthorized acts by third parties.

Nothing in this Privacy Policy creates a warranty, guarantee, representation of fitness, promise of uninterrupted access, insurance obligation, or duty to recover, reconstruct, reimburse, restore, or compensate for any damage, loss, claim, or inconvenience. Any mandatory rights available under non-waivable law are limited only to the minimum extent such law requires.

  • No guarantee that any record, message, notification, score, journal entry, audit trail, or account state will be complete, timely, error-free, or retained forever.
  • No responsibility for losses resulting from shared devices, weak passwords, leaked credentials, browser extensions, malware, ISP failure, cloud downtime, or actions taken from your authenticated account before access is revoked.
  • No responsibility for third-party provider outcomes, including Google reCAPTCHA decisions, email filtering, Telegram delivery problems, market-data gaps, exchange API behavior, or provider suspensions.
  • No responsibility for lost opportunity, business interruption, educational outcome, profit expectation, or trading result allegedly linked to privacy, security, or operational issues on the platform.

15. Retention, Deletion, and Backups

We retain information for as long as reasonably necessary for service delivery, account recovery, abuse prevention, audit integrity, legal compliance, dispute resolution, security review, backup cycles, and business continuity. Different records may be retained for different periods.

Deletion in one layer of the system does not necessarily mean immediate removal from every replica, log, cache, archive, or backup. If you request deletion or close an account, residual copies may persist for legal, technical, anti-abuse, archival, or disaster-recovery reasons. We are not liable for delays between request, logical deletion, physical cleanup, backup expiration, and final storage-layer removal.

16. Your Rights, Choices, and Request Handling

Depending on your jurisdiction, you may have rights to request access, correction, deletion, restriction, objection, portability, withdrawal of consent, or complaint review. Those rights are not absolute. We may refuse, limit, defer, or condition a request where permitted by law, where identity cannot be verified, where records must be retained, or where compliance would jeopardize security, evidence preservation, or the rights of others.

To submit a privacy-related request, use an official support or contact route published by the platform. We may request clarification, narrowing, or additional identity verification. Rights requests do not suspend legitimate security reviews, moderation actions, fraud checks, account restrictions, or evidence preservation obligations.

17. Children, Minors, and Age-Sensitive Use

The platform is not intended for unsupervised use by children and is not designed as a child-directed service. If local law requires parental or guardian permission for a user’s age group, responsibility for obtaining that permission lies with the user, school, institution, parent, guardian, or account creator, as applicable.

If we reasonably believe a user should not have used the service without additional authorization, we may restrict access, request confirmation, suspend processing, or remove relevant data where appropriate. We are not responsible for false age declarations, unauthorized registrations, or failures by parents, institutions, or guardians to supervise use.

18. Changes to This Privacy Policy

We may revise this Privacy Policy at any time to reflect product changes, legal developments, operational decisions, security needs, or business priorities. Unless stated otherwise, updates may take effect immediately upon posting. Continued use of the platform after an update means you accept the revised policy.

You are responsible for reviewing the current Privacy Policy before relying on the service. We are not liable if you do not review updates, do not understand their effect, or continue using the platform despite disagreement with revised provisions.

19. Contact and Complaints

Questions, complaints, or requests relating to this Privacy Policy should be submitted through official support channels or any other official contact details published by the service operator. If your jurisdiction grants a right to complain to a regulator or supervisory authority, you may do so, but you agree to provide the platform a reasonable chance to review and respond first where lawful and practical.

No response time, remedial action, or dispute outcome is guaranteed. Communications may be retained as support, compliance, security, and legal records.

This Privacy Policy is designed as a comprehensive platform policy draft. It should still be reviewed against the laws, jurisdictions, and operating structure that apply to your deployment and organization.

Terms of ServiceBack to registrationBack to login