Legal
Privacy Policy
Effective: 2026-06-24. Operator: Third Wave Coffee Pvt Ltd / Shashank Kumar (“we”). Contact: hello@tvext.app.
1. What we collect
| Data | Source | Why |
|---|---|---|
| Email + display name | Clerk sign-in (Google or magic-link) | Identify your account |
| Chrome user ID + auth token | Clerk + chrome.storage.local | Keep you signed in |
| Chat messages you send | You type them in the Co-Pilot dock | Send to LLM, store transcript |
| AI replies | Returned by the LLM | Display + store transcript |
| Chart context (symbol, interval, recent bars, indicators) | TradingView page DOM at the moment you chat | Give the AI grounding |
| Token usage per request | Computed from LLM response | Enforce plan limits, show your usage |
| Stripe customer ID (after upgrade) | Stripe Checkout | Manage subscription |
We do not collect: TradingView account data, broker credentials, order history, watchlists outside the active chart, Chrome browsing history beyond TradingView, full DOM dumps, screenshots without your explicit upload.
2. How we use it
- Send your prompt + chart context to an LLM (currently OpenAI gpt-4o) to generate replies
- Persist your chat history per
symbol:intervalso it follows you between devices - Compute and enforce plan budget caps
- Charge your subscription via Stripe
- Debug failures (truncated SHA-256 hashes only — see Section 4)
We do not: train models on your data, sell your data, share it with advertisers, run analytics that profile you across sites.
3. Who sees it
| Recipient | What | Purpose |
|---|---|---|
| OpenAI (LLM provider) | Your prompt + chart context | Generate AI replies. Bound by OpenAI's API terms — no training on API data by default. |
| Clerk | Email, display name, sign-in events | Auth |
| Supabase (Postgres host) | Account row, setup library, chat transcripts, usage rows | Storage |
| Upstash (Redis) | Budget counters, rate-limit buckets | Performance |
| Cloudflare Workers | All API traffic | Runtime |
| Vercel | Static companion-site assets | Hosting |
| Stripe | Email + Stripe customer ID | Billing |
We may add sub-processors. We won’t move your data outside the chain above without updating this policy.
4. Logging discipline
Prompt + response bodies are never logged in plaintext on our servers. Telemetry records:
- Truncated SHA-256 hash of the prompt (first 16 hex chars)
- Token counts, model name, latency, cost
- HTTP status
That’s it. If we ever need to look at a specific prompt to debug, we ask you first.
5. How long we keep it
| Data | Retention |
|---|---|
| Account row | Until you delete your account |
| Chat transcripts | 12 months rolling, or until you delete |
| Setup playbooks | Until you delete |
| Usage rows | 18 months (billing dispute window) |
| Stripe customer | Per Stripe's retention (currently 7 years for accounting) |
| Truncated prompt hashes | 30 days in Axiom, then auto-purged |
Delete-on-request: email hello@tvext.app with the subject “Delete my account” from your account email.
6. Data residency
- Primary database: Supabase, region
ap-northeast-1(Tokyo) - Cache: Upstash, AWS US-East
- Static assets: Vercel global edge
- Worker: Cloudflare global edge
If you are in the EU and need EU-only storage, contact us before signing up.
7. Children
Service not directed at users under 18. If we learn we’ve collected data from someone under 18, we delete it.
8. Trading disclaimer
TV Co-Pilot is not financial advice. Replies are reasoning support based on patterns we extract from your prompts and chart. We make no representations about profitability. You are responsible for every trade decision.9. Security
- All transport TLS 1.2+
- API tokens hashed (SHA-256 + server pepper) before storage; never stored plaintext
- Postgres Row-Level Security: every user-owned table enforces
owner_id = auth.uid() - LLM API keys held only in Cloudflare Worker secrets — never exposed to the browser or extension
We disclose any breach within 72 hours of confirmed unauthorized access, per GDPR Art. 33.
10. Your rights
You can:- Export your chat history (request via email; we’ll send a JSON dump within 7 days)
- Delete your account + all associated data
- Object to processing (we’ll stop)
- Lodge a complaint with your data protection authority (EU: your DPA; UK: ICO; California: AG)
11. Changes
We post material updates here with a new effective date. Continued use after the new date counts as acceptance.