Privacy

Exobeacon Labs operates this website at exobeacon.com. This page describes what data we collect, how we use it, and the choices you have. The short version: we use cookieless analytics that do not identify you personally, we never sell data, and we minimize what we collect to what is necessary to run the site.

What we collect

The public portion of exobeacon.com — the homepage, the legal pages, the calculator pages, the Dialectic archive, and the Pulse dashboard — uses Cloudflare Web Analytics. This service is cookieless, does not fingerprint visitors, and records aggregate page views, referring sites, country of origin at the country level, and general browser and device categories. It does not set any identifier that allows us to track you between sessions or across sites.

When you create an account to save calculations, track a prop-firm challenge, or manage a paid subscription, we collect:

• the email address you register with, for authentication;
• the account metadata your identity provider passes us (Google or Apple display name, avatar URL) if you sign in with OAuth;
• the calculator inputs, broker profiles, and prop-firm account snapshots you voluntarily save;
• billing metadata from Stripe if you subscribe to a paid tier — we never see your card number, only the Stripe customer and subscription identifiers.

We do not collect phone numbers, physical addresses, financial account details, or any documents of identification. We do not ask for tax information. None of this is necessary to run the product.

What we do with it

We store your saved calculations and account metadata so you can retrieve them on future visits. We send a minimal set of transactional emails — magic-link sign-ins, billing receipts, password resets. We never send marketing emails without a specific opt-in, and there is no opt-in box hidden inside the sign-up flow.

Aggregate analytics from Cloudflare inform product decisions: which calculators are used most, which pages are slow, which countries the audience comes from. The data is not resold, not shared with advertisers, and not used to build profiles of individual users.

Where data lives

Application data — user accounts, saved calculations, and trade logs — is stored in Supabase Postgres instances hosted in the European Union. Static assets and the server-rendered website run on Cloudflare's global edge network. Billing data is handled by Stripe in the jurisdictions Stripe operates.

Retention and deletion

You can delete your account at any time from the account settings page. Deletion is immediate and hard: the user row and all rows referring to it via foreign key are removed on the same transaction. Subscription records on Stripe are retained as required by the relevant tax and financial-services regulations; everything else is irreversibly gone.

Aggregate analytics continue to include the page views you generated while using the site, but those views are not attributable to you after deletion.

Your rights

If you reside in the European Economic Area, the United Kingdom, or a jurisdiction with equivalent data-protection law, you have the right to request a copy of the personal data we hold on you, to request correction of inaccurate data, and to request erasure. You also have the right to lodge a complaint with a supervisory authority. Send such requests through the GitHub repository or to the operator contact listed there.

Cookies

We do not use cookies for analytics. The only cookies set by the website are strictly-necessary cookies for authentication (a Supabase session cookie when you sign in) and — if you subscribe — Stripe's own cookies for checkout. We do not display a cookie banner because there is nothing optional to consent to.

Changes to this policy

We update this page when the underlying data handling changes. Material changes are announced on the homepage for at least one week before taking effect. The last updated date at the bottom reflects the most recent substantive edit.

Last updated: 2026-04-23.