Cookie Policy
Effective Date: May 14, 2026 Last Reviewed: May 14, 2026
Operator: TXTech Product: TradeMate Contact: support@yourtrademate.io
1. What Are Cookies
Cookies are small text files placed on your device (computer, tablet, or mobile phone) by websites and web applications you visit. They are widely used to make websites function correctly, to operate more efficiently, and to provide information to the operators of the site.
In addition to traditional HTTP cookies, this policy also covers similar tracking technologies, including:
- Session storage and local storage: Browser-based storage mechanisms that persist data during a browsing session or across sessions, respectively.
- Authentication tokens: Cryptographically signed tokens (such as JSON Web Tokens, "JWTs") stored in secure, HttpOnly cookies or local storage to maintain your authenticated session.
- CSRF tokens: Short-lived values stored in cookies or headers to protect against Cross-Site Request Forgery attacks.
When you access TradeMate through our web application, we may place or read cookies and similar technologies on your device. This Cookie Policy explains what we use, why we use it, and how you can control it.
This Cookie Policy should be read alongside our Privacy Policy, which provides broader context on how we handle your personal data.
2. Cookies We Use
We use a minimal and purposeful set of cookies. TradeMate does not use third-party advertising cookies, behavioral tracking networks, or cross-site tracking technologies. The cookies we use fall into three functional categories:
2.1 Essential Cookies
Essential cookies are strictly necessary for the Service to function. Without these cookies, core features of TradeMate — including account login and security protections — will not operate. These cookies cannot be disabled without breaking the Service. They do not require your consent under GDPR Recital 25 and are placed on the basis of our legitimate interest and the necessity of contract performance.
| Cookie Name | Purpose | Duration | Data Stored |
|---|---|---|---|
trademate_session | Authentication session token. Set upon successful login to identify and maintain your authenticated session across requests. Without this cookie, you will be unable to remain logged in. | Session (expires on browser close) or up to 30 days if "Remember me" is selected | Opaque session identifier (no personal data in the cookie itself; session data is stored server-side) |
trademate_csrf | Cross-Site Request Forgery (CSRF) protection token. Included with state-mutating requests (POST, PUT, DELETE) to verify that the request originates from our application and not a malicious third-party site. | Session (expires on browser close) | Randomly generated cryptographic token |
trademate_device_id | Pseudonymous device identifier used for security purposes, including detection of anomalous login activity, session fixation prevention, and multi-device session management. | 90 days | Pseudonymous identifier; not directly linked to personal identity |
Technical note on session security: The trademate_session cookie is set with the following security attributes: HttpOnly (cannot be accessed by JavaScript, protecting against XSS), Secure (transmitted only over HTTPS), and SameSite=Strict (not sent with cross-site requests). These attributes are non-negotiable security requirements and are not optional or configurable by the user.
2.2 Functional Cookies
Functional cookies allow TradeMate to remember choices you make and provide enhanced, personalized features. These cookies are not strictly necessary for the Service to operate, but they significantly improve your experience. If you disable them, these personalization features will reset on each visit and your preferences will not be remembered.
| Cookie Name | Purpose | Duration | Data Stored |
|---|---|---|---|
trademate_theme | Stores your selected interface theme (e.g., light mode, dark mode, or system default) so your visual preference is preserved between sessions without requiring a server round-trip. | 12 months | Theme preference value (e.g., "dark", "light", "system") |
trademate_notifications | Records your notification delivery preferences (e.g., in-app only, email enabled, push enabled) for reference on the client side, ensuring the correct notification UI state is shown immediately on load. | 12 months | Notification preference flags |
trademate_locale | Stores your selected language and locale settings if you have manually overridden the browser default, ensuring the correct locale is applied consistently across sessions. | 12 months | Locale code (e.g., "en-US", "de-DE") |
trademate_dashboard_layout | Preserves your customized dashboard widget arrangement and layout configuration, allowing your personalized workspace to persist between login sessions. | 12 months | Serialized layout configuration object |
Functional cookies are set only after you have made a relevant preference selection. We use these values solely to improve your experience with TradeMate; they are not shared with third parties for any purpose.
2.3 Analytics Cookies
We collect anonymous usage metrics to understand how users interact with TradeMate, identify performance issues, and prioritize product improvements. We use a self-hosted analytics solution deployed on our own infrastructure. Unlike third-party analytics services such as Google Analytics or Mixpanel, our analytics system does not send your usage data to any external company's servers, and it does not use cross-site tracking identifiers.
| Cookie Name | Purpose | Duration | Data Stored |
|---|---|---|---|
trademate_analytics | Pseudonymous analytics identifier used to aggregate usage metrics such as session duration, feature engagement, and navigation paths. This identifier is not linked to your account identity in any analytics report. | 12 months | Pseudonymous identifier; not linked to name, email, or account data in reports |
What we collect with analytics cookies:
- Pages and features visited within the Service.
- Duration of sessions and time spent on specific features.
- General geographic region (derived from IP address at ingestion; IP address is not stored after geolocation).
- Browser type and operating system (for compatibility monitoring).
- Error and crash events to identify and fix bugs.
What we do not collect:
- Your name, email address, or any directly identifying personal data in analytics reports.
- The content of your trading strategies, signals, or portfolio data.
- Data for advertising, retargeting, or cross-site tracking.
- Any data transmitted to or stored by third-party analytics providers.
Our analytics infrastructure runs entirely on TradeMate-controlled servers hosted by Hetzner Online GmbH in Germany. No analytics data is transmitted to external analytics platforms.
3. No Third-Party Advertising Cookies
TradeMate does not place, authorize, or permit third-party advertising cookies of any kind. Specifically:
- We do not use Google Analytics, Google Tag Manager, Google Ads, or any Google advertising or tracking products.
- We do not use Meta Pixel (Facebook Pixel), Twitter/X tracking pixels, LinkedIn Insight Tag, or any social media tracking scripts.
- We do not engage with advertising networks, data brokers, demand-side platforms, or behavioral advertising exchanges.
- We do not participate in cross-site tracking, interest-based advertising profiles, or real-time bidding ecosystems.
- We do not load any third-party scripts on our pages that could set tracking cookies without your knowledge.
Our cookie footprint is limited to the cookies described in Section 2. We do not partner with any advertising technology company for the purpose of targeting you with advertisements based on your TradeMate usage or browsing behavior on other websites.
4. How to Manage Cookies
4.1 Browser-Level Controls
All modern web browsers allow you to view, block, and delete cookies. You can typically find these controls in your browser's settings under "Privacy," "Security," or "Site Settings." Instructions for specific browsers:
- Google Chrome: Settings > Privacy and security > Cookies and other site data
- Mozilla Firefox: Options > Privacy & Security > Cookies and Site Data
- Apple Safari: Preferences > Privacy > Manage Website Data
- Microsoft Edge: Settings > Cookies and site permissions > Cookies and site data
- Opera: Settings > Advanced > Privacy & security > Cookies and other site data
You may set your browser to:
- Block all cookies.
- Block third-party cookies only (this will not affect TradeMate's first-party cookies).
- Delete all cookies when you close the browser.
- Prompt you before accepting each cookie.
4.2 Important Warning: Essential Cookies Cannot Be Disabled Without Breaking the Service
If you block or delete Essential Cookies (Section 2.1), the following critical functionality will break:
- You will not be able to log in. The authentication session cookie (
trademate_session) is required to maintain your logged-in state. Without it, every page load will redirect you to the login screen. - Security protections will be degraded. The CSRF protection token (
trademate_csrf) is required for any state-mutating action within the Service. Without it, operations such as updating your profile, creating strategies, or connecting brokers will fail.
We strongly recommend against disabling essential cookies if you intend to use TradeMate.
4.3 Opting Out of Analytics
If you prefer that we do not set the analytics cookie, you may:
- Delete the
trademate_analyticscookie from your browser's cookie storage for the yourtrademate.io domain. - Use a browser extension that blocks first-party analytics cookies.
- Enable "Do Not Track" (DNT) in your browser. While there is no legally binding standard for DNT, TradeMate honors DNT headers by excluding your sessions from analytics aggregation when the DNT signal is detected.
- Contact us at support@yourtrademate.io to request exclusion of your account from usage analytics.
4.4 Cookie Consent (EU/EEA Users)
For users accessing TradeMate from the EU/EEA, we present a cookie consent banner on first visit that allows you to accept or decline non-essential cookies (Functional and Analytics). Your consent choice is stored and respected across your sessions. You may change your cookie preferences at any time by clicking the "Cookie Preferences" link in the footer of the Service.
Essential cookies do not require your consent, as they are strictly necessary for the provision of the Service you have requested, pursuant to GDPR Recital 25 and the ePrivacy Directive.
5. Changes to This Cookie Policy
We may update this Cookie Policy from time to time as the Service evolves or as legal requirements change. When we make material changes — such as introducing new categories of cookies or changing the purpose of existing cookies — we will:
- Update the "Last Reviewed" date at the top of this document.
- Post the revised Policy at the canonical URL for this document (yourtrademate.io/legal/cookie-policy).
- For EU/EEA users, present a refreshed cookie consent notice where re-consent is legally required.
- Provide notice via email for significant changes, at least 14 days before they take effect.
We encourage you to review this Cookie Policy periodically to stay informed about how we use cookies.
6. Contact
If you have questions about our use of cookies or this Cookie Policy, please contact:
TXTech — TradeMate Privacy Email: support@yourtrademate.io Subject line: "Cookie Policy Inquiry"
We aim to respond to all inquiries within 5 business days.
For broader questions about how we handle your personal data, including your rights under GDPR and CCPA, please refer to our Privacy Policy.
This Cookie Policy applies to the TradeMate web application hosted at yourtrademate.io and its subdomains. It does not cover the cookie or tracking practices of third-party websites that may be linked from within the Service.