Privacy Policy | PropVault

Last updated: February 26, 2026

1. Overview

PropVault ("we," "us," or "our") operates propvault.co, a comparison tool for futures prop trading firms. This policy explains what data we collect, why, and how we protect it.

2. Data We Collect

Account Data

When you create an account, we collect your email address and an optional display name. Accounts are managed through Supabase Auth. We do not store passwords directly — authentication is handled securely by Supabase.

Email Subscriptions

When you subscribe to rule change alerts, we store your email address, subscription preferences (selected firms), and a verification status. Unverified subscriptions do not receive emails. You can unsubscribe at any time via the link in every email.

User-Generated Content

Reviews you submit include your rating, title, and body text. Reviews are associated with your account and displayed publicly with your display name (or "A Trader" if no name is set).

Usage Data

We use Vercel Analytics for page view tracking and Core Web Vitals monitoring. If you consent to cookies, we also use Google Analytics 4 (GA4) for behavior analysis. GA4 is only loaded after you grant cookie consent.

Saved Preferences

Saved comparisons, watched firms, and theme preference are stored to provide a personalized experience. Comparison history is stored in your browser's localStorage.

3. How We Use Your Data

To provide and improve the comparison tool and related features
To send weekly rule change digest emails to verified subscribers
To display your reviews alongside firm data
To track affiliate link clicks for revenue reporting
To monitor site performance and fix bugs

4. Cookies & Analytics

Essential cookies: Theme preference is stored in localStorage (not a cookie). Supabase Auth uses secure, HttpOnly cookies for session management. These are strictly necessary and do not require consent.

Analytics cookies: Google Analytics 4 sets cookies for behavior analysis. These are only loaded after you provide consent via the cookie banner. You can withdraw consent at any time by clearing your browser cookies.

Vercel Analytics: Collects anonymous page view data and Web Vitals without setting cookies.

5. Third-Party Services

Supabase — Database, authentication, and storage
Vercel — Hosting, analytics, and edge functions
Google Analytics — Behavior analysis (consent-gated)
Resend — Transactional email delivery
Sentry — Error monitoring (when configured)

Each service processes data according to their own privacy policies. We do not sell your data to any third party.

6. Affiliate Links

PropVault contains affiliate links to prop trading firms. When you click an affiliate link, we record the click (firm, timestamp, referrer) for revenue reporting. These clicks are anonymous — they are not tied to your user account.

7. Data Retention & Deletion

Account data is retained until you delete your account. You can delete your account at any time from the dashboard settings page. Account deletion permanently removes your profile, reviews, saved comparisons, watchlist, and email subscriptions.

Email subscriptions can be removed independently by clicking the unsubscribe link in any digest email.

8. Your Rights

You have the right to:

Access the data we hold about you (your profile and reviews are visible in the dashboard)
Correct your data (edit your display name or reviews)
Delete your data (delete your account or individual reviews)
Withdraw cookie consent (clear cookies to reset)
Unsubscribe from emails at any time

9. Data Security

We use HTTPS everywhere, secure HttpOnly cookies, rate limiting on all API endpoints, Row Level Security (RLS) in our database, and Content Security Policy headers. Admin access uses HMAC-based authentication with timing-safe comparison.

10. Changes to This Policy

We may update this policy from time to time. Changes will be reflected by the "last updated" date at the top of this page.

11. Contact

For privacy-related questions, contact us at privacy@propvault.co.