CaelumOS is an AI-powered trader operating system that combines a precision journal, visual compounding planner, and pattern recognition tools to help traders build consistency.

Is CaelumOS free to use?

Yes, CaelumOS offers a Forever Free plan that includes daily AI credits and access to core features like the Planner and Journal.

Does CaelumOS place trades for me?

No. CaelumOS is an analytics and psychology platform. We do not execute trades or hold user funds. It is designed to help you make better decisions.

Privacy Policy

Last updated: 2/27/2026

CaelumOS ("we", "us", or "our") is committed to protecting your privacy. This policy explains how we collect, use, store, and share your personal information in compliance with GDPR (EU), CCPA (California), and other applicable data protection laws.

1. Data We Collect

1.1 Information You Provide

Account Information: Email address, username, encrypted password (via Supabase Auth)
Trading Data: Journal entries, trade screenshots, notes, performance metrics, and custom indicators you voluntarily upload
Payment Information: Cryptocurrency payment addresses (we do NOT store credit card numbers - payments processed by NOWPayments)
Communication Data: Support tickets, feedback, and emails you send us

1.2 Automatically Collected Data

Usage Data: Pages visited, features used, time spent, button clicks (via PostHog analytics)
Device Information: Browser type, operating system, IP address, device identifiers
Error Logs: Crash reports and performance metrics (via Sentry)
Cookies: Session tokens, preferences, authentication state

1.3 Third-Party Data

OAuth Providers: If you sign in with Google/GitHub, we receive your name, email, and profile picture

2. How We Use Your Data

We use your information for the following purposes:

Service Delivery: Providing journal, simulator, AI analysis, and pattern recognition features
AI Processing: Sending your trade data to Groq/Anthropic for analysis (see Section 3)
Payment Processing: Facilitating credit purchases via NOWPayments
Product Improvement: Analyzing usage patterns to enhance features and fix bugs
Communication: Sending transactional emails (password resets, payment confirmations)
Security: Detecting fraud, preventing abuse, enforcing Terms of Service
Legal Compliance: Responding to legal requests and protecting our rights

3. AI Processing & Third-Party Sharing

CRITICAL: How AI Providers Use Your Data

When you use AI features (journal analysis, pattern recognition, Pine Script generation), your data is sent to:

Groq (Primary): Fast LLM inference. Zero-retention policy - your data is NOT used for model training.
Anthropic Claude: Advanced reasoning for complex tasks. Anthropic does NOT train on customer data per their commercial terms.
OpenRouter (Fallback): Backup provider when primary is unavailable.

Other Third-Party Services

Supabase (Database & Auth): Stores all user data, hosted on AWS (SOC 2 Type II certified)
PostHog (Analytics): Tracks feature usage - you can opt-out via account settings
Sentry (Error Tracking): Receives error logs and stack traces
Resend (Email): Delivers transactional emails (password resets, receipts)
NOWPayments (Crypto Payments): Processes cryptocurrency transactions

We have Data Processing Agreements (DPAs) with all third-party processors to ensure GDPR compliance.

4. Data Security

Encryption: AES-256 encryption at rest, TLS 1.3 in transit
Access Control: Row-Level Security (RLS) ensures users can only access their own data
Authentication: Passwords hashed with bcrypt, session tokens expire after 7 days
Infrastructure: Hosted on Vercel (SOC 2 certified) and Supabase (ISO 27001 certified)
Monitoring: 24/7 intrusion detection and automated security scanning

Despite our safeguards, no system is 100% secure. We cannot guarantee absolute security of your data.

5. Data Retention

Active Accounts: Data retained as long as your account exists
Deleted Accounts: Personal data deleted within 30 days (except where legal retention required)
Backups: Encrypted backups retained for 90 days for disaster recovery
Financial Records: Payment data retained for 7 years per tax regulations
Legal Holds: Data may be retained longer if subject to legal investigation

6. Your Privacy Rights

6.1 GDPR Rights (EU/EEA Users)

Right to Access: Request a copy of your data (use "Export Data" in Settings)
Right to Rectification: Correct inaccurate data (edit in Settings)
Right to Erasure: Request account deletion (use "Delete Account" or email privacy@caelumos.trade)
Right to Restrict Processing: Limit how we use your data
Right to Data Portability: Receive your data in machine-readable format (JSON export)
Right to Object: Opt-out of analytics and marketing
Right to Withdraw Consent: Revoke consent at any time

6.2 CCPA Rights (California Residents)

Right to Know: Request disclosure of data collection and sharing practices
Right to Delete: Request deletion of personal information
Right to Opt-Out: We do NOT sell personal information
Non-Discrimination: We will not discriminate against you for exercising CCPA rights

6.3 How to Exercise Your Rights

To exercise any of these rights:

Email privacy@caelumos.trade with subject line: "Data Rights Request"
Use in-app Settings → Privacy → Export Data / Delete Account
We will respond within 30 days (GDPR) or 45 days (CCPA)

7. Cookies & Tracking

We use the following types of cookies:

Essential Cookies: Session authentication, security (cannot be disabled)
Analytics Cookies: PostHog tracking (can be disabled via "Do Not Track" or Settings)
Functional Cookies: Preferences, settings, and non-tracking features (can be disabled)

You can block cookies via your browser settings, but this may limit functionality.

8. International Data Transfers

Your data may be transferred to and processed in countries outside your residence, including the United States. We ensure adequate safeguards through:

Standard Contractual Clauses (SCCs) approved by the EU Commission
Data Processing Agreements with all sub-processors
SOC 2 / ISO 27001 certified infrastructure providers

9. Children's Privacy

CaelumOS is NOT intended for users under 18 years old. We do not knowingly collect data from minors. If you believe a child has provided us with personal information, contact privacy@caelumos.trade immediately.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via email or in-app notification. Continued use after changes constitutes acceptance.

11. Contact & Complaints

Data Protection Officer: privacy@caelumos.trade

Support: support@caelumos.trade

EU Users: You have the right to lodge a complaint with your local Data Protection Authority (DPA) if you believe we have violated GDPR.