Privacy Policy

This policy applies to three groups of people:

• Website visitors — anyone visiting piplead.com or any subdomain.
• Customers — businesses who hold an account on the Piplead workspace.
• Data subjects (traders) — individuals whose pseudonymous trading metadata is processed through the Piplead Trade Automation Platform and shared, with consent, with vetted broker, prop firm, and IB partners.

Finnect, LLC (701 Tillery Street #2589, Austin, TX 78702, United States), operating the Piplead service, is the controller of personal data described here, except where it acts as processor on behalf of a Customer (governed by the DPA).

Website visitors: IP address (truncated for analytics), user-agent, page visited, referrer. Cookies are described in the Cookies Policy.

Customers: name, work email, company, role, billing details, workspace activity logs.

Traders (data subjects): pseudonymous identifier, name, work email and phone (where the trader provided them), country, trading platform used, broker / prop firm relationships, volume bands, recency, funding status, derived intent score.

We never collect: account passwords, government IDs, bank account or card numbers, full payment data, special- category data (health, biometric), children's data, or browsing history outside our own platform. See /compliance for the full list.

We rely on the following bases:

• Consent for processing trader data shared via the platform. Consent is collected at signup on the Piplead Trade Automation Platform and can be withdrawn at any time.
• Contract for processing Customer account data necessary to deliver the Service.
• Legitimate interest for analytics on our own site, fraud prevention, security logging, and basic communication with prospective Customers.
• Legal obligation for tax, accounting, and regulatory record-keeping.

We use personal data to deliver the Service, to improve quality and scoring models on aggregated and pseudonymised data, to manage billing, to communicate with Customers, to investigate abuse and security incidents, and to comply with our legal obligations. We do not sell personal data, we do not rent it, and we do not use it for advertising profiling.

We share personal data with: Customers (only the records they subscribed to and only for traders who consented), our infrastructure and operational sub-processors (see Sub-processors), and government authorities when legally required.

We do not sell personal data within the meaning of CCPA/CPRA.

Data is processed primarily in the European Union and the United States. Cross-border transfers are governed by the EU Standard Contractual Clauses (and the UK addendum where applicable), referenced in our DPA. EU/UK data residency is available on request for Customers under an enterprise plan.

We retain Customer account data for the duration of the subscription plus seven years for tax and audit purposes. Trader records are retained while consent remains valid; on opt-out, the record is suppressed within Piplead immediately and propagated to Customers within 24 hours, and is deleted from active systems within 30 days. Backups are rotated within 90 days.

You can request:

• Access to the data we hold about you.
• Correction of inaccurate fields.
• Deletion of your data (right to be forgotten).
• Restriction or objection to processing.
• Portability of your data in a machine-readable format.
• Withdrawal of consent at any time.

The fastest route is the privacy request form. You can also email privacy@piplead.com. We respond within 30 days; usually within 7. EU/UK residents have the right to complain to their local supervisory authority.

California, Virginia, Colorado, Connecticut, and other US-state residents have rights to know, delete, correct, and opt out of the "sale" or "sharing" of personal information. We do not sell personal information within the meaning of these laws. To exercise any right, use the privacy request form.

We use TLS in transit, encryption at rest via our cloud database provider, role-based access controls, and audit logging. The full picture is on the Security page. Report a vulnerability to security@piplead.com.

The Service is not directed to anyone under 18. We do not knowingly process data of minors. If we become aware that we have collected such data, we delete it promptly.

We may update this policy. Material changes will be notified by email to Customer admins and posted on this page with an updated date.

Finnect, LLC (operating Piplead) · 701 Tillery Street #2589 · Austin, TX 78702 · United States. Privacy questions: privacy@piplead.com. Data Protection Officer: dpo@piplead.com.