Logo
TradingMadeSimple
Back to Home

Privacy Policy

Last Updated: January 21, 2026

In the following, we would like to explain to you how your data is processed by us. We strictly adhere to the provisions of the General Data Protection Regulation (GDPR) when collecting, processing and using your data.

Responsible Body

Niklas Müller

Johann-Sebastian-Bach-Str. 23

34134 Kassel

Germany

Email: contact@trading-made-simple.com

Ⅰ. Server Log Files

When you access our website, your device automatically transmits certain data to the web server of our hoster IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany, for technical reasons. This is the recipient of your personal data and acts as a processor for us. The server is located in Germany.

1. Scope of Data Processing

  • IP address
  • Address of the previously visited website (referrer request header)
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time
  • Content of the request
  • HTTP status code
  • Amount of data transferred
  • Information about browser and operating system

2. Purpose of Data Processing

This is necessary to display our website and to ensure stability and security.

3. Legal Basis for Processing

The legal basis for the temporary storage of the data and the log files is Article 6 Paragraph 1 Sentence 1 lit. f GDPR.

4. Duration of Storage

Your IP address and other data will be stored by IONOS SE for 14 days and then deleted.

5. Right to Object

The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection.

ⅠⅠ. Cookies

Here you will find all cookies that are necessary for the operation of our website and its functions (technically necessary cookies). These are usually set in response to an action you have taken. These include, among others, registration, login, or initiation of the payment process via Stripe. Stripe may place additional cookies during checkout to enable secure transactions, as outlined in their Privacy Policy. It is possible to deactivate these cookies in the browser. In this case, error-free functioning of our website can no longer be guaranteed.

Technically Necessary Cookies

The following cookies are necessary for the operation of our website and its functions.

Cookie NameHostTypePurposeValidity
authjs.session-tokentrading-made-simple.comSessionManages user session and login status30 days (from last activity)
authjs.csrf-tokentrading-made-simple.comSessionCSRF protection during authenticationSession
authjs.callback-urltrading-made-simple.comSessionStores redirect URL after loginSession
__stripe_sid / __stripe_midstripe.comPersistent / SessionPayment processing, fraud preventionSession to 1 year

Non-Technical Cookies

Currently, we do not use any cookies that are not strictly necessary for the operation of our website and its functions (technically non-necessary cookies). The use of such cookies constitutes data processing that is only permitted with your active consent (Art. 6 (1) (a) GDPR).

authjs.session-token / authjs.csrf-token

When logging in via an external authentication provider (Google or Discord), cookies named authjs.session-token and authjs.csrf-token are set. In the course of this, a temporary session is stored. This session contains in particular:

  • Authentication information for user recognition (e.g. user ID, login name, authentication provider)
  • Session metadata required for the technical maintenance of the session (e.g. expiration time, security token)
  • Status information if a paid or limited offer is used

Purpose: The processing of data within the scope of the session serves to carry out the login, authenticate the user, maintain the active session and provide personalized functions within the application.

Legal Basis: The legal basis for processing is Art. 6 (1) (f) GDPR. Our legitimate interest lies in the secure execution of the login, session management and the provision of basic functions of our application.

Duration of Storage: The data stored within the user session is stored for the duration of the active session and automatically deleted after expiration. The maximum lifespan is 30 days.

__stripe_sid / __stripe_mid (Examples)

When accessing the payment page or initiating the payment process (e.g. via Stripe Checkout), cookies such as __stripe_sid and __stripe_mid are set by the third-party provider Stripe. These serve to assign payments, detect potentially fraudulent activities and technically manage the payment process. The following data may be processed:

  • Session and transaction identifiers
  • Device and browser information (e.g. IP address, User Agent)
  • Timestamp and usage data related to the payment process

Purpose: The processing takes place for the purpose of secure and smooth payment processing, fraud prevention as well as the assignment and management of checkout sessions.

Legal Basis: The legal basis is Art. 6 (1) (b) GDPR, as the processing is necessary for the fulfillment of a contract or for the implementation of pre-contractual measures. In addition, Art. 6 (1) (f) GDPR may apply if there is a legitimate interest in fraud prevention and system security.

Duration of Storage: __stripe_sid is a session cookie and is deleted after the session ends. __stripe_mid can remain stored for up to a year to recognize returning users and ensure the security of the payment system.

Right to Object

You can delete individual or all cookies via your browser settings. In addition, you have the option via your browser settings to deactivate cookies generally or to restrict them to certain domains.

ⅠⅠⅠ. Payment Processing

For payments on our website, processing is carried out via Stripe Checkout. The following data is processed:

1. Scope of Data Processing

  • Stripe Customer ID (if available)
  • Stripe email address (for transaction confirmations)
  • Transaction ID (tx_id)
  • Currency used
  • Final payment amount

This data contains no direct personal reference and serves exclusively for transaction proof, customer support, and accounting.

2. Purpose of Data Processing

The processing of this data serves documentation purposes, the fulfillment of our contractual obligations and compliance with legal requirements (in particular tax regulations).

3. Legal Basis for Processing

Art. 6 (1) (b) GDPR (contract fulfillment) for payment processing and Art. 6 (1) (c) GDPR (legal obligation) for retention according to § 147 AO. Processing by Stripe takes place on the basis of your consent (Art. 6 (1) (a) GDPR) when using Stripe Checkout.

4. Duration of Storage

Transaction data is stored for 10 years in accordance with § 147 AO (tax retention obligation). Stripe stores data according to their guidelines (https://stripe.com/privacy).

5. Right to Object

Objection to the processing of this data required for contract fulfillment and legal obligations is not possible, as the processing is necessary to fulfill our legal obligations.

ⅠV. Video Streaming (Mux)

To provide video content, we use the service Mux (Mux, Inc., 305 Kearny St Suite 800, San Francisco, CA 94108, USA). Mux enables high-quality video streaming.

1. Scope of Data Processing

  • IP address
  • Device information (browser, operating system)
  • Video playback data (requested video IDs, playback duration)

2. Purpose of Data Processing

The data is processed for the technical provision of video content, optimization of streaming quality, and usage analysis.

3. Legal Basis for Processing

The legal basis is Art. 6 (1) (b) GDPR (contract fulfillment), as video streaming is an essential part of our service. Additionally, Art. 6 (1) (f) GDPR (legitimate interest) may apply for optimization and analysis.

4. Duration of Storage

Mux stores usage data according to their privacy policy. We store playback progress data in our database to improve your learning experience.

5. Right to Object

As video streaming is an essential part of our service, objection is only possible by not using the video feature.

V. User Accounts

When you log in to our website via an external authentication provider (Google or Discord), we process certain personal data.

1. Scope of Data Processing

We collect your email address to identify your account, technical identification data of the authentication provider and, if you make a purchase, payment-related identification data from Stripe. In addition, we store the date of account creation and the last update. We do not store profile pictures (avatars) directly and no IP addresses in this context.

2. Purpose of Data Processing

The data serves the provision and management of your user account, the personalization of your use, security purposes and communication regarding your account or our services.

3. Legal Basis for Processing

The processing is based on Art. 6 (1) (b) GDPR (contract fulfillment) for account management. Our legitimate interest (Art. 6 (1) (f) GDPR) also lies in system and abuse security. Data transfer by the authentication provider is based on your consent given there.

4. Duration of Storage

Your account data is stored for the duration of your active membership. After account deletion, the data will be deleted unless there are legal retention obligations or legitimate interests to the contrary. Data at Google or Discord is subject to their own privacy policies.

5. Right to Object

You can delete your user account at any time by contacting us. This leads to the deletion of your data, provided there are no other retention obligations. Since the login takes place exclusively via Google or Discord, deleting a linked account with these providers may result in you no longer being able to log in to us via this specific way. Information on managing your data at Google and Discord can be found in their respective privacy policies.

VⅠ. Transactional Emails with Brevo

1. Scope of Data Processing

For sending transactional emails (e.g. order confirmations, cancellation policies) we use Brevo (provided by the German subsidiary Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin; Headquarters in Paris). The following data may be processed:

  • Email address
  • Order details (e.g. items, total amount)
  • Username (if provided)
  • Technical metadata (e.g. time of sending, delivery status, IP address upon opening, if available)

2. Purpose of Data Processing

Brevo is used to ensure reliable delivery of transactional emails (confirmation, cancellation information).

3. Legal Basis for Processing

The legal basis is Art. 6 (1) (b) GDPR (contract fulfillment). Sending these emails is necessary for the execution of the purchase contract.

Data Processing Agreement

A data processing agreement (Art. 28 GDPR) exists with Brevo. Sendinblue GmbH processes personal data exclusively according to our instructions.

4. Duration of Storage

Brevo stores delivery logs and previews indefinitely by default (configurable up to 5 years). From January 1, 2025, for over 10 million email events, events older than 24 months will be automatically deleted. The content of the emails may be archived longer if required by commercial or tax laws.

5. Right to Object

Objection is not possible, as these emails are necessary for contract fulfillment or for legal reasons (Art. 6 (b) GDPR).

VⅠⅠ. Email Support with Zoho

1. Scope of Data Processing

For receiving and sending emails, we use the email service Zoho Mail, provided by Zoho Corporation Pvt. Ltd., Estancia IT Park, Chennai, India, with European data centers in the Netherlands and Ireland. The following data is processed:

  • Sender and recipient email addresses
  • Content of the email (including any personal data)
  • Technical metadata (e.g. IP address, timestamp, delivery status)

2. Purpose of Data Processing

The use of Zoho Mail serves the efficient and secure email communication with customers, interested parties, or other contacts.

3. Legal Basis for Processing

The legal basis is Art. 6 (1) (f) GDPR (legitimate interest), our legitimate interest lies in the professional handling of email communication. If the email is related to a contract, Art. 6 (1) (b) GDPR is also applicable.

Data Processing Agreement

A data processing agreement pursuant to Art. 28 GDPR exists with Zoho. Data processing takes place on European servers. Transfer to third countries only takes place with appropriate guarantees pursuant to Art. 44 et seq. GDPR (e.g. standard contractual clauses).

4. Duration of Storage

Emails are stored in accordance with legal retention periods (e.g. 6 years for business letters according to § 257 HGB).

5. Right to Object

If processing is based on Art. 6 (1) (f) GDPR, the user may object at any time (Art. 21 GDPR).

VIII. Watch History and Course Progress

1. Data Processed

To provide you with features like resuming video playback and tracking your course completion, we store the following data:

  • Which videos you have started or completed
  • Your current playback position (timestamp) for each video
  • The date and time you last watched a video

2. Purpose of Processing

This data is processed exclusively to enhance your user experience by allowing you to resume videos where you left off and to show you an overview of your progress within courses and series. This functionality is part of the core service we provide to registered users.

3. Legal Basis

The processing is necessary for the performance of the contract (provision of the course platform features) pursuant to Art. 6 (1) (b) GDPR.

4. Storage Duration

This data is stored as long as your user account exists so that you can access your progress at any time. If you delete your account, this data will also be deleted.

5. Objection

Since this processing is essential for the functionality of the course platform (tracking your owned and watched content), you can only object to this by requesting the deletion of your account or by not using the video playback features.

IX. Trader DNA Test

1. Scope of Data Processing

As part of our voluntary «Trader DNA Test», we collect the following personal data:

  • Name and email address
  • Answers to the test questions (behavioral and trading preferences)
  • The resulting trading profile (Trader DNA)
  • Your Discord user ID (if linked for role assignment)

2. Purpose of Data Processing

The data is processed to determine your personal trading profile, to send you the result via email, and (if applicable) to assign you a corresponding role (badge) in our Discord community. Your email address may also be used to send relevant information if you have agreed to receive a newsletter.

3. Legal Basis for Processing

The processing is based on your consent (Art. 6 (1) (a) GDPR), which you provide by voluntarily participating in the test and entering your data. For the assignment of the Discord role, we rely on Art. 6 (1) (b) GDPR (performance of a contract or pre-contractual measures).

4. Storage Duration

Your Trader DNA data and profile will be stored for as long as your user account with us exists or until you revoke your consent. Upon account deletion or revocation, this specific data will also be deleted, unless statutory retention periods prevent this.

5. Right of Objection and Removal

You can revoke your consent to the storage and processing of Trader DNA data at any time with effect for the future. Simply contact us using the details provided. This may result in the removal of corresponding Discord roles.

X. Affiliate Links and Partner Programs

On our website, we use so-called affiliate links (partner links). If you click on such a link, you will be redirected to an external provider. In doing so, it may happen that the respective provider saves cookies on your end device or uses similar tracking technologies. These tracking technologies serve to trace the origin of a click or a possible contract conclusion and to assign a commission.

1. Scope of Data Processing

When clicking on an affiliate link, the following data may be processed in particular:

  • IP address
  • Referrer URL (the previously visited page)
  • Date and time of the click
  • Possibly cookie IDs or tracking parameters

2. Purpose of Processing

The processing is carried out to track referrals and to settle commissions within the framework of affiliate programs.

3. Legal Basis for Processing

The processing takes place only with your consent in accordance with Art. 6 Para. 1 lit. a GDPR, provided the respective provider uses cookies or tracking technologies.

4. Recipients of the Data

The data is transmitted to the respective providers of the linked products or services. This may include providers such as ATAS or Apex Trader Funding in particular.

5. Storage Duration

The storage duration depends on the respective providers and may vary. Further information can be found in the privacy policies of the respective providers.

6. Note on Third-Party Content

Content on our website (e.g., recommendations or external links) may contain affiliate links, even if these were provided by third parties (e.g., content creators).

Rights of the Data Subject

As a data subject, you have the right to information, the right to rectification or deletion, the right to restriction of processing and the right to object to the processing of your data. If you have given us your consent, you can revoke it at any time with effect for the future. Please send your objection informally to the address mentioned above. In addition, you have the right to data portability.

You also have the right to complain to a supervisory authority about the processing. A list of the corresponding authorities can be found at:List of Supervisory Authorities