Privacy Policy

1. Introduction

GoldTrack ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website goldtrack.io (the "Site").

2. Information We Collect

2.1 Automatically Collected Information

When you visit the Site, we automatically collect certain information about your device, including:

• IP address
• Browser type and version
• Operating system
• Pages visited and time spent on pages
• Referring website addresses
• Device information (mobile vs desktop)

2.2 Local Storage

We use browser local storage to save your preferences, including:

• Theme preference (light/dark mode)
• Price alert settings
• Selected currency and metal preferences

This data is stored locally on your device and is not transmitted to our servers.

2.3 Account Information

Core features like viewing real-time precious metals prices and charts are available without an account. However, some features require registration:

• Price Alerts: Requires account to create and manage alerts
• Portfolio Tracking: Requires account to track your holdings
• Newsletter: Requires email subscription (no account needed)

When you create an account, we collect your email address and authentication information through our identity provider (Clerk). We do not store passwords directly.

3. How We Use Your Information and Legal Basis

We use the collected information to:

• Provide and maintain our Site
• Create and manage your account
• Send you price alert notifications (if you opt in)
• Track your portfolio holdings (if you use portfolio features)
• Improve and personalize user experience
• Analyze Site usage and trends
• Detect and prevent technical issues
• Comply with legal obligations

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process your information based on the following legal grounds:

• Contract: We process your email and account information to provide account services you have requested, including price alerts and portfolio tracking.
• Legitimate Interest: We process analytics data and technical information to improve our Site, fix errors, and understand user behavior. This processing is necessary for our legitimate interests in operating and improving our service.
• Consent: We obtain your consent before placing non-essential cookies. You can withdraw consent at any time through your browser settings.
• Legal Obligation: We process data when required to comply with applicable laws and regulations.

4. Third-Party Services

4.1 Google Analytics

We use Google Analytics 4 ("GA4") to understand how users interact with our Site. GA4 is a web analytics service provided by Google LLC that tracks and reports website traffic.

Data Collected by Google Analytics:

• Pages visited and time spent on pages
• How you arrived at our Site (referrer URL)
• Browser type, operating system, and device information
• Approximate geographic location (country, city) based on IP address
• Anonymized IP addresses (full IP addresses are not stored)

Google Analytics uses cookies to collect this information. The information generated by the cookie about your use of the Site is transmitted to and stored by Google on servers in the United States.

How to Opt-Out:

• Install the Google Analytics Opt-out Browser Add-on
• Disable cookies in your browser settings
• Use browser privacy modes (Incognito, Private Browsing)

For more information about how Google uses data, visit Google's Privacy Policy and How Google uses data when you use our partners' sites or apps.

4.2 Error Tracking

We may use third party providers for error monitoring to improve Site reliability. These providers may collect technical information about errors, including browser type, operating system, and the page where the error occurred.

4.3 Authentication (Clerk)

We use Clerk for user authentication and account management. You can create an account using email or Google sign-in:

Email Sign-Up:

• Your email address is collected and verified
• Passwords are hashed by Clerk and never stored in plain text
• Authentication tokens are stored securely

Google Sign-In:

• We receive your email address and basic profile information (name, profile picture) from Google
• We do not receive or store your Google password
• You can revoke GoldTrack's access to your Google account at any time via your Google Account settings

For more information, see Clerk's Privacy Policy.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience on our Site. By continuing to use our Site, you consent to our use of cookies as described below. You can control cookies through your browser settings. However, disabling cookies may limit some Site functionality.

Types of cookies we use:

• Essential cookies: Required for Site functionality (these cannot be disabled)
• Analytics cookies (Google Analytics): Help us understand Site usage and improve user experience. These cookies have a 2-year expiration by default but can be deleted at any time through your browser settings.

Google Analytics Cookies:

• _ga - Distinguishes unique users (expires after 2 years)
• _ga_* - Persists session state (expires after 2 years)

Your Cookie Choices

You can control and manage cookies in several ways:

• Browser Settings: Most browsers allow you to refuse or accept cookies. Instructions are usually found in the "Help," "Tools," or "Edit" menu.
• Third-Party Opt-Out: Visit aboutads.info or youronlinechoices.eu (for EU users)

6. Data Security

We implement appropriate technical and organizational security measures to protect your information. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain information for the following periods:

• Account Data: Retained until you delete your account. Upon account deletion, your email, profile information, price alerts, and portfolio data are permanently removed within 30 days.
• Google Analytics Data: Automatically deleted after 14 months (GA4 default setting). User-level and event-level data is retained for this period, after which it is automatically deleted.
• Analytics Cookies: Stored in your browser for up to 2 years (can be deleted at any time via browser settings)
• Error Logs: Retained for up to 90 days
• Local Storage Data: Retained on your device until you clear your browser cache or local storage

8. Your Privacy Rights

For All Users

Local preferences (theme, currency) are stored on your device and can be deleted by clearing your browser data. If you have a GoldTrack account, you can export or delete your account data from your account settings or by contacting privacy@goldtrack.io.

GDPR Rights (EEA, UK, Switzerland)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights:

• Right to Access: Request a copy of information we hold about you
• Right to Rectification: Request correction of inaccurate information
• Right to Erasure: Request deletion of your information
• Right to Restrict Processing: Request that we limit how we use your information
• Right to Data Portability: Request a copy of your data in a portable format
• Right to Object: Object to our processing of your information
• Right to Withdraw Consent: Withdraw consent for cookie placement at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

• Right to Know: Request disclosure of personal information collected, used, or shared
• Right to Delete: Request deletion of personal information we have collected
• Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information
• Right to Non-Discrimination: Exercise your rights without discriminatory treatment

Notice: We do NOT sell or share personal information as defined by CCPA.

To exercise your California privacy rights, contact us at privacy@goldtrack.io with "California Privacy Request" in the subject line.

9. Children's Privacy

Our Site is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from your jurisdiction. By using our Site, you consent to such transfers.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us: