L O R Y N

Privacy Policy

Last updated 2026-06-07. This policy explains what data Loryn collects, how it is used, who it is shared with, how long it is kept, and the rights you have over it. It is written in plain English and is meant to be read.

Who runs Loryn

Loryn is operated by Jake Hannan as a sole proprietor in the United States. References to "Loryn," "we," "us," and "our" mean this operator. The product is a self-logging journal for futures traders that captures fills from Tradovate, stores them privately, and provides an AI assistant ("Loryn") that helps you review your own data.

Loryn AI — what it is and isn't

The AI assistant in this product is built on Anthropic's Claude. Like any AI assistant, Loryn can be wrong. Her verdicts, patterns, and suggestions are based on your data and should be treated as input, not instructions. Loryn does not provide investment, tax, or legal advice and is not a substitute for a licensed advisor. You remain solely responsible for every trading decision you make.

What we collect

Category	Examples	Source
Account	Email, display name, password hash, account creation timestamp, onboarding preferences	You, at signup; the auth provider (Supabase) hashes your password — we never see it in plaintext.
Subscription & billing	Subscription tier (Standard, Pro, comped, legacy), Stripe customer ID, Stripe subscription ID, billing status, current period end	Stripe webhook. We do not store your payment card details; Stripe holds those exclusively.
Trading data	Tradovate fill events (account ID, symbol, side, quantity, price, timestamps), notes you write, conversations with Loryn, summaries Loryn generates about your trading, strategy and risk preferences you configure	The Chrome extension captures fill events from your Tradovate WebSocket while you trade; the rest comes from you typing or speaking.
Loryn conversations	Messages between you and the AI assistant, including text you typed and text transcripts of what you said in voice mode	You; the Web Speech API in your browser handles the spoken-word → text conversion locally.
Usage metering	Per-call AI cost (input/output token counts, character counts), endpoint name, model name, timestamp. Used to enforce per-user spending caps and bill correctly.	Server-side, on every AI call.
Error reports	Server-side stack traces, request IDs. No conversation text or trading data is included.	Sentry, if enabled on the deployment.
Minimal device context	Browser type and OS version (from request headers); session token; preferences cache	Your browser sends these; we store the session token to keep you signed in.

What we do NOT collect

Your Tradovate username, password, or any authentication token from your broker. Loryn captures market fill events that Tradovate already pushes to your browser — it never reads your credentials.
Screenshots, recordings, or scraped HTML of your trading platform.
Anything from outside the journal experience — no browsing history, no content from other tabs, no analytics about non-Loryn sites you visit.
Your raw payment card details. Stripe handles all card collection; we only see the Stripe customer / subscription IDs and the resulting billing status.
Your physical location, contacts, calendar, or any device sensors.

Why we collect it

Every category above is collected for an operational reason: capturing your trades, running the AI assistant, billing your subscription, keeping the service reliable, and protecting against abuse. Specifically:

Account + Subscription — to identify you, gate paid features, and process billing.
Trading data — to be the journal; without it the product can't function.
Loryn conversations — to power the assistant within the current session and to give Loryn working memory across sessions when you ask her to recall something.
Usage metering — to enforce per-user spending limits so one user can't run up our AI bill, and to bill the right tier.
Error reports — to diagnose outages and fix bugs.

We do not use your data for advertising, sell it to data brokers, share it with analytics resellers, or feed it to AI model training. Your data exists to serve you.

Where it lives (third parties)

Loryn relies on a small set of well-known vendors to operate. Your data is shared with these vendors only to the extent each one needs to perform its function:

Supabase — primary database (Postgres) and authentication. All your trading data, notes, conversations, settings, and account info live here, encrypted at rest. Hosted in AWS us-east-1.
Stripe — payments processing. Stripe stores your card information; we never see it. We receive the Stripe customer ID, subscription ID, billing status, and current period dates via signed webhooks.
Anthropic (Claude) — the AI model that powers Loryn's chat. The text of each message you send is forwarded to Anthropic's API to generate a response. Anthropic's privacy policy and data-handling commitments apply to that leg. We do not enable Anthropic's data retention for training.
ElevenLabs — text-to-speech for Loryn's voice. The text of Loryn's replies (not yours) is streamed to ElevenLabs to produce audio.
Resend — transactional email delivery. Your email address, display name, and the contents of system emails we send you (password reset, usage warnings, support replies) are processed by Resend.
Vercel — web hosting for the journal app and marketing site. Vercel sees HTTP request metadata but not your data.
Web Speech API (in your browser) — converts your spoken words to text locally. Loryn sees the transcript text, not the raw audio. In some browsers (notably Chrome) this transcription may be performed on Google's servers per the browser's own privacy terms.
Sentry — server-side error monitoring, if enabled on a given deployment. Stack traces and request IDs only; no user data.

Who can see your data

Your data is isolated to your account. The database enforces per-user row-level security: every read and write must be authenticated as you and is scoped to your account UUID. A signed-in subscriber cannot, by any path, read another subscriber's trading data, notes, or conversations.

The only humans with engineering access to the database are Loryn's operators (currently Jake), who access account data only when (a) you've asked for support and granted access in your request, or (b) when investigating a security incident or outage. Any such access is logged. Administrative roles inside the product can comp accounts or restrict them, but admins (other than the owner) cannot view another user's trading data, conversations, or notes.

Sharing & disclosure

We do not sell your data. We do not rent, lease, exchange, or trade it. We do not share it with advertising networks. We share data only with the third-party processors listed above, and only what each one needs to perform its function.

We will disclose data if compelled by valid legal process (subpoena, court order, or other binding legal demand). We will notify you of any such demand unless legally prohibited from doing so.

If the operator of Loryn changes (e.g., the business is sold or restructured), your data may transfer to the new operator under the terms of this policy. You will be notified by email before any such transfer takes effect, and you may delete your account first.

Security

Loryn applies standard security practices:

All traffic between you and Loryn is encrypted in transit (TLS / HTTPS).
Database storage is encrypted at rest by Supabase / AWS.
Passwords are hashed by Supabase Auth using industry-standard algorithms (Argon2 / bcrypt). We never see plaintext passwords.
Row-level security policies are in place on every user-data table, preventing cross-tenant reads under any code path.
Edge Functions require a signed JWT for every call; anonymous traffic is rejected with HTTP 401.
Stripe webhook payloads are verified by signature before being acted on, preventing webhook forgery.
Per-user spending caps prevent any single user from running up costs that would affect the service.

No system is perfectly secure. If you believe you have found a vulnerability, please email the contact form with the subject line "Security." We will acknowledge within 48 hours.

Retention

Active accounts — we retain your data indefinitely while your subscription is active or you continue to sign in, so your journal stays complete.
Account deletion — when you delete your account from Settings, every row of your data (trading data, notes, conversations, settings, account record) is permanently removed within 30 days. Your Stripe subscription is canceled immediately at the same time. There is no soft-delete you can recover from afterward; the 30 days is to clear backups and downstream caches.
Inactive accounts — if your subscription has been canceled for non-payment, we keep your data for 90 days from cancellation in case you want to reactivate, then permanently delete it.
Billing records — Stripe retains its own transaction records per its policies and applicable tax law; we retain the corresponding subscription metadata for as long as Stripe does.
AI usage logs — kept for 12 months for billing accuracy and abuse investigation, then deleted.
Server error logs — kept for 30 days, then deleted.
Anthropic, ElevenLabs, Stripe, Resend, Vercel, and Sentry each retain data per their own privacy policies.

Your rights

You have the following rights with respect to your data:

Access — view your full account, trading data, notes, and conversation history at any time inside the product.
Export — download your trading data and notes as CSV from your Settings page.
Correct — edit any note. Trading-fill records are not user-editable because their accuracy is the point of the journal; if you believe a fill was captured incorrectly, contact support.
Delete — wipe your account and all associated data from Settings → Delete account. The action is irreversible after 30 days.
Object / restrict / portability — residents of the EU, UK, California, and other jurisdictions with privacy laws may have additional rights (such as portability or objection to specific processing activities). To exercise them, email the contact form from the address on your account.
Withdraw consent — deleting your account withdraws consent for all processing. There is no other consent we rely on.

Cookies, storage, and tracking

Loryn uses minimal client-side storage:

A first-party session token (stored in localStorage) keeps you signed in. It is sent only to Loryn's own servers.
A preferences cache (also localStorage) so the app remembers your sound and notification settings instantly.
A service-worker cache for offline-instant page loads. No personal data is cached, only HTML/CSS/JS assets.

Loryn does not use third-party tracking cookies, advertising pixels, session replay tools, or any cross-site behavioral tracking.

International users

Loryn is operated from the United States. If you use Loryn from outside the US, your data is transferred to and processed in the United States. By using Loryn you consent to that transfer. The third-party processors listed above each have their own data-residency arrangements.

Children

Loryn is not directed at, and is not intended for, users under the age of 18. We do not knowingly collect data from minors. If you believe a minor has created a Loryn account, contact us and we will delete the account.

Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes (new third-party processors, changes to data retention, changes to your rights) will be emailed to the address on your account before they take effect. Continued use of Loryn after a change indicates acceptance of the updated policy.

Contact

Questions about this policy, requests to exercise your rights, security concerns, or anything else privacy-related: email the contact form from the email address on your account.