Privacy Policy

Last updated: January 16, 2026

Overview

CandleSight is operated by MicroMediaSites LLC ("we", "us", or "our"). This Privacy Policy explains how we collect, use, and protect your information when you use our desktop application and website at candlesight.com.

We are committed to protecting your privacy. CandleSight is designed with a local-first architecture, meaning your sensitive trading data and API credentials stay on your device.

Information We Collect

Account Information

When you create an account, we collect your email address and basic profile information through our authentication provider (Clerk). This is used to identify your account and provide access to our services.

Broker API Credentials

Your broker API credentials (such as OANDA API keys) are stored locally on your device using industry-standard encryption. We never transmit or store your API credentials on our servers. You can verify this in our open architecture documentation.

Trading Data

Trade history, strategy configurations, and analysis results are synced to our servers to enable features like cloud backup and cross-device access. This data is associated with your account and is not shared with third parties.

Usage Analytics

We collect anonymous usage analytics to improve our product. This includes feature usage patterns and application performance metrics. We do not track individual trading activity or share this data with third parties.

Payment Information

Payment processing is handled by Stripe. We do not store your credit card information. Stripe's privacy policy governs how they handle your payment data.

How We Use Your Information

  • To provide and maintain our services
  • To authenticate your account and manage your subscription
  • To sync your trading data and strategies across devices
  • To send important service updates and security notifications
  • To improve our product based on usage patterns
  • To respond to support requests

Data Security

We implement industry-standard security measures to protect your data:

  • API credentials are encrypted locally using AES-256 encryption
  • All data transmission uses TLS 1.2 or higher
  • Server-side data is encrypted at rest
  • We use secure authentication through Clerk
  • Regular security audits and updates

Data Retention

We retain your account data for as long as your account is active. You can request deletion of your account and associated data at any time by contacting us at support@candlesight.com.

Third-Party Services

We use the following third-party services:

  • Clerk - Authentication and user management
  • Stripe - Payment processing
  • Plausible - Privacy-focused analytics (no cookies)

Each service has its own privacy policy governing their data practices.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Opt out of marketing communications

Children's Privacy

CandleSight is not intended for users under 18 years of age. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: support@candlesight.com