Scope
This Privacy Policy applies to Rippll's websites, apps, account pages, creator tools, subscriber tools, alerts, broker-connect features, and related communications (collectively, the "Services"). Third-party services, including brokerages, authentication providers, payment processors, Discord, Whop, cloud providers, and app stores, have their own privacy policies.
Using Rippll means you acknowledge this policy. It does not replace any broker, exchange, payment, tax, or regulatory disclosure that may also apply to you.
Information we collect
Account and identity information
- Account identifiers such as email address, internal user id, authentication provider id, role, and account status.
- Information you provide in account settings, such as username, bio, location, timezone, language, and phone number.
- Support messages, troubleshooting details, and other communications you send to us.
Creator and trader information
- Public profile fields you choose to publish, such as display name, handle, avatar, banner, trading style, strategy description, specialties, social links, FAQ entries, and disclosures.
- Private trader onboarding fields, such as legal name, phone, country or region, jurisdiction, and agreement records. These fields are used for verification, payout readiness, consent, and compliance workflows and are not shown on public profiles.
- Creator performance and strategy records created through Rippll, including published trade signals, manual outcome reports, closed-trade summaries, and profile module settings.
Brokerage and trading-related information
- Broker connection metadata, such as broker name, connection status, connection identifiers, account identifiers, account labels, granted scopes, capability facts, and validation timestamps.
- Broker access credentials needed to provide the feature you enabled. Depending on the broker and connection method, this may include encrypted personal access tokens, encrypted OAuth access tokens, encrypted refresh tokens, or similar broker-access secrets. Rippll does not ask for or store your broker username and password.
- Account and trading data needed for connected features, such as balances, positions, orders, fills, order status, timestamps, portfolio snapshots, copy-order records, preview results, reconciliation records, alerts, and risk-control state.
- Trade signals and copy-flow records generated by your activity, subscriptions, approvals, settings, and connected broker events.
Integrations and community information
- Discord integration data such as guild ids, channel ids, install status, command activity, routing bindings, and published card metadata.
- Whop review import data, if enabled, such as Whop account identifiers, product identifiers, selected products, published review content, ratings, reviewer display fields, and sync status.
- Images uploaded for avatars or banners. Images are re-encoded before storage and may be served through a public object store when they are part of a public or in-app profile.
Device, usage, cookies, and logs
- Technical data such as IP address, browser, device type, pages or screens viewed, timestamps, request metadata, error logs, performance metrics, security events, and session activity.
- Cookies, local storage, and similar technologies used for authentication, security, preferences, analytics, and service reliability.
- Billing records if paid features are enabled, such as plan, subscription status, payment processor customer id, receipts, and transaction identifiers. Rippll does not store full payment card numbers.
How we use information
- Provide, operate, secure, and troubleshoot the Services.
- Authenticate users, maintain sessions, enforce role and operator access, prevent fraud, and investigate abuse.
- Run user-directed broker connection, preview, alert, trade-signal, subscription, copy-flow, reconciliation, and risk-control features.
- Display creator and subscriber profile content according to your settings and the product surface you use.
- Process subscriptions or payments when paid features are enabled.
- Send service messages, alerts, security notices, support replies, and optional marketing communications.
- Maintain logs, audits, evidence records, and dispute records needed for safety, billing, security, compliance, and platform reliability.
- Improve the product, debug issues, understand usage, and develop new features.
- Comply with law and enforce our terms, policies, and platform safety rules.
Aggregated and de-identified data
Rippll may create and use aggregated, anonymized, or de-identified information derived from platform activity for analytics, product improvement, research, reporting, benchmarking, and lawful business purposes.
Aggregated or de-identified data means data processed so it cannot reasonably be used to identify, relate to, describe, or be linked back to an individual user, account, brokerage, or household. We will not try to re-identify de-identified data, and when we provide de-identified data to a third party, we require appropriate limits against re-identification where the law or contract requires it.
Retention and security
We keep information for as long as needed to provide the Services, satisfy legal and accounting duties, resolve disputes, enforce agreements, maintain safety records, support audits, and prevent fraud or abuse. If you disconnect a broker, we stop collecting new broker data through that connection, but we may retain historical records needed for safety, accounting, compliance, dispute handling, or auditability.
We use safeguards designed to protect information, including encryption in transit, encryption at rest for broker tokens and sensitive onboarding fields, access controls, redaction rules, logging controls, and least-privilege operational practices. No system is perfectly secure. You are responsible for securing your devices, broker accounts, passwords, and authentication factors.
Your choices and rights
- You may update available account, profile, and module settings in the product.
- You may disconnect supported broker, Discord, or Whop integrations where the product exposes that control, or by revoking access directly with the third-party service.
- You may opt out of non-essential marketing emails. Service, security, billing, and transactional notices may still be sent.
- Depending on where you live, you may request access, correction, deletion, portability, restriction, or objection related to your personal information.
To submit a privacy request, contact legal@rippll.ai. We may need to verify your identity before acting on a request. Some deletion requests are subject to legal, safety, accounting, dispute, and audit exceptions.
California notice
If you are a California resident, this section provides the notice at collection required by California privacy law. We collect the categories below for the business purposes described in this policy.
| Category | Examples | Retention |
|---|---|---|
| Identifiers | Name, email, account id, authentication provider id, handles, broker or integration identifiers. | Account life plus legal, safety, audit, and dispute periods. |
| Customer records and financial information | Billing status, broker connection records, balances, positions, orders, fills, portfolio snapshots, and related account records. | Feature life plus legal, accounting, safety, audit, and dispute periods. |
| Commercial information | Subscriptions, plans, receipts, trade signals, copy-flow records, approvals, settings, and support history. | As needed for product operation, accounting, legal, safety, audit, and dispute purposes. |
| Internet or network activity | IP address, device/browser data, page views, logs, security events, and session activity. | As needed for security, debugging, analytics, legal, safety, audit, and abuse prevention. |
| Approximate location | Approximate region inferred from IP address or region fields you provide. | As needed for account, security, legal, and product purposes. |
| Sensitive personal information | Broker access tokens or similar access credentials, financial account information, private trader onboarding fields, and authentication-related data. | As needed to provide the requested feature, secure the account, meet legal duties, and maintain safety/audit records. |
We do not sell or share personal information as those terms are used for California cross-context behavioral advertising. We use sensitive personal information only for permitted business purposes, including providing requested services, security, fraud prevention, safety, debugging, and legal compliance.
Children and international users
The Services are not intended for anyone under 18. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under the applicable minimum age, we will delete it as required by law.
If you access Rippll from outside the United States, your information may be processed and stored in the United States or other countries where we or our service providers operate.
Changes
We may update this policy from time to time. Material updates will be communicated through reasonable means, such as email, in-app notice, or posting an updated policy. The effective date above shows when this version took effect.
Contact
Rippll LLC
Email: legal@rippll.ai
Website: rippll.ai