Smart Money LinkPT
Legal document

Privacy Policy

Last updated: 2026-05-16

1. Who we are

This Policy describes how Alexandria Tecnologia(“Alexandria”, “we”), as data controller, collects, uses, stores, and shares personal information from users of the Smart Money Link (“SML”) ecosystem, in compliance with the Brazilian General Data Protection Law (LGPD — Law 13.709/2018), the European General Data Protection Regulation (GDPR), and other applicable laws.

2. Data we collect

2.1. Data you provide directly

  • Registration: full name, email, password (stored encrypted).
  • Payment: credit card data processed via partner payment gateway (Stripe). We do not store card numbers on our servers — only the transaction token.
  • Journal content: trade notes, mood scale, psychological triggers, tags. This content is private and visible only to your account.
  • Settings: theme preferences, notifications, language.

2.2. Data collected automatically

  • Usage data: pages visited, access frequency, features used, performance metrics.
  • Technical data: IP address, browser type, operating system, timezone.
  • Essential cookies: session identifier, persistent preferences (chosen theme).

2.3. Third-party data (future integrations)

When you voluntarily connect your prop firm account (Apex, FTMO, FundedNext, MyForex) or MT5 account, we receive via API: account balance, trade history, drawdown metrics, and active rules. This data is used exclusively for risk tracking on the dashboard — we do not share with third parties or use for any other purpose.

3. Purpose of processing

We use your data to:

  • Provide, maintain, and improve the service.
  • Process payments and manage your subscription.
  • Communicate service changes, important updates, and operational alerts (drawdown approaching limit, trial expiration).
  • Generate personalized technical analysis (SMC engine + Pharos AI) based on user history.
  • Comply with legal and regulatory obligations.
  • Detect and prevent fraud, abuse, and Terms of Use violations.

We do not use your data for:third-party targeted advertising, selling email lists, behavioral profiling for external commercial purposes, or any processing incompatible with the service's purpose.

4. Legal basis

Data processing is based on:

  • Contract performance (LGPD art. 7, V / GDPR art. 6(1)(b)): to deliver the contracted service.
  • Legal obligation (LGPD art. 7, II / GDPR art. 6(1)(c)): retention of tax and financial data per legislation.
  • Legitimate interest (LGPD art. 7, IX / GDPR art. 6(1)(f)): fraud prevention, platform security, ongoing product improvement.
  • Consent (LGPD art. 7, I / GDPR art. 6(1)(a)): marketing communications and optional analytics cookies.

5. Sharing with third parties

We share your data only with providers essential to service operation:

  • Stripe (payment processing): card and transaction data.
  • Vercel (hosting): technical access logs.
  • Google / OAuth (social login, if user chooses): identity confirmation only.
  • Transactional email providers: for welcome emails, notifications, and alerts.

All partners are contractually required to process data under standards equivalent to those described in this Policy and to applicable LGPD/GDPR.

We do not sell your data. We do not share with prop firms, brokers, or any commercial third party.

6. Cookies

We use two types of cookies:

6.1. Essential (always active)

Required for basic functionality: login session, theme preferences, subscription cart. Without these cookies, the service does not work.

6.2. Analytics (optional)

Anonymous product usage metrics (which feature is most used, where users get stuck). You can disable via settings panel.

7. Data subject rights

Under LGPD and GDPR, you have the right to:

  • Access: obtain a copy of data we hold about you.
  • Rectification: request correction of incomplete, inaccurate, or outdated data.
  • Erasure: request deletion of unnecessary or excessive data, subject to legal retention obligations.
  • Portability: receive your data in a structured, machine-readable format (JSON or CSV).
  • Information about sharing: know who we share your data with.
  • Withdrawal of consent: at any time, for consent-based processing.
  • Objection: contest processing you consider unlawful.

To exercise any of these rights, write to privacy@alexandria.app. We respond within 15 (fifteen) business days.

8. Security

We apply technical and organizational measures to protect your data:

  • Passwords stored with cryptographic hashing (bcrypt/argon2), never in plain text.
  • Encrypted connection (HTTPS/TLS 1.3) on all communications.
  • Data access restricted to the minimum necessary by technical team.
  • Periodic security audits and dependency updates.
  • Encrypted backups in segregated infrastructure.

Even with these measures, no system is 100% immune to failures. In case of an incident that compromises personal data, we will notify the competent authority and affected data subjects as required by LGPD/GDPR.

9. Retention

We retain your data while your account is active and for the period necessary to comply with legal obligations (generally, 5 years for tax data after account termination, per applicable legislation). After that period, data is anonymized or deleted.

10. International transfer

Some providers (Vercel, Stripe, Google) may process data on servers in the US or European Union. In these cases, we ensure partners operate under adequate standards (European Commission standard contractual clauses, Privacy Shield certification, or equivalent).

11. Children and minors

The service is not intended for minors under 18. We do not knowingly collect data from minors. If we identify a minor's registration, we will delete the data immediately.

12. Changes to this Policy

We may update this Policy periodically. Material changes will be communicated via email and/or visible notice on the platform with at least 15 (fifteen) days notice.

13. Data Protection Officer (DPO) and contact

Pursuant to LGPD art. 41 and GDPR art. 37, our DPO can be reached at privacy@alexandria.app.

Should you believe your rights have not been respected, you may contact the Brazilian National Data Protection Authority (ANPD) at www.gov.br/anpd or your local data protection authority.

Smart Money Link is a registered trademark of Alexandria Tecnologia.

Trading involves risk. Past performance does not guarantee future results.

© 2026 Alexandria Tecnologia.