TradeTempo

Legal

Chrome Extension Privacy

What Trade Sync reads, where it sends data, and what it never touches.

Last updated: May 4, 2026

1. What the extension does

The TradeTempo Trade Sync Chrome extension watches the network responses your browser already fetches from trader.tradovate.com and topstepx.com while you're trading and forwards them to your TradeTempo journal. It is a passive observer — it does not modify pages, place trades, alter orders, or change broker behavior in any way.

2. Data collected via the extension

When you're logged into Tradovate or TopstepX with the extension active and an API key configured, we receive copies of:

  • Your trading account list (id, nickname, balance, evaluation status).
  • Trade fills and round-trip P&L (symbol, side, quantity, entry/exit price, timestamps, realized P&L, commissions).
  • Cash-balance snapshots used to compute drawdown.
  • Chart screenshots you choose to capture from the on-screen HUD, for journal review and AI grading.
  • Session metadata (timeframe shown, current contract symbol, open position size) used by the in-session coach to decide whether to nudge you.
  • Order-intent payloads when you place an order, so the rule-audit tier can run before the fill confirms.

3. Data we do NOT collect

  • Your broker password. We never see it. The extension reads already-authenticated responses; no credentials ever cross the wire to our servers.
  • Browsing history or content from any site other than trader.tradovate.com and topstepx.com. The content scripts are scoped to those origins in manifest.json.
  • Form input on third-party sites. The wrapped fetch/XHR scripts only run on the trading-platform domains.
  • Personally identifiable information beyond what you supplied at signup (email + display name).

4. Where the data goes

Captured data is sent over HTTPS to your TradeTempo backend at /api/tradovate/ingeston the host you configured in the extension popup. By default that's the production deployment at prop-tracker-phi.vercel.app; you can change it for self-hosted setups.

Server-side, data is stored in a Postgres database hosted on Neon (encrypted at rest), associated with your user account via the API key you pasted into the extension. It is never sold, rented, or shared with third parties for marketing.

5. AI processing

With your opt-in (Tempo+ tier or active trial), screenshots and trade data may be sent to Anthropic's Claude API for rule-audit, setup-grading, behavior-pattern detection, and the in-session coach. Anthropic does not train on your data per their API terms. You can disable AI features at any time from the HUD settings panel; the deterministic code-judge audits will still run.

6. Manifest permissions justification

  • storage — persists your API key and HUD preferences locally in the extension.
  • activeTab / tabs — identifies the trading tab so the HUD overlay can be injected into the right window.
  • scripting — injects the content scripts that wrap fetch/XHR on the trading platform.
  • sidePanel — renders the persistent coach chat in a Chrome side panel rather than a popup, so your trading view stays unobstructed.
  • host_permissions: <all_urls> — required by Manifest V3 so the content_scripts entries can target both Tradovate and TopstepX. The actual content_scripts.matcheskeys restrict execution to those two origins. We never read or modify any other site's data.

7. Your rights

You can revoke API keys at any time in Settings → Extension, which immediately stops the extension from forwarding data. Full data export and account deletion are available in the same place under the GDPR controls. Uninstalling the extension stops all data capture.

8. Contact

Questions about extension behavior or data handling: hello@tradetempo.ai.