The short version
We do not collect, store, or transmit your trading data. Everything โ trades, emotions, checklist answers, AI results, settings โ stays on your device. We have no servers. When a feature contacts a third party (your exchange, AI provider, Google, or LemonSqueezy), the call leaves your browser directly, using your own credentials. We are never in the middle.
1. Overview
Crypto Discipline Tool is a browser-local Chrome Extension. There is no account to sign up for, no telemetry, no analytics. The entire feature set operates on data that lives only in your browser.
Some features need to reach a third-party service (for example, your exchange's API to pull your fills, or an AI provider to analyze a trade). In every such case, the outbound call is made directly from your browser to that third party, using credentials you provided. We do not run any intermediate backend.
2. Third-Party Services
The extension talks to the following third parties only when you enable the matching feature. Each one is optional.
2.1 Exchange APIs โ Public Market Data
Supported exchanges: Binance, OKX, Bybit, BingX, LBank, Bitget, MEXC
- Purpose: fetching public market data (prices, kline candles, funding rates) for the Market Snapshot feature.
- Data sent: standard public API requests. No personal data. No authentication.
- Data received: market prices, orderbook depth, funding rates.
2.2 Exchange Read-Only API Keys โ Auto-Sync of Your Trades
Supported: Binance, OKX, Bybit, BingX, Bitget, MEXC. (LBank's private futures API is not publicly documented, so auto-sync isn't available on LBank.)
- Purpose: automatically importing your positions and historical fills so you don't have to fill exit details by hand.
- What we ask for: API Key + Secret (plus Passphrase for OKX / Bitget). You paste these into the extension.
- Required permission: Read-Only only. The extension cannot place or cancel orders, transfer funds, or withdraw. We recommend disabling trade and withdraw permissions when you create the key.
- Encryption: keys are encrypted with the Web Crypto API (AES-GCM) before being written to
chrome.storage.local. They are decrypted only inside the Service Worker, only at the moment an API call is being made. - Transmission: keys are sent only over HTTPS to the corresponding exchange's own endpoint (e.g.
api.binance.com). They never reach any server we control. - Revocation: delete the key from the Options page any time. You can also revoke it on the exchange's website.
2.3 AI Providers โ OpenAI / Claude / Gemini
- Purpose: optional AI analysis features (post-close review, in-holding review, and Edge Finder long-term analysis).
- Data sent: only when you manually trigger an analysis. For single-trade reviews we send the position's checklist answers, entry/exit prices, and any market snapshot captured at open time. For Edge Finder, see Section 3.
- Your API key: you paste your own. Same encryption and isolation as exchange keys (Section 5). Only ever sent to the provider you chose.
- We never see your key or your data.
2.4 Google OAuth + Google Sheets โ Optional Backup Sync
- Purpose: mirroring your closed trades to your own Google Sheet so you have a full audit trail outside the browser.
- OAuth mechanism: Chrome's
chrome.identityAPI requests your consent through a standard Google login flow. - Scopes we request:
spreadsheetsโ to write rows into a Sheet.drive.fileโ to create a new Sheet the first time you connect. This scope is restricted to files our extension itself creates; we cannot read your other Drive files.
- Token storage: the OAuth access token is managed by Chrome's identity service. Any local reference we keep (e.g. last-sync metadata) is encrypted with Web Crypto and lives in
chrome.storage.local. - What we can see in your Google account: only the Sheet this extension created. We cannot read your email, contacts, or any other Drive document.
- Revocation: disconnect from the Options page anytime, or revoke access at
myaccount.google.com/permissions.
2.5 LemonSqueezy โ License Key Validation
Not active during early access. While the extension is in Early Access mode (all features free), no license validation call is ever made.
- Purpose: checking whether a paid license key is currently active (for when pricing is introduced after early access).
- Data sent: your license key (only if you activated one) and a self-generated instance identifier to
api.lemonsqueezy.com. - Data NOT sent: no trading data, no checklist content, no emotion tags, no AI output, no API keys, no personally identifying information.
2.6 Fear & Greed Index โ alternative.me
- Purpose: fetching the public Crypto Fear & Greed Index as part of the Market Snapshot.
- Data sent: none. It's a public endpoint.
2.7 Finnhub โ Economic Events Calendar
- Purpose: fetching upcoming economic events, also as part of the Market Snapshot.
- Data sent: your Finnhub API key and the date range. No trading data.
3. Edge Finder & Aggregated Analytics
Edge Finder is an optional AI feature that produces a long-horizon behavioral report across many of your trades. We are deliberate about what it sees:
- The AI never sees your raw trades. Before any request leaves the browser, the extension pre-computes a compact statistical summary โ win rate, profit factor, per-emotion win rate, best-hours bucketing, discipline percentages, streak metrics, average holding duration, and so on.
- That summary is what gets inserted into the prompt. It contains numbers and category names, not individual entries, symbols-per-trade, timestamps, or prices.
- Report storage: the AI's response is saved locally in IndexedDB so you can re-read old analyses. We never see it.
4. Local Data Storage
Everything below lives on your device and is never uploaded.
| What | Where | Notes |
|---|---|---|
| Trade sessions (checklist answers, intended action, emotion, outcome) | IndexedDB ยท checklist_sessions |
One row per Modal interception |
| Positions + Orders (Phase 6 lifecycle model) | IndexedDB ยท positions, orders |
Full open โ close history |
| Legacy position entries (prior to Phase 6) | IndexedDB ยท position_entries |
Kept for backward compatibility |
| Edge Finder history | IndexedDB ยท edge_finder_results |
Each past AI report |
| Settings (language, checklist config, risk rules, AI settings) | chrome.storage.local |
|
| License state (status, expiry) | chrome.storage.local |
Only if you activate one |
| Encrypted API keys (AI, exchange, Finnhub) | chrome.storage.local (Web Crypto AES-GCM) |
See Section 5 |
| Risk control daily counters (today's loss, consecutive losses, emotion counts, trade count, cooldown) | chrome.storage.session |
Cleared when the browser closes. Never persisted, never uploaded. |
5. API Key Storage (Detailed)
Three kinds of third-party API credentials may be stored in your browser:
- AI provider keys (OpenAI / Claude / Gemini) โ for AI analysis features.
- Exchange API keys + secrets (Binance / OKX / Bybit / BingX / Bitget / MEXC) โ for auto-sync of your trades. OKX and Bitget additionally require a passphrase.
- Finnhub key โ for the economic events calendar.
All three kinds are treated the same way:
- Encrypted at rest with the Web Crypto API (AES-GCM, per-install key derived on first run).
- Stored in
chrome.storage.localโ never in plaintext. - Decrypted only inside the Service Worker, only at the moment the specific outbound call is being made.
- Transmitted only to the corresponding service's official endpoint over HTTPS. They never reach any server we control.
- Never logged, never included in telemetry (we have no telemetry).
- Deletable at any time from the Options page.
Recommendation: create Read-Only exchange keys (no trade, no withdraw permission) and store AI keys with conservative quotas. These are your keys โ we can't enforce best practices on your behalf.
6. Data Retention
Everything stays on your device until you remove it:
- Manually deleting entries from the Options page
- Uninstalling the extension
- Clearing your browser's storage for the extension
We have no retention period to define because we never have the data in the first place.
7. Data Export & Sync
Two ways to get your data out โ both driven by you, never automatic uploads to a server we control:
- CSV export โ the Options page has an "Export Trading Journal" button. A file is generated locally and downloaded.
- Google Sheet sync โ see Section 2.4. The destination is your own Sheet; we only write to the spreadsheet you connect.
You can do either, both, or neither.
8. Permissions the Extension Requests
| Permission | Why |
|---|---|
storage + unlimitedStorage |
Local trade history and settings |
identity |
Google OAuth for the optional Sheet sync |
alarms |
Scheduling the optional daily auto-sync |
| Host permissions on exchange domains | Injecting the content script so the order-button interception can work |
| Host permissions on API endpoints (exchanges, AI providers, Google, LemonSqueezy) | Making the outbound calls described above, directly from your browser |
We do not request tabs, cookies,
webNavigation, or any permission that would let us see
unrelated browsing activity.
9. Children's Privacy
Crypto trading is not suitable for minors, and neither is this extension. It is not intended for users under 18.
10. Changes to This Policy
Any material change to this policy will be reflected in this file and in the version shown in the Chrome Web Store listing. The "Last updated" date at the top will also change.
11. Contact
For any privacy questions or requests, email us using the Submit Feedback button (opens your email client). We read every message.