Privacy Policy

1. Introduction

DECIDO ("DECIDO", "we", "us", or "our") is a decision-support web application for retail traders. DECIDO does not provide market data, brokerage services, automated trading, or financial advice. It is a personal record-keeping and discipline tool that lets users mark and review their own intentions (GO / WAIT / STOP) per timeframe and per instrument.

This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have. It applies to the DECIDO website and the authenticated DECIDO application.

The data controller responsible for your personal data is:

SalesVoice LLC
Tokyo, Japan
Contact: infosalesvoice@gmail.com

2. Information We Collect

We intentionally collect the minimum data necessary to operate DECIDO.

Account Information

When you create an account we collect your email address and a username. We do not require your real name. Authentication is operated through Supabase Auth (see Section 4).

User-Generated Content

DECIDO stores the data you create inside the product: the instruments you track, the folders you organize them into, the GO / WAIT / STOP state you assign per timeframe, free-form memos you write, favorite flags, broker labels, and the timestamps of state changes. This data is private to your account and is never made public or shared with other users.

Usage and Technical Data

We collect basic interaction events, feature-preference settings, and timestamps to understand how the product is used and to improve it. When you access the service, we automatically receive your IP address, browser type, device information, operating system, and referrer for security, abuse prevention, and troubleshooting.

Billing Information

Paid subscriptions are processed by Paddle.com Market Limited ("Paddle"), which acts as the Merchant of Record (reseller) for DECIDO. Paddle collects your name, billing address, country, tax identifiers (where applicable), and payment instrument data. Paddle shares with us only the limited information we need to operate your subscription (subscription identifier, plan, status, billing period, country, and a Paddle customer identifier). We do not see, store, or process your full payment card numbers. Paddle's privacy notice is available at paddle.com/legal/privacy.

Cookies and Local Storage

We use strictly necessary cookies and browser storage to keep you signed in, to remember your interface preferences, and to run a minor A/B test on the public landing page (font variant). We do not use third-party advertising cookies and we do not run cross-site tracking on our marketing pages.

3. How We Use Your Information

We use your information to:

• Provide, operate, and maintain the DECIDO service
• Activate, renew, and (when required) cancel your subscription
• Improve product functionality based on usage patterns
• Detect, prevent, and respond to abuse, fraud, and security incidents
• Send essential service communications (billing receipts via Paddle, downtime notices, security alerts, material policy changes)
• Comply with applicable legal obligations

We do not send promotional or marketing emails without your separate consent.

Where the GDPR or comparable laws apply, our legal bases are: (a) performance of the contract with you; (b) our legitimate interests in operating, securing, and improving the service; and (c) compliance with legal obligations.

4. Service Providers (Subprocessors)

We share personal data only with the service providers we need in order to run DECIDO. We require each provider to keep your data secure and to use it only for the purposes we instruct.

• Supabase Inc. — authentication, database hosting, and storage of your account and in-product data.
• Vercel Inc. — hosting and content delivery for the DECIDO website and application.
• Paddle.com Market Limited — Merchant of Record, payment processing, tax handling, and invoicing.
• Discord Inc. — receipt of in-product feedback that you voluntarily submit through the feedback form.

We do not sell your personal data, and we do not share it with advertising networks or data brokers.

5. International Data Transfers

DECIDO is operated from Japan and our service providers may process your data in the United States, the European Economic Area, the United Kingdom, and other jurisdictions. Where personal data is transferred out of the country in which you are located, we rely on appropriate safeguards such as Standard Contractual Clauses or the equivalent contractual protections offered by our providers.

6. What We Don't Do

To be explicit:

• We do not sell your personal data.
• We do not use your personal data for third-party advertising.
• We do not share your data with advertising networks or data brokers.
• We do not create public profiles or expose your information to other users.
• We do not access your brokerage or exchange accounts. DECIDO has no connection to any broker, exchange, or trading API.

7. Data Security

We use industry-standard security measures to protect your data, including:

• Encryption of data in transit (TLS/HTTPS)
• Encryption of data at rest at the storage layer
• Row-level security (RLS) so that each user can only read or modify their own records in our database
• Restricted administrative access to production systems

No system is 100% secure, but we take reasonable steps to protect your information from unauthorized access, loss, or misuse, and we will notify affected users in line with applicable law in the event of a personal-data breach that creates a material risk.

8. Data Retention

We retain your account data for as long as your account is active. When you delete your account, we delete your personal data within 30 days, except where retention is required for: (a) outstanding billing or accounting obligations (which Paddle may retain in line with their own retention schedule and applicable tax law), (b) fraud prevention and security investigations, and (c) compliance with legal obligations.

Server logs are retained for a limited period (typically up to 90 days) for security and troubleshooting purposes.

9. Your Rights

Depending on where you live (including under the GDPR, the UK GDPR, the CCPA/CPRA, and Japan's Act on the Protection of Personal Information), you may have the following rights:

• Access — request a copy of the data we hold about you
• Correction — request correction of inaccurate or incomplete data
• Deletion — request deletion of your personal data
• Objection / Restriction — object to or restrict certain processing
• Portability — receive your data in a portable, machine-readable format where technically feasible
• Withdraw consent — for any processing based on consent
• Lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at the email address below. We will respond within a reasonable timeframe, and within the period required by applicable law. For billing-data requests, you may also contact Paddle directly.

10. Children's Privacy

DECIDO is not intended for users under the age of 18 and is not directed at children. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected data from a user under 18, we will delete it promptly. If you believe a child has provided us with personal information, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the DECIDO website or by email. The "Last updated" date at the top of this page indicates when this policy was last revised.

12. Contact

If you have questions about this Privacy Policy or wish to exercise your rights, please contact:

SalesVoice LLC
Tokyo, Japan

infosalesvoice@gmail.com