Privacy Policy
Last Updated: 22. 06. 2026
Effective Date: 22. 06. 2026
This Privacy Policy explains how HyperFlow Trading ("HyperFlow," "we," "us," or "our") collects, uses, shares, and protects your personal data when you visit hyperflowtrading.io (the "Website"), purchase or use the HyperFlow Indicator Suite, join our community channel, or contact us.
It should be read together with our Terms and Conditions and our Refund Policy. Capitalised terms not defined here have the meaning given in our Terms.
We are the data controller for the personal data described in this Policy. We take your privacy seriously and handle your data in line with the EU General Data Protection Regulation (GDPR) and applicable national law.
In short: We collect only the limited data we need to give you access to the Indicator Suite, take payment (through Whop), support you, run our Discord community, and meet our legal obligations. We do not sell your personal data. You have strong rights over your data, explained in Section 11.
1. Who We Are and How to Contact Us
1.1 The controller of your personal data is HyperFlow Trading, operating the Website hyperflowtrading.io.
1.2 For any privacy question or to exercise your rights, contact us at bitcoinhyperofficial@gmail.com.
1.3 Data Protection Officer. We are not required to appoint a Data Protection Officer and have not appointed one. Privacy enquiries are handled at the address in 1.2.
1.4 EU representative. Because we are established in the EU (Slovenia), we are not required to appoint a representative under Article 27 GDPR.
1.5 Supervisory authority. Your lead supervisory authority for GDPR matters is the Slovenian Information Commissioner (Informacijski pooblaščenec): Dunajska cesta 22, 1000 Ljubljana, Slovenia; email gp.ip@ip-rs.si; web www.ip-rs.si. You also have the right to complain to the supervisory authority in your own country (see Section 11).
2. Scope, and the Role of Whop, TradingView, and Discord
2.1 This Policy covers the personal data we control: data from your use of the Website, from your purchase and use of the Service, from your support messages, and from your participation in our community channel.
2.2 Some of your data is also handled by third parties acting as their own independent controllers, under their own privacy policies, which we do not control:
(a) Whop (our checkout and payment platform) — Whop collects and processes your payment and account data on its platform. Please review Whop's privacy policy.
(b) TradingView — the Indicators run on TradingView, and your TradingView account is governed by TradingView's privacy policy.
(c) Discord — if you join our community server, Discord processes your data under its own privacy policy.
2.3 We recommend reviewing those policies. This Policy explains what we do with the data we receive or collect.
3. The Personal Data We Collect, and Where It Comes From
We collect the following categories of personal data. We collect only what we need.
3.1 Information you give us directly:
- your email address and any name or display name you provide;
- your TradingView username, which we need in order to grant you access to the invite-only Indicators;
- the content of messages you send us (for example, support or refund requests);
- if you join our Discord server, your Discord username/ID and anything you choose to post there.
3.2 Information we receive from Whop when you purchase (Whop is our merchant of record for payments). This typically includes:
- your email address and name or username (if provided);
- your order and subscription details — the plan you bought, subscription status, order/transaction ID, amount, currency, and purchase/renewal dates;
- your billing country and limited information needed for tax and record-keeping;
- for cryptocurrency payments, a transaction reference and any wallet address Whop passes to us.
We do not receive or store your full payment card number, card security code, or full banking details — these are handled by Whop and its payment processors.
3.3 Information collected automatically from the Website. The Website is currently a marketing/information site hosted by Hostinger, which links to Whop for checkout. At present we do not run analytics or advertising tools, so beyond any strictly necessary cookies and standard server logs kept by our host for security and operation, we do not collect browsing data for our own analytics. If this changes (see Section 6), we will update this Policy and, where required, obtain your consent first.
3.4 Special-category data. We do not intentionally collect any special-category data (such as health, religion, ethnicity, political opinions, or biometric data), and we ask you not to send it to us. The Service is not designed to process such data.
4. How We Use Your Data, and Our Legal Bases
Under the GDPR we must have a lawful basis for each use. The table below explains them.
| Purpose | Data used | Legal basis (GDPR Art. 6) |
|---|---|---|
| Give you access to the Indicator Suite and manage your subscription (granting your TradingView invite, providing updates, managing access) | Email, TradingView username, order/subscription data | Performance of a contract (Art. 6(1)(b)) |
| Take and confirm your payment (processed by Whop) | Order/transaction data we receive from Whop | Performance of a contract (Art. 6(1)(b)) |
| Provide customer support and handle refund requests | Email, message content, order details | Legitimate interests in responding to you and the contract (Art. 6(1)(b) and (f)) |
| Run our Discord community (if you join) | Discord username/ID, posts | Contract and legitimate interests (Art. 6(1)(b) and (f)) |
| Keep records and comply with tax, accounting, and other legal obligations | Transaction and invoice data | Legal obligation (Art. 6(1)(c)) |
| Keep the Service secure, prevent fraud and refund abuse, and enforce our Terms | Account, order, and limited technical data | Legitimate interests (Art. 6(1)(f)) |
| [Future] Understand how the Website is used (analytics) | Device, usage, and IP data via cookies | Consent (Art. 6(1)(a)) — collected via a cookie banner |
| [Future] Send you marketing about our products | Consent (Art. 6(1)(a)), with an easy opt-out |
4.1 Where we rely on legitimate interests, we have balanced those interests against your rights, and you may object (see Section 11). Where we rely on consent, you may withdraw it at any time without affecting prior processing.
5. Marketing Communications
5.1 What we send now. We currently send only service and transactional messages — for example, access details, important updates to the Indicators, renewal and payment notices, and replies to your enquiries. These are not marketing and are part of providing the Service.
5.2 Marketing in the future. We do not currently send marketing emails. If we introduce marketing, we will rely on your consent (or another lawful basis permitted by law), tell you clearly when you sign up, and include an easy way to unsubscribe in every marketing message. You can opt out at any time.
6. Cookies and Similar Technologies
6.1 Current position. The Website currently uses, at most, strictly necessary cookies and standard technical/server data needed to operate and secure the site through our host, Hostinger. We do not currently use analytics or advertising cookies, and there is no cookie consent banner installed yet.
6.2 Cookie categories. If and when we add further cookies, they will fall into these categories:
| Category | What it does | Consent needed? |
|---|---|---|
| Strictly necessary | Makes the site work and keeps it secure | No |
| Functional | Remembers preferences | Yes (in the EU/EEA/UK) |
| Analytics | Helps us understand site usage | Yes |
| Advertising | Supports marketing/retargeting | Yes |
6.3 Consent before non-essential cookies. Under Slovenian and EU ePrivacy rules, we must obtain your prior consent before placing any non-essential cookies (functional, analytics, or advertising). Before we activate any such cookies, we will install a cookie consent banner that lets you accept or reject each category, and we will update this Policy to list the specific tools used.
7. Who We Share Your Data With
7.1 We do not sell your personal data. We share it only with the following categories of recipient, and only as needed:
(a) Whop — checkout, payments, and subscription management;
(b) TradingView — to grant and manage your access to the invite-only Indicators;
(c) Hostinger — our website hosting provider;
(d) Google (Gmail) — we use a Google email account to receive and respond to your messages;
(e) Discord — if you join our community server;
(f) [Future] analytics and email/marketing providers — once introduced (Section 6 / Section 5);
(g) professional advisers, and authorities — for example our accountant, or where we are legally required to disclose data.
7.2 Where these providers act as our processors, they process data only on our instructions under a data-processing agreement. Where they act as independent controllers (such as Whop, TradingView, and Discord), their own privacy policies apply (see Section 2).
8. International Data Transfers
8.1 Some of our providers are located outside the EU/EEA, including in the United States (for example, Whop, TradingView, Google, and Discord). Our host, Hostinger, is established in the EU.
8.2 Where your data is transferred outside the EU/EEA, we rely on a lawful transfer mechanism, namely the EU–U.S. Data Privacy Framework (where the recipient is certified) and/or the European Commission's Standard Contractual Clauses, together with additional safeguards where appropriate.
8.3 You can ask us for more information about the safeguards used by contacting us at the address in Section 1.
9. How Long We Keep Your Data
9.1 We keep personal data only as long as necessary for the purposes in this Policy:
(a) Access and account data — for as long as your Subscription is active, plus a short period afterwards to handle any follow-up, disputes, or reactivation;
(b) Transaction and invoice records — for as long as required by Slovenian tax and accounting law (these periods can be several years; for example, certain accounting records are typically retained for up to 10 years);
(c) Support messages — for as long as needed to resolve your query and a reasonable period afterwards;
(d) Marketing data (if introduced) — until you withdraw consent or unsubscribe;
(e) Analytics data (if introduced) — for the retention period set for each tool, which we will disclose at that time.
9.2 When data is no longer needed, we delete or anonymise it.
10. How We Protect Your Data
10.1 We use appropriate technical and organisational measures to protect your data against loss, misuse, and unauthorised access — for example, access controls, reputable service providers, and limiting who can see your data.
10.2 No system is completely secure, and we cannot guarantee absolute security, but we take reasonable steps to keep your data safe and we rely on the security measures of established providers such as Whop, TradingView, Google, and Discord for the data they handle.
11. Your Privacy Rights
11.1 If you are in the EU/EEA, you have the following rights under the GDPR, which you can exercise free of charge in most cases:
- Access — get a copy of the data we hold about you;
- Rectification — correct inaccurate or incomplete data;
- Erasure — ask us to delete your data ("right to be forgotten"), where the law allows;
- Restriction — ask us to limit how we use your data;
- Portability — receive certain data in a portable format, or have it sent to another provider;
- Objection — object to processing based on legitimate interests, and to direct marketing at any time;
- Withdraw consent — where we rely on consent, withdraw it at any time;
- Automated decisions — not be subject to decisions with legal or similarly significant effects based solely on automated processing (we do not make such decisions — see Section 13).
11.2 How to exercise your rights. Contact us at bitcoinhyperofficial@gmail.com. We will respond within the time the law allows (generally one month under the GDPR). We may need to verify your identity first.
11.3 Complaints. If you have a concern, please contact us first so we can help. You also have the right to lodge a complaint with a supervisory authority — in Slovenia, the Information Commissioner (Section 1.5) — or with the authority in your country of residence or work.
12. California Privacy Rights (CCPA/CPRA)
12.1 If you are a California resident, you have rights under the California Consumer Privacy Act, as amended (CCPA/CPRA):
- to know what personal information we collect and how we use it;
- to access and to delete your personal information;
- to correct inaccurate personal information;
- to opt out of the "sale" or "sharing" of personal information;
- to limit the use of sensitive personal information;
- to non-discrimination for exercising your rights.
12.2 We do not sell or share your personal information as those terms are defined under the CCPA/CPRA, and we do not use sensitive personal information for purposes that trigger the right to limit. The categories of personal information we collect are described in Section 3, and our sources, purposes, and recipients are described in Sections 3, 4, and 7.
12.3 If this changes — for example, if we add advertising cookies that involve "sharing" for cross-context behavioral advertising — we will provide a clear "Do Not Sell or Share My Personal Information" choice and will honor Global Privacy Control (GPC) signals. To exercise any California right, contact us at bitcoinhyperofficial@gmail.com.
13. Automated Decision-Making and Profiling
13.1 We do not carry out automated decision-making or profiling that produces legal effects, or similarly significant effects, concerning you.
14. Children's Privacy
14.1 The Service is intended only for users who are at least 18 years old. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal data, contact us at bitcoinhyperofficial@gmail.com and we will delete it.
15. Data Breaches
15.1 If a personal-data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority within the time the law requires (generally 72 hours under the GDPR), and we will inform affected individuals where the breach is likely to result in a high risk to them.
16. Privacy Rights in Other Regions
16.1 We sell worldwide, and if you are a consumer outside the EU/EEA and California, you may have rights under your own local data-protection law (for example, the UK GDPR in the United Kingdom, PIPEDA in Canada, the Privacy Act/APPs in Australia, or the LGPD in Brazil). You can exercise any such rights by contacting us at bitcoinhyperofficial@gmail.com, and we will respond as that law requires.
17. Changes to This Privacy Policy
17.1 We may update this Policy from time to time — for example, when we add analytics, marketing, or new tools. When we do, we will change the "Last Updated" date above and, where the change is significant, take reasonable steps to notify you. Please check back from time to time.
18. Contact Us
If you have any questions about this Privacy Policy or your personal data, please contact us:
Email: bitcoinhyperofficial@gmail.com
Website: hyperflowtrading.io