Get Help
Log In

Privacy Policy

Last Modified: September 18, 2023

1. SCOPE OF THIS PRIVACY POLICY

This Privacy Policy outlines what types of information are collected from our account holders, users, and visitors (“you”, “your”, or “User”), to whom it may be disclosed, and how that information may be used by Topstep LLC, a Delaware limited liability company, and its affiliated entities (collectively, “Topstep”, “we”, “our”, or “us”), as each of the foregoing relates to your use of Topstep’s Websites (“Sites”), software, applications, content, platforms, products, and services (each, a “Service, and collectively, the “Services”). This Privacy Policy contains capitalized words or phrases throughout which are defined terms. Their definitions are found either in this Privacy Policy or the Terms of Use.

By accessing or using the Sites or Services, by accepting the Terms of Use or by entering into any other agreement with us, you agree on behalf of yourself and any entity you represent that you have read, understood, and consented to this Privacy Policy, our Terms of Use, all amendments, addenda, and licenses to each of the Privacy Policy and the Terms of Use (collectively, the “Agreement”). You should review the Terms of Use, along with this Privacy Policy. By using our Sites or Services, you consent to Topstep’s use of your information and data as described in the Agreement. If you do not agree to the terms of this Privacy Policy, do not use the Sites or Services. Please check back periodically to review the Terms of Use and Privacy Policy, as Topstep reserves the right to change, modify, add, or remove portions of this Privacy Policy after providing notice to you. The form of such notice is determined at our discretion and may include, without limitation, clear and conspicuous messaging or posting on the Sites or Services indicating the Privacy Policy has been changed.

The official language used by Topstep is English and translations are made for convenience and reference only; in the event of a conflict between the English language version of this document and any version translated into any other language, the English language version shall prevail.

2. DEFINITIONS

“Account” means an account of a User that is registered with Topstep that has access to specified Services of Topstep.

“Agreement” means this Privacy Policy, our Terms of Use, all amendments, addenda, and licenses to each of the Privacy Policy and the Terms of Use.

“Authorization” means the set of rights and privileges on the Sites assigned to a User by Topstep.

“Brazilian User” means a User who resides in Brazil.

“Content” means all information and other materials present on the Sites, including Topstep’s products and services, text, images, photos, trading ideas, opinions, rumors, advice, charts, financial information, ratings, reviews, or similar information.

“Controller” means a person or entity who, either alone or jointly, determines the purposes and means of the processing of Personal Data, controls the data, and is responsible for it.

“Credit Card Information” means that information required to process a credit card payment, including name of the debit card holder, credit card number, CVV number, expiration date, billing address, phone number, and email address.

“Data” means information generated by you and other Users (whether aggregated or otherwise).

“Data Protection Officer” means the person or entity in charge of the data processing operation.

“Data Subject” means an identified or identifiable natural person.

“Debit Card Information” means that information required to process a debit card payment, including name of the debit card holder, debit card number, CVV number, expiration date, billing address, phone number, and email address.

“Designated Agent” means the Topstep representative identified in Section 2 of the Terms of Use.

“EU” means the European Union.

“EU User” means a User who resides in the European Union.

“Feedback” means your comments, feedback, information, or other materials regarding the Sites and Services.

“GDPR” means the General Data Protection Regulation, adopted as Regulation (EU) 2016/679 of the European Parliament on April 14, 2016.

“LGPD” means Lei Geral de Proteção de Dado, Brazil’s Data Protection Law.

“Log Data” means information that your browser sends whenever you visit a website; this information is automatically recorded by our servers.

“Personal Data” means any information relating to an identified or identifiable natural person or any information that is used for the behavior profiling of a particular natural person, if that person is identified.

“Sensitive Data” means data that reveals social security numbers, driver’s license numbers, government identification cards, financial account numbers or payment card numbers in combination with any required security or access code, password or credentials allowing access to an account, a persons’ precise geolocation, racial or ethnic origin, citizenship or immigration status, political opinions, religious or philosophical beliefs, or trade union membership, biometric data, data that concerns health, or data that concerns a natural person’s sex life or sexual orientation.

“Terms” means Topstep’s Terms of Use.

“UK” means the United Kingdom.

“UK GDPR” means the United Kingdom’s Data Protection Act of 2018, adopted pursuant to the GDPR.

“UK User” means a User that resides in the UK.

“User” means a natural or legal person over the age of 18 who has accepted Topstep’s Terms of Use and, if applicable, has been authorized to use the Account on behalf of himself/herself.

“User Submission” means any comment, or personal information, including, without limitation, ideas, suggestions, opinions, comments, observations, or other material , posted to any public form on our Sites or Services, including any publication, article, social network page, blog, chat room, or other such forum.

“Visitor” means a legal or natural person who visits our Site without having an Account.

3. TOPSTEP AS DATA CONTROLLER / DATA PROTECTION OFFICER

This Privacy Policy applies to the information and data collected by Topstep as a Controller. Should you have questions or requests regarding your Personal Data, you may contact Topstep’s Data Protection Officer at any time at support@Topstep.com. You may also call us at (888) 407-1611 or write to us at: Topstep LLC, Attn: Data Protection Officer, 141 West Jackson Boulevard, Suite 4240, Chicago, IL 60604.

4. COLLECTION OF PERSONAL DATA

Accounts and Personal Information. You may choose to register an Account with our Sites or Services, and we may collect certain personal information from you in order to provide services and to complete transactions. Any information you choose to submit will be collected.

When you register with us through our Sites or Services, we will ask you for Personal Data. Personal Data may include your name, phone number, email address, postal address, username, password, zip code, and age (optional).

Requests for Support; Contact Forms. To contact us for more information or to request support via the Sites and/or Services, you will need to provide your contact information (e.g., full name, postal address, email address, phone number) as applicable and the subject matter in which you are interested.

Third Party Links and Websites. Our Sites or Services may provide links to third-party applications, products, services, or websites for your convenience and information. If you access those links, you will leave our Sites or Services. We do not control those third-party sites and services or their privacy practices, which may differ from our practices. We do not endorse or make any representations about third-party sites. Any information you choose to provide to, or that is collected by those third parties is not covered by the Agreement. We cannot control the activities of third parties, and we have no responsibility for any use of the information provided by such third parties. Any information you choose to provide to third party websites or products will be governed by the policies of those third-party websites and products. We encourage you to read the privacy policy for each website, application, and service you visit, use, or interact with.

User Submissions. If you post a User Submission to any public forum on our Sites or Services, including, without limitation, any publication, article, social network page, blog, chat room, or other such forum, please be aware that any Personal Data disclosed in your User Submission can be read, viewed, collected, or used by other users of these forums, and could be used to contact you, send you unsolicited messages, or for purposes that neither you nor we control. You are responsible for the User Submission enter, submit, create, post, upload, transmit, or otherwise provide through or using the Sites or Services. All user-generated content is provided at your own risk. We cannot guarantee that User Submissions will not be viewed by unauthorized persons. You understand that, even after removal, copies of user-generated content you have provided may remain viewable in cached and archived pages and may have been copied or stored by Internet archives and other Users or Visitors. We may make User Submissions available, including publicly available, to other Sites and Services Users and Visitors, as applicable and at its sole discretion.

We may also aggregate all or any part of User Submissions. Topstep is not responsible for the Personal Data contained in your User Submission.

Payment Information. Certain features on the Sites and certain Services may require you to provide Credit Card Information or Debit Card Information. We do not directly access, handle, or store your Credit Card Information or Debit Card Information as we employ the services of a third-party payment processor. 

Marketing Communications. If you sign up or otherwise provide your email address to us, we will use this information to send you updates about Topstep and promotional and other electronic communications. You may opt out of receiving updates and other emails from us at any time by following the unsubscribe instructions in the applicable email or by contacting us using the contact information provided below under “Contact Us.” Note that, even if you opt out of receiving promotional communications from Topstep, you may still receive administrative communications from us with respect to your use of the Sites and/or Services. We may use third-party email providers to deliver these communications to you.

Social Media. The Sites and Services may allow you to connect to and share information with social media platforms and we may be required to implement cookies, plug-ins, and APIs provided by those social media platforms in order to facilitate those communications and features. We may share information that you provide us or that we may collect about your use of the Sites and Services with those platforms and that information will be subject to their privacy policies. We encourage you to review the privacy policy of any social media platform that you use in connection with the Sites and Services. In addition, by choosing to use any third-party social media platform or choosing to share content or communications with any social media platform, you allow us to share information with the designated social media platform. We cannot control any policies or terms of such a third party platform. As a result, we cannot be responsible for any use or disclosure of your information or content by third-party platforms, which you use at your own risk.

We are active on social media. You may have the opportunity to comment on those social media platforms regarding our Sites and Services and/or to submit or upload related photographs and other materials. We reserve the right to post on the Sites and Services, other websites, and social media pages any comments, photographs, or content that you post on our social media pages or provide to us through social media.

Chat Features. If you use any chat or messaging feature on the Sites or Services, we will collect all text and other information and content that you may provide or input using those features. If you use a chat or messaging feature while signed into your account, we may link that information to your account.

5. LEGAL BASIS FOR COLLECTING YOUR PERSONAL DATA

Our legal basis for collecting and using your Personal Data will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only where we have your consent to do so, where we need your Personal Data to perform or prepare a contract with you, where the processing is in our legitimate interests and is not overridden by your data protection interests or fundamental rights and freedoms, and when we have a legal obligation to do so. Your consent to our Terms of Use and this Privacy Policy also constitutes the legal basis upon which we may collect your Personal Data.

6. PURPOSES FOR WHICH WE COLLECT PERSONAL DATA / HOW WE USE AND SHARE YOUR PERSONAL DATA / LOCATION OF PROCESSING

Purposes for Which We Collect Personal Data

Topstep uses the information we collect for the following purposes:

  • Provide our Services. To provide the services we offer on our Sites and Services, to communicate with you about your use of our Sites or Services, to respond to your inquiries, to provide troubleshooting, and for other customer services designed to make your experience better.
  • Leaderboard. As a part of the Sites and Services and your use thereof, Topstep may disclose your information (including your personal information such as your first and last name, username, and statistics about your performance on the Sites and Services) to other users, including by making such information publicly available through Topstep’s streaming and YouTube channels.
  • Sharing with our Suppliers. To share with our suppliers and service providers. We may disclose information we collect to our suppliers and service providers as necessary for us to provide the Site and Services to you, to engage in the use and sharing of information we collect as permitted by this Privacy Policy, and as may be otherwise required or permitted by applicable law. These third parties include, without limitation, our affiliates and related entities, website and software management and hosting suppliers, support service providers, analytics and advertising providers, third party payment processors, cloud storage providers, information technology security providers, marketing and public relations service providers, and email service suppliers.
  • Personalization. To tailor the content and information that we may send or display to you, to suggest personalized help and instructions, and to otherwise personalize your experience while visiting or using our Sites or Services.
  • Advertising. To display interest-based advertising to you, to improve our advertising and measurement systems so that we can show you more relevant ads, and to measure the effectiveness and reach of ads and services.
  • Marketing and Promotions. For marketing and promotional purposes, such as to send you news and updates, special offers, and promotions, or otherwise contact you about products, services, or information we think may interest you, including information about third party products and services. You may opt out of receiving promotional communications from us at any time by following the unsubscribe instructions contained in the applicable email, where applicable, or by contacting us using the contact information provided below under “Contact Us.” Note that, even if you opt out of receiving promotional communications from us, you may still receive administrative communications from us with respect to your use of the Site and/or Services.
  • Analytics. To gather metrics to better understand how Users access and use the Sites and Services; to evaluate and improve the Sites and Services; and to develop new products and services.
  • Comply with the Law. To comply with legal obligations, as part of our general business operations, and for other business administration purposes.
  • Prevent Misuse. Where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, or violations of our Terms of Use or this Privacy Policy.

How We Use and Share Your Personal Data

In addition to those uses set forth elsewhere in this Privacy Policy, we use the information you provide to offer, manage, or improve our Sites or Services, including but not limited to:

  • improving content;
  • adapting or adding in new features and functionality;
  • providing and improving service and support;
  • delivering relevant advertising;
  • assisting with social sharing functionality;
  • developing new products and services;
  • selecting content to be communicated to you;
  • aggregating and/or anonymizing certain types of information, for example, to better understand or provide better engagement with our Users; 
  • updating a publicly viewable leaderboard; and
  • contacting you regarding our products or services; and preventing and detecting security threats, fraud or other malicious activity.

Topstep may share your Personal Data with our affiliates or with third parties (such categories of third parties as identified above), which provide services to us and which agree to keep such Personal Data confidential.

We may employ third-party companies and individuals for any of the following:

  • to facilitate the Sites or Services;
  • to provide the Sites or Services on our behalf;
  • to perform related services, including maintenance, database management, web analytics, and improvement of the features or functionality;
  • to assist us in data analysis; and
  • to process debit, credit, and other payments and to perform related services.

Additionally, we retain the right to disclose Personal Data as allowed or required by law. We may also disclose Personal Data under the following circumstances:

  • to respond to duly authorized information requests of police and governmental authorities;
  • to comply with any law, regulation, subpoena, or court order;
  • to investigate and help prevent security threats, fraud or other malicious activity;
  • to investigate and help prevent a violation of any contractual or other relationship with Topstep or the perpetration of any illegal or harmful activity;
  • to enforce and protect the rights and properties of Topstep, its affiliates and its business partners; and
  • to protect the personal safety of our employees, agents, affiliates, business partners, customers or site users.

In the event of a merger, consolidation, or sale or transfer of all or substantially all of the assets of Topstep or the Topstep Parties, Personal Data stored in our database will be transferred to the purchasing or new entity. However, the use of this information by any purchasing or surviving entity would be governed by the terms of this Privacy Policy, as amended from time to time, including any amendment after such transaction.

Due to the fact our business is international, we have centralized elements of our business and our processing of information. Accordingly, your information may be transferred to and maintained on computers and servers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. Where required by applicable law, your prior consent will be obtained for such transfers, or we have ensured that Personal Data included in such transfer is adequately protected through the use of contractual clauses or other adequate measures under such applicable laws. If you are located outside the United States and choose to provide information to us, Topstep transfers Personal Data to the United States and processes it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

You acknowledge that Topstep may collect and aggregate information about you and your particular simulated trades, trading patterns and preferences, and other preferences and interests and use such information in its sole discretion. Topstep may share or sell such information to Topstep’s business partners, affiliates, vendors, distributors, or other collaborators for these same purposes and each of them may use all such information to influence their own trading habits through mirroring simulated trades in actual financial markets or use them in any other manner. You agree that such activities may be performed automatically and in no circumstance shall you be entitled to any payment or compensation. 

With your consent, we may use and share your personal information in ways not specifically described in this Privacy Policy.

Location of Processing

Personal Data is processed in the United States of America. Personal Data from EU Users and Brazilian Users is processed in the United States. Topstep shall process such Personal Data in accordance with the requirements of the GDPR and LGPD.

7. ADDITIONAL INFORMATION FOR CALIFORNIA, COLORADO, CONNECTICUT, UTAH, AND VIRGINIA RESIDENTS OR WHERE REQUIRED BY APPLICABLE U.S. STATE LAW

This Section only applies to California, Colorado, Connecticut, Utah, and Virginia residents and such other persons as may be required under applicable U.S. state law. This Section does not apply to such categories of Personal Data (which includes “personal information” and “personal data” as such might be defined under applicable U.S. state law) excluded or exempted from applicable U.S. state data protection laws, including, without limitation:

  • Publicly available information.
  • Deidentified or aggregated consumer information.
  • Information excluded from applicable data privacy laws’ scope, like:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), clinical trial data, or other qualifying research data;
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), and the Driver’s Privacy Protection Act of 1994.

In particular, our Sites or Services has collected the following categories of Personal Data from consumers within the last 12 months:

Personal Data We collect the following subcategories of Personal Data (in addition to and consistent with the information described in Section 4 of this Privacy Policy): We collect such Personal Data for the following purposes (in addition to and consistent with the purposes set forth in Section 6 of this Privacy Policy):
Identifiers Consistent with and in addition to the information set forth in the “Information You Submit” section above: First and last name, date of birth, postal address, phone number, phone number, email address. Performing and providing the Sites and Services to you, providing customer services, verifying user information, facilitating access to the Sites and Services.Administering your account.To communicate with you and send you information about our Sites and Services, or to respond to your request for information or the Sites or Services.To send promotional communications about us, to the extent permitted by applicable law.
Protected Classifications and Characteristics under Applicable Law Age, sex (including gender and gender identity). You can voluntarily provide us with this information. We may use it for demographic analysis and to better understand our Users to provide the Sites and Services to you.
Internet or other electronic network activity information IP addresses, Log Data, login information, and cookies and device information (e.g., online activity such as date and time of accessing our websites, website addresses accessed, the length of website visit). Analytical purposes, including, without limitation, to help us improve your access to the Sites and Services (for example, by remembering your contact and other information when you access or use the Sites and Services), to identify repeat visitors to the Sites and/or Services, to track how you access and use the Sites and Services, to learn when and how users visit the Sites and Services, to learn how popular Sites’ and Services’ pages are and aren’t, to learn which search terms are used to find the Sites and Services, to learn which websites direct you to the Sites and Services, to help display certain information on the Sites and Services, and to improve your enjoyment of the Sites and Services.


To target advertisements for goods and services and to display those advertisements on other websites.


To administer the Sites and Services and its servers, to generate statistical information, to monitor and analyze Sites and Services traffic and usage patterns, to monitor and help prevent fraud, to investigate complaints and violations of our policies, and to improve the Sites and Services.

 

 

 

We obtain the categories of Personal Data listed above from the following categories:

  • Directly from you. For example, forms you complete or products and services your purchase; and
  • Indirectly from you. For example, from observing your actions on our Site.
  • From third parties. For example, from our online advertising networks, our affiliates, third party websites and mobile applications, social media companies.

Applicable laws in your jurisdiction may grant you certain rights—subject to all applicable limitations, exemptions, or exceptions—regarding our collection and use of your Personal Data. These rights may include, to the extent applicable and to the extent granted under applicable law:

  • The right to confirm whether Personal Data about you is Processed and to access such Personal Data
  • The right to request the disclosure of (1) what Personal Data has been collected; (2) the categories of sources from which the Personal Data was collected; (3) the business or commercial purpose for collection or selling Personal Data; (4) the categories of third parties with whom we share Personal Data; and (5) the specific pieces of Personal Data we have collected about you (e.g., data portability);
  • The right to request the deletion of your Personal Data that we have collected;
  • The right to request the correction of your Personal Data that we collected;
  • The right to opt-out of targeted advertising and the sharing of Personal Data that is shared for cross-contextual behavioral advertising purposes;
  • The right to opt-out of the sale of your Personal Data;
  • The right to withdraw consent of our processing of Personal Data where consent was required by law prior to the initial collection and procession of the Personal Data;
  • The right to not be discriminated against due to your exercise of your rights under applicable law. We do not discriminate against users for exercising the rights granted to them under applicable law.

We do not use your Personal Data to profile you in furtherance of decisions that produce legal or significantly similar effects (as may be defined under applicable law).

We do not sell your personal information as the term “sell” is commonly understood to require an exchange for money. Please note that our use of advertising and analytics cookies on our Sites and Services may be considered a “sale” / “sharing for cross-contextual behavior advertising purposes” of personal information as the term “sale” or “share” is defined under applicable data protection laws to include both monetary and other valuable consideration. To be as transparent as possible with you, we consider these uses a “sale” or “share” and will comply with the restrictions of the “sale” or “share” of this information to the extent technologically feasible.

In the preceding 12 months, we have ““sold” and “shared” for cross-contextual behavioral advertising purposes Internet or other electronic network activity information, as defined in the table above and the cookies and other data as described in the “Log Data, Cookies, and Related Tracking Technologies” section below.

Under applicable data protection laws, you may have the right to opt-out of our “sale” or “sharing” of Personal Data to third parties. You may exercise this right to opt-out by contacting us through the methods set forth in the “Exercise Your Rights” section below, or by clicking the “DO NOT SELL OR SHARE MY PERSONAL DATA” link.

California, Colorado, Connecticut and other applicable U.S. state privacy laws may require us to let you know how we respond to web browser Do Not Track Signals or other mechanisms that provide consumers the ability to exercise choice regarding the automatic collection about your online activities over time. California, Colorado, Connecticut and other residents of applicable U.S. states can opt out by broadcasting an Opt-Out Preference Signal, including through the use of the Global Privacy Control (“GPC”), depending on which browsers and/or browser extensions you use that may support such signals. To take a look at extensions and browsers supporting the GPC browser signals, please visit here: https://globalprivacycontrol.org/. Note that if you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.

The above rights are only exercisable by you where the applicable law grants you the right being exerted and where no exception or exemption under applicable law applies. You may also have a registered agent (if and only as permitted under applicable law) that you authorize to act on your behalf. If you have a registered agent act on your behalf, we have the right to authenticate such agent’s authority to act. To exercise the rights described herein (only to the extent applicable), you may submit a verifiable request to us through the methods set forth under the “Exercise Your Rights” section below.

8. GDPR, UK GDPR, AND LGPD

EU and UK GDPR Supplemental Privacy Notice

The GDPR and UK GDPR, addresses the protection of natural persons located in the EU or UK with respect to the processing of their Personal Data. The UK GDPR and the GDPR recognize that Personal Data shall be:

  • processed lawfully, fairly and in a transparent manner;
  • collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
  • accurate and, where necessary, kept up to date;
  • kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the personal data are processed; and
  • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

As a Controller, Topstep shall be responsible for, and shall be able to demonstrate compliance with, the foregoing principles. Subject to all applicable exemptions and exceptions, you may have the right:

  • to request the correction or update of any Personal Data that is incorrect or incomplete;
  • to request the erasure of your Personal Data (the right to be forgotten);
  • to portability of your Personal Data;
  • to object to the processing of your Personal Data;
  • not to be subject to a decision based on automated decision-making, including profiling;
  • to withdraw consent to the processing of your Personal Data; and
  • to register a complaint with the applicable UK or EU supervisory authority.

LGPD Supplemental Privacy Notice

This Section addresses legal obligations and rights set forth in the LGPD that apply only to eligible residents of Brazil. These obligations and rights apply to businesses doing business in Brazil and to Brazilian residents and information that relates to Brazilian Users. It does not apply to information that has been anonymized.

If you are a Brazilian resident, the following provisions apply in addition to the terms of the Privacy Policy:

  • The LGPD grants you certain rights about your Personal Data. In addition to the rights outlined in this Privacy Policy, you also have the right to:
  • request confirmation of whether your Personal Data is Processed by Topstep;
  • request access to the Personal Data we Process about you;
  • have your Personal Data corrected to the extent it is inaccurate or out-of-date;
  • request information about (i) what third parties we share your Personal Data with, and (ii) information about your ability to deny consent and the consequences thereof (e.g., our inability to provide the Sites or Services if you do not consent);
  • request the deletion, blocking or anonymization of your Personal Data, if you believe Topstep is processing your Personal Data information in an unnecessary, exceeding or non-compliant matter;
  • request the portability of your Personal Data; 
  • withdraw consent where consent was the basis for our processing or collection of Personal Data; and
  • request information about the entities with which Topstep has shared your Personal Data with.
  • Because the Services and Sites are provided to you by Topstep in the United States, Topstep needs to carry out international transfers of your Personal Data from Brazil to the United States and other countries for the proper operation of the Services. Therefore, the international transfers of all Brazilian Users’ Personal Data are based upon contractual necessity, as provided by the LGPD.

9. ADDITIONAL INFORMATION FOR CANADIAN RESIDENTS

This section of this Privacy Policy only applies to Canadian residents. Under various Canadian laws and regulations, you have certain rights in regard to our collection of personal information. These rights include:

  • The right to request access to your personal information;
  • The right to request corrections to your personal information;
  • The right to lodge a complaint with the Office of the Privacy Commissioner of Canada and/or the applicable Canadian provincial regulatory body if you consider that the collection and use of your personal information violates this Privacy Policy or applicable law.

The above rights are only exercisable by you where applicable law in the jurisdiction in which you reside actually grant you the right being exerted.

10. ADDITIONAL INFORMATION FOR NEVADA RESIDENTS

This section of this Privacy Policy only applies to Nevada residents. Nevada law gives Nevada residents the right to request that a company not sell their Personal Data. This right applies even if their Personal Data is not currently being sold. If you are a Nevada resident and wish to exercise this right, we may do so through the methods set forth in the “Exercise Your Rights” section of this Privacy Policy.

11. EXERCISE YOUR RIGHTS

If this Privacy Policy expressly stated above that you have certain rights or applicable law grants you certain rights as it relates to our collection and processing of your Personal Data, you may submit a verifiable request to us by 

Telephone: 888-407-1611
Visiting: Data Subject Rights Request Form

Only you or a registered agent (if and only as permitted under applicable law) that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Data. If you have a registered agent act on your behalf, we have the right to authenticate such agent’s authority to act. Without limiting the foregoing, the verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you.  Making a verifiable consumer request does not require you to create an account with us.  We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. 

We will respond to your request within the applicable timeframe required under applicable law.  If we deny your request, you can appeal such denial by visiting support@topstep.com.

12. KEEPING YOUR PERSONAL DATA SECURE

We have in place reasonable and appropriate technical, physical, and organizational procedures and security measures designed to prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information we collect, taking into account the cost of implementing such measures commensurate with the risks posed by the particular type of processing, the nature of the Personal Data, and in accordance with applicable law. However, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee the security of your Personal Data.

13. CHILDREN’S PRIVACY

Topstep Sites or Services are not intended for use by minors under the age of 18 and are not targeted to children. 

14. SENSITIVE DATA

We do not intentionally collect, process, transfer, or store Sensitive Data.

15. LOG DATA, COOKIES, AND RELATED TECHNOLOGIES

The servers used to operate and provide the Sites and Services may collect data pertaining to you and the equipment, software, and communication methods you use to access the Internet and the Sites and Services, including Internet protocol (“IP”) addresses assigned to the computers and other devices from where you access the Internet, your Internet service provider (ISP), device ID numbers and unique identifiers, your media access control (MAC) address, your operating system, your computer screen resolution, your web browser type, the pages you access on the Sites and Services, the websites you access before and after visiting the Sites and Services, the length of time you spend on the Sites and Services, date and time stamps, clickstream data, your approximate geographic location, performance statistics, and usage data. WE may use this information to administer the Sites and Services and its servers, to generate statistical information, to monitor and analyze Sites and Services traffic and usage patterns, to monitor and help prevent fraud, to investigate complaints and violations of our policies, and to improve the Sites and Services. We may combine this information with other Personal Data (including personal information) and information obtained from third parties for security reasons and to protect our rights or the rights of others. The suppliers that we use to provide the Sites and Services may collect information about your visits to the Sites and Services and other websites. Some of this information may be collected using cookies and similar tracking technologies as explained below.

We use cookies and other similar technologies, including log data, on our Sites and Services to distinguish you from other users of our websites and apps (including when you browse third party websites). A cookie is a piece of data stored on a Sites and Services visitor’s hard drive by the visitor’s web browser. This helps us to provide you with a good experience when you use our services, to help you access the Sites and Services, to identify repeat visitors to the Sites and Services, to track how you access and use the Sites and Services, to learn when and how users visit the Sites and Services, to learn whether our Sites and Services and/or its pages are popular, to learn which search terms are used to find the Sites and Services, to learn which websites direct you to the Sites and Services, to help display certain information on the Sites and Services, and to improve your enjoyment of the Sites and Services. The Sites and Services may use both cookies that we implement, and cookies implemented by our suppliers and other third parties. “First-party” cookies allow your browser to talk to the actual website that you are visiting, whereas “third-party” cookies allow your browser to talk to third-party websites, such as the source of an ad that appears on the website you are visiting or a third-party analytics provider. Additionally, a cookie can either be a “session” cookie or a “persistent” cookie. Session cookies exist only for so long as you are visiting the applicable website. Session cookies are typically deleted or removed when you exit or quit your browser application. Persistent cookies exist for a set period of time, for example, six months or one year. Each time you visit a website that has implemented a persistent cookie, that cookie will remain active until its predetermined expiration date. Our suppliers may use cookies and tracking technologies, such as pixel tags, to track Sites and Services visitors across the Internet to understand how you get to the Sites and Services and for the analytics purposes disclosed in this Privacy Policy. We do not have access or control over these cookies and this Privacy Policy does not cover the use of third-party cookies. See below for more information on the types of cookies collected and their purposes:

    • Operationally necessary cookies (also called essential cookies). These are cookies that are required for the operation of the Sites and Services. For example, these cookies are required to identify irregular website behavior, prevent fraudulent activity, and improve security. They also allow users of the Sites and Services to make use of its functions. Without these cookies, features, and services you have requested will not be able to be provided.
    • Functional cookies. These cookies allow us to offer you enhanced functionality when accessing or using the Sites and Services. This may include to remembering choices you make, for example, remembering your preferences or settings, remembering if you reacted to something on or through the Sites and Services so that you are not asked to react to it again, remembering if you have used any feature of the Sites and Services before, remembering your username or preferences, remembering if you have used any feature of the Sites and Services before, restricting the number of times you are shown a particular advertisement, and enabling social media components. If functional cookies are disabled, various functions of the Sites and Services may be unavailable to you or may not work the way you want them to.
    • Performance cookies (also called analytical cookies). These cookies assess the performance of the Sites and Services, including as part of our analytic practices to help us understand how visitors use and interact with the Sites and Services, for example, which pages on our websites users visit most often. These cookies also enable us to personalize content and remember your preferences. These cookies help us improve the way our websites work and provide a better, personalized user experience.
  • Advertising or targeted cookies. These cookies record your visits to the Sites and Services, the pages you visit on our websites, and the links you have clicked. They gather information about your browsing habits and remember that you have visited a particular website. Topstep and its third-party advertising platforms or networks may use this information to make the Sites and Services and its content more relevant to your interests (this is sometimes called “behavioral” or “targeted” advertising and is further discussed above). These cookies are also used to limit the number of times you see an advertisement and to help measure the effectiveness of advertising campaigns. To find out more about interest-based ads and your choices, please visit the Digital Advertising Alliance, the Network Advertising Initiative, the Interactive Advertising Bureau (IAB) Europe, http://www.allaboutcookies.org, and http://www.youronlinechoices.com.

Most browsers automatically accept cookies. Browsers generally also allow users to manage cookies in the browser’s settings. For example, a browser may allow you to reject cookies from certain websites, reject certain types of cookies regardless of the website, reject or disable all cookies from all websites, and/or delete cookies stored previously. Some browsers also give you the option of being notified every time a cookie is sent to your browser by a website. You can disable or limit cookies but doing so may impact your use and enjoyment of the Sites and Services and other websites. For example, the Sites and Services may not be able to be personalized for you, may no longer capture or remember your preferences or other choices you have made on the Sites and Services in the past, and may not remember your name or contact information. Changing your cookie preferences in one browser will not necessarily carry over to other browsers, so you may need to adjust your preferences each time you get a new computer, install a new browser, upgrade an existing browser, or alter or delete a browser’s cookie file.

The Sites and Services may also use the following types of tracking technologies: web beacons (also called clear GIFs), flash cookies, and pixels (also called pixel tags). Web beacons are tiny graphics with unique identifiers that function similar to how cookies function but, in contrast to cookies, web beacons are embedded invisibly on websites. Flash cookies collect and store information about your use of a website and are commonly used for advertisements and videos. Pixel tags can be placed on websites or within emails to track your interactions with those websites and when emails are opened.

Our servers also automatically record Log Data which includes information such as your internet service provider, your computer’s internet protocol address, browser type and operating system, referring/exit pages, clickstream data, pages of our Sites and Services that you visit (and the time spent on these pages), information you search for on our Sites or Services, and other statistics. We use this information to monitor and analyze your use of our Sites or Services and to better tailor them to your needs in order to provide you with a better experience.

Please click here to see the Cookies used on our site.

16. ADVERTISING AND ANALYTICS

The Sites and Services uses third-party analytics tools (e.g., Google Analytics) to collect and process data about your use of the Sites and Services, including when you visit the Sites and Services, URLs of the websites that you visit prior to visiting the Sites and Services and when you visit those websites, and IP addresses assigned to the devices from where you access the Internet. Our analytics providers may set and read cookies to collect this data and your web browser will automatically send data collected by those cookies to our analytics providers. Our analytics providers use this data to provide us with reports that we will use to improve the Sites’ and Services’ structure and content.

For more information on how Google uses this data, visit Google’s Privacy Policy and Google’s page on How Google uses data when you use our partners’ sites or apps. To prevent this data from being used by Google Analytics, follow the instructions to download and install the Google Analytics Opt-out Browser Add-on for each browser you use. Using the Google Analytics Opt-out Browser Add-on will not prevent Topstep from using other analytics tools and will not prevent data from being sent to the Sites and Services itself or to Google. For more information about how Google Analytics uses cookies to measure user interactions on websites, visit Google Analytics Cookie Usage on Websites. You may disable cookies as discussed below, but that may impact your use and enjoyment of the Sites and Services.

Additionally, the Sites and Services may use or participate in advertising networks and related advertising services that are managed and provided by third-party advertising servers, advertising agencies, technology vendors, and research firms, including, without limitation, Google Ads. These services collect information about your visits to and interactions with the Sites and Services and other websites and will use that information to target advertisements for goods and services and to display those advertisements on other websites. The information collected may be associated with your personal information.

We use Google Ads and Google Analytics advertising features on our Sites and Services, which we use for the purposes set forth in this Privacy Policy. Through Google Ads, Google uses your Internet searches, cookies, and similar identifiers (e.g., pixel tags) to collect information about your visits to the Sites and Services and your interaction with our products and services to generate targeted advertisements to you on other websites that you visit across the Internet. We may also enable and implement Google Analytics advertising features on the Sites and Services. To opt out of remarketing advertising provided through Google, to customize your ad preferences, or to limit Google’s collection or use this information, visit Google’s Safety Center and Google’s Ad Settings and follow Google’s personalized ad opt-out instructions. Opting out will not affect your use of the Sites and Services.

For certain Facebook advertising services, Facebook Ireland is a Joint Controller (as defined in the GDPR) and that information required under the GDPR related to such processing can be found at https://www.facebook.com/about/privacy. We work with Facebook and use their advertising services to measure and improve our ads and marketing efforts, as well as to display more relevant advertising to you. For further information on how Facebook Ireland processes your personal information, including the legal basis, and the ways to exercise your rights, please visit https://www.facebook.com/about/privacy.

To change your preferences with respect to certain online ads and to obtain more information about third-party ad networks and online behavioral advertising, please visit the National Advertising Initiative Consumer opt-out page or the Digital Advertising Alliance Self-Regulatory Program. Please remember that changing your settings with individual web browsers or ad networks will not necessarily carry over to other browsers or ad networks. As a result, depending on the opt-outs you request, you may still see our ads from time to time. Your device may also include a feature (“Limit Ad Tracking” on iOS or “Opt Out of Interest-Based Ads” on Android) that allows you to opt out of having certain information collected through apps used for behavioral advertising purposes.

17. ACCESS TO AND ACCURACY OF YOUR PERSONAL DATA

Personal Data you provide to us should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date. Topstep strives to keep your Personal Data accurately recorded. You have the right to access and request the correction, amendment, or deletion of all of your recorded personal information that has been collected by us. In addition to those methods set forth in the “Exercise Your Rights” section above, if you wish to review your recorded Personal Data, please contact us at:

c/o Topstep LLC, Attn: Data Protection Officer, 141 West Jackson Boulevard, Suite 4240, Chicago, IL 60604.

18. DATA RETENTION

Topstep retains Personal Data for as long as we reasonably require it for legal or business purposes. In determining data retention periods, Topstep takes into consideration local laws, contractual obligations, and the expectations and requirements of our Users. We will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. When we no longer need personal information, we securely delete or destroy it.

19. EMBEDDED CONTENT

The Sites and/or Services incorporate content, including feeds, scripts embedded in the Sites’ and/or Services’ code, and visible content (e.g., videos), provided by third parties. In some cases, those third parties collect data about how you interact with their content. For example, Google Maps or YouTube. Our Sites and Services may include Google Maps features and content. Google Maps features and content is subject to the then-current versions of Google Maps/Google Earth Additional Terms of Service at https://maps.google.com/help/terms_maps.html and Google Privacy Policy at https://www.google.com/policies/privacy/. Our Sites and Services may use YouTube to make content in video format available to you. By accessing a part of the Sites and/or Services where videos are available, watching an embedded video, or otherwise interacting with any content made available through YouTube, you signify your agreement with YouTube’s terms and conditions. YouTube collects and otherwise has access to usage data (e.g., what videos you accessed and watched) through videos embedded in the Services as further described in YouTube’s Privacy Policy. YouTube adheres to Google’s privacy policies and principles, part of which allow you to control certain privacy settings and which data are collected. For more information, please visit https://www.youtube.com/howyoutubeworks/user-settings/privacy/.

20. CONTACT US

We value your opinion. If you have comments or questions about our Privacy Policy, please send them to our Data Protection Officer at support@Topstep.com. You can also write to us at:

c/o Topstep LLC, Attn: Data Protection Officer, 141 West Jackson Boulevard, Suite 4240, Chicago, IL 60604.

We use cookies in order to improve and personalize your browsing experience. To find out more and configure your cookie settings, click here.