Home › Privacy Policy
Home › Privacy Policy
Last Modified: January 26, 2022
This Privacy Policy outlines what types of information are collected from our account holders, users, and visitors (“you”, “your”, or “User”), to whom it may be disclosed, and how that information may be used by Topstep LLC, a Delaware limited liability company, and its affiliated entities (collectively, “Topstep”, “we”, “our”, or “us”), as each of the foregoing relates to your use of Topstep’s Websites (“Sites”), software, applications, content, platforms, products, and services (each, a “Service, and collectively, the “Services”). This Privacy Policy contains capitalized words or phrases throughout which are defined terms. Their definitions are found either in this Privacy Policy or the Terms of Use.
By using the Sites or Services, you agree that you have read, understood, and consented to this Privacy Policy, our Terms of Use, all amendments, addenda, and licenses to each of the Privacy Policy and the Terms of Use (collectively, the “Agreement”). You should review the Terms of Use, along with this Privacy Policy. By using our Sites or Services, you consent to Topstep’s use of your information and data as described in the Agreement. If you do not agree to the terms of this Privacy Policy, do not use the Sites or Services. Please check back periodically as Topstep reserves the right to change, modify, add, or remove portions of this Privacy Policy after providing notice to you. The form of such notice is determined at our discretion.
The official language used by Topstep is English; in the event of a conflict between the English language version of this document and any version translated into any other language, the English language version shall prevail.
“Account” means an account of a User that is registered with Topstep that has access to specified Services of Topstep.
“Agreement” means this Privacy Policy, our Terms of Use, all amendments, addenda, and licenses to each of the Privacy Policy and the Terms of Use.
“Authorization” means the set of rights and privileges on the Sites assigned to a User by Topstep.
“Brazilian User” means a User who resides in Brazil.
“Content” means all information and other materials present on the Sites, including Topstep’s products and services, text, images, photos, trading ideas, opinions rumors, advice, charts, financial information, ratings, reviews, or similar information.
“Controller” means a person or entity who, either alone or jointly, determines the purposes and means of the processing of Personal Data, controls the data, and is responsible for it.
“Cookies” means small files that are placed on your hard drive for identification purposes. These files are used for site registration and customization the next time you visit us.
“Credit Card Information” means that information required to process a credit card payment, including name of the debit card holder, credit card number, CVV number, expiration date, billing address, phone number, and email address.
“Data” means information generated by you and other Users (whether aggregated or otherwise).
“Data Protection Officer” means the person or entity in charge of the data processing operation.
“Data Subject” means an identified or identifiable natural person.
“Debit Card Information” means that information required to process a debit card payment, including name of the debit card holder, debit card number, CVV number, expiration date, billing address, phone number, and email address.
“Designated Agent” means the Topstep representative identified in Section 2 of the Terms of Use.
“EU” means the European Union.
“EU User” means a User who resides in the European Union.
“Feedback” means your comments, feedback, information, or other materials regarding the Sites and Services.
“GDPR” means the General Data Protection Regulation, adopted as Regulation (EU) 2016/679 of the European Parliament on April 14, 2016.
“LGPD” means Lei Geral de Proteção de Dado, Brazil’s Data Protection Law.
“Log Data” means information that your browser sends whenever you visit a website; this information is automatically recorded by our servers.
“Personal Data” means any information relating to an identified or identifiable natural person or any information that is used for the behavior profiling of a particular natural person, if that person is identified.
“Sensitive Data” means data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, biometric data, data that concerns health, or data that concerns a natural person’s sex life or sexual orientation.
“Terms” means Topstep’s Terms of Use.
“User” means a natural or legal person over the age of 18 who has accepted Topstep’s Terms of Use and, if applicable, has been authorized to use the Account on behalf of himself/herself.
“User Submission” means any comment, or personal information, including ideas, suggestions, opinions, comments, observations, or other material , posted to any public form on our Sites or Services, including any publication, article, social network page, blog, chat room, or other such forum.
“Visitor” means a legal or natural person who visits our Site without having an Account.
This Privacy Policy applies to the information and data collected by Topstep as a Controller. Should you have questions or requests regarding your Personal Data, you may contact Topstep’s Data Protection Officer at any time at support@Topstep.com. You may also call us at (888) 407-1611 or write to us at: Topstep LLC, Attn: Data Protection Officer, 224 N. Des Plaines, Suite 350, Chicago, Illinois 60661.
Topstep’s Designated Agent for purposes of the Digital Millennium Copyright Act may be contacted at support@Topstep.com. Please refer to “Designated Agent” in the subject line of your email. You may also call us at (888) 407-1611 or write to us at: Topstep LLC, Attn: Designated Agent, 224 N. Des Plaines, Suite 350, Chicago, Illinois 60661.
You may choose to register an Account with our Sites or Services, and we may collect certain personal information from you in order to provide services and to complete transactions.
When you register with us through our Sites or Services, we will ask you for Personal Data. Personal Data may include your name, phone number, email address, postal address, username, password, zip code, and age (optional).
Our Sites or Services may provide links to third-party applications, products, services, or websites for your convenience and information. If you access those links, you will leave our Sites or Services. We do not control those third-party sites and services or their privacy practices, which may differ from our practices. We do not endorse or make any representations about third-party sites. Any information you choose to provide to, or that is collected by those third parties is not covered by the Agreement. We cannot control the activities of third parties, and we have no responsibility for any use of the information provided by such third parties. Any information you choose to provide to third party websites or products will be governed by the policies of those third-party websites and products.
If you post a User Submission to any public forum on our Sites or Services, including any publication, article, social network page, blog, chat room, or other such forum, please be aware that any Personal Data disclosed in your User Submission can be read, viewed, collected, or used by other users of these forums, and could be used to contact you, send you unsolicited messages, or for purposes that neither you nor we control. We may also aggregate all or any part of User Submissions into a resource that we may use, share, or distribute provided that any Personal Data has been anonymized. Topstep is not responsible for the Personal Data contained in your User Submission.
Our legal basis for collecting and using your Personal Data will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only where we have your consent to do so, where we need your Personal Data to perform a contract with you, where the processing is in our legitimate interests and is not overridden by your data protection interests or fundamental rights and freedoms, and when we have a legal obligation to do so. Your consent to our Terms of Use and this Privacy Policy also constitutes the legal basis upon which we may collect your Personal Data.
Purposes for Which We Collect Personal Data
We do not sell your Personal Data to third parties to use for their own marketing purposes. Topstep uses the information we collect for the following purposes:
How We Use and Share Your Personal Data
We use the information you provide to offer, manage, or improve our Sites or Services, including but not limited to:
Topstep may share your Personal Data with our affiliates or with third parties, which provide services to us and which agree to keep such Personal Data confidential. You may view our agreements our affiliates and providers here.
We may employ third-party companies and individuals for any of the following:
Topstep may collect and compile general information about you, your preferences and interests and use that information as described in this Section. We may share with or sell such information to third parties for these same purposes but would never do so without your consent. When you sign up for an Account, you will be asked if you consent to us sharing or selling your information. If you do not provide your consent, we will not share with or sell any of your information to third parties.
We retain the right to disclose Personal Data as allowed or required by law. We may also disclose Personal Data under the following circumstances:
In the event of a merger, consolidation, or sale or transfer of all or substantially all of the assets of Topstep or the Topstep Parties, Personal Data stored in our database will be transferred to the purchasing or new entity. However, the use of this information by any purchasing or surviving entity would be governed by the terms of this Privacy Policy, as amended from time to time, including any amendment after such transaction.
Your information may be transferred to and maintained on computers and servers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, Topstep transfers Personal Data to the United States and processes it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
You acknowledge that Topstep may collect and aggregate information about you and your particular simulated trades, trading patterns and preferences, and other preferences and interests and use such information in its sole discretion. Topstep may share or sell such information to Topstep’s business partners, affiliates, vendors, distributors, or other collaborators for these same purposes and each of them may use all such information to influence their own trading habits through mirroring simulated trades in actual financial markets or use them in any other manner. You agree that such activities may be performed automatically and in no circumstance shall you be entitled to any payment or compensation. Further, all such actives shall be performed without the necessity of notice.
Location of Processing
Personal Data is processed in the United States of America. Personal Data from EU Users and Brazilian Users is processed in the United States. Topstep shall process such Personal Data in accordance with the requirements of the GDPR and LGPD.
This Section supplements the information contained in this Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California. This Section complies with the California Consumer Privacy Act of 2018 (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this Section. This Section does not apply to workforce-related personal information collected from California-based employees, job applicants, contractors or similar individuals.
Our Site or Services collects information that may identify, relate to, describe, reference, or is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device (“Personal Information”). Personal Information does not include:
In particular, our Sites or Services has collected the following categories of Personal Information from consumers within the last 12 months:
Category |
Examples |
Collected |
|
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers |
YES |
|
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. |
YES |
|
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). |
YES |
|
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
NO |
|
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. |
NO |
|
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. |
YES |
|
Physical location or movements. |
NO |
|
Audio, electronic, visual, olfactory, or similar information. |
NO |
|
Current or past job history or performance evaluations. |
NO |
|
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. |
NO |
|
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
NO |
We obtain the categories of Personal Information listed above from the following categories:
The CCPA provides California residents with specific rights regarding their Personal Information. California residents have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the “right to know”). Once we receive your request and confirm your identity, we will disclose to you:
California residents also have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the Personal Information applies. We will delete or deidentify Personal Information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
To exercise your rights to know or delete described above, please submit a request by submitting a request to: c/o Topstep LLC, Attn: Data Protection Officer, 224 N. Des Plaines, Suite 350, Chicago, Illinois 60661 or at support@Topstep.com. Only you, or someone legally authorized to act on your behalf, may request to know or delete related to your Personal Information. You may also make a request to know or delete on behalf of your child. You may only submit a request to know within a 12-month period. Your request to know or delete must provide sufficient information that allows us to reasonably verify you are the persona bout whom we collected Personal Information or an authorized representative. We endeavor to substantively respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.
We will not discriminate against you for exercising any of your CCPA rights. However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value.
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@Topstep.com or write us at: Topstep LLC, Attn: Data Protection Officer, 224 N. Des Plaines, Suite 350, Chicago, Illinois 60661.
European Union General Data Protection Regulation 2016/679
European Union General Data Protection Regulation EU 2016/679 (“GDPR”), approved by the European Parliament on April 14, 2016, and effective May 25, 2018, addresses the protection of natural persons located in the EU with respect to the processing of their Personal Data. GDPR recognizes that Personal Data shall be:
As a Controller, Topstep shall be responsible for, and shall be able to demonstrate compliance with, the foregoing principles. Therefore, you have the right:
LGPD Supplemental Privacy Notice
This Section addresses legal obligations and rights set forth in the LGPD that apply only to eligible residents of Brazil. These obligations and rights apply to businesses doing business in Brazil and to Brazilian residents and information that relates to Brazilian Users. IT does not apply to information that has been anonymized by the LGPD.
If you are a Brazilian resident, the following provisions apply in addition to the terms of the Privacy Notice:
Request for the deletion of Personal Data
Under the GDPR and the LGPD, EU Users and Brazilian Users may have the right to request the deletion of their Personal Data that Topstep collects, stores, or processes. In the event Topstep receives such a request, Topstep will erase the Personal Data without undue delay (which will be no longer than 30 days for EU Users and no longer than 15 days for Brazilian Users). All requests will be subject to our information request requirements, including identity verification and authentication procedures, as well as compliance with applicable law. To the extent permitted by the applicable laws, we may decline, however, requests that are unreasonable, incomplete, do not comply with our information request procedures or that are not required to be honored by applicable law.
If you would like to submit a request for erasure (request to be forgotten), please use the form linked here.
To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, Topstep utilizes generally accepted industry standards to protect your Personal Data submitted to Topstep or relies on the services of third parties to provide the same. However, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee the absolute security of your Personal Data.
Topstep Sites or Services are not intended for use by minors under the age of 18 and are not targeted to children. Topstep does not knowingly collect information from children under the age of 16, solicit information from such children, or market products to such children.
We do not intentionally collect, process, transfer, or store Sensitive Data.
We use cookies and other similar technologies, including log data, on our Sites and Services to distinguish you from other users of our websites and apps (including when you browse third party websites). This helps us to provide you with a good experience when you use our services. We also use cookies and similar technologies to show you more personalized advertising. You may adjust the settings on your browser to refuse cookies but some of our services may not work if you do so.
Our servers also automatically record Log Data which includes information such as your internet service provider, your computer’s internet protocol address, browser type and operating system, referring/exit pages, clickstream data, pages of our Sites and Services that you visit (and the time spent on these pages), information you search for on our Sites or Services, and other statistics. We use this information to monitor and analyze your use of our Sites or Services and to better tailor them to your needs in order to provide you with a better experience.
Please click here to see the Cookies used on our site.
Topstep strives to keep your Personal Data accurately recorded. You have the right to access and request the correction, amendment, or deletion of all of your recorded personal information that has been collected by us. If you wish to review your recorded Personal Data, please contact us at:
c/o Topstep LLC, Attn: Data Protection Officer, Email: support@Topstep.com U.S. Mail: 224 N. Des Plaines, Suite 350, Chicago, Illinois 60661.
If you write to us, please include your name, email address, and telephone number and let us know what kind of information you would like to see. You may view and copy your information in person, or if you prefer, we will copy and send you your information. If you see any mistakes, let us know and we will review it. If we agree, we will correct our files. If we disagree, you may file a short statement of dispute with us. Your statement will be included with any data we disclose in the future. We will also send the statement to anyone you ask us to who received your information from us in the past two years.
Topstep retains Personal Data for as long as we reasonably require it for legal or business purposes. In determining data retention periods, Topstep takes into consideration local laws, contractual obligations, and the expectations and requirements of our Users. We will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. When we no longer need personal information, we securely delete or destroy it.
You must affirm that you have read, understand, and accept the terms of this Privacy Policy. If you do not accept the terms of this Privacy Policy, you must discontinue your use of the Sites and Services.
The terms of the Privacy Policy may change from time to time. If we modify our Privacy Policy, we will notify you and post the revised statement here, with an updated revision date. You must affirm that you have read, understand, and accept the revised terms of this Privacy Policy. If you do not accept the revised terms of this Privacy Policy, you must discontinue your use of the Sites and Services.
We value your opinion. If you have comments or questions about our Privacy Policy, please send them to our Data Protection Officer at support@Topstep.com. You can also write to us at:
c/o Topstep LLC, Attn: Data Protection Officer, 224 N. Des Plaines, Suite 350, Chicago, Illinois 60661.
We use cookies in order to improve and personalize your browsing experience. To find out more and configure your cookie settings, click here.