← Back

Privacy Policy

Last updated: April 2026

1. What We Collect

  • Account info: email address and password (hashed) when you sign up.
  • Portfolio data: stock tickers you add manually or sync via Plaid. Plaid credentials are encrypted at rest using AES-256; we store only the encrypted access token, never your banking credentials.
  • Usage data: pages visited, signals viewed, settings changed — used to improve the product.
  • Payment data: handled entirely by Stripe. We never see or store your card number.

2. How We Use It

  • To generate nightly signals for your portfolio and watchlist.
  • To send you signal digest emails (you can opt out in Settings).
  • To process your subscription via Stripe.
  • To improve the scoring model and product features.

We do not sell your data. We do not share your data with third parties except as necessary to provide the Service (Supabase for DB, Resend for email, Stripe for payments, Plaid for brokerage sync).

3. Data Storage

Data is stored in Supabase (PostgreSQL) hosted in the US. All data is encrypted in transit (TLS) and at rest. Plaid access tokens are additionally encrypted using a server-side key.

4. Your Rights

You may request a copy of your data, correction of inaccurate data, or deletion of your account and all associated data. To exercise these rights, email us at the address below. We will respond within 30 days.

5. Cookies

We use a single session cookie for authentication (Supabase SSR). We do not use tracking cookies, ad pixels, or third-party analytics cookies.

6. Data Retention

We retain your data while your account is active. If you cancel, we retain it for 90 days before deletion to allow for reactivation. You may request immediate deletion at any time.

7. Contact

Privacy questions: support@investment-ai-analyst.vercel.app.