← Back

Privacy Policy

Last updated: April 2026

1. What We Collect

  • Account info: email address and password (hashed) when you sign up.
  • Portfolio data: stock tickers and position details you add manually. If brokerage sync is enabled in a future release, we will store only an encrypted vendor access token, never your banking credentials.
  • Usage data: pages visited, signals viewed, settings changed — used to improve the product.
  • Payment data: handled entirely by Stripe. We never see or store your card number.

2. How We Use It

  • To generate nightly signals for your portfolio and watchlist.
  • To send you signal digest emails (you can opt out in Settings).
  • To process your subscription via Stripe.
  • To improve the scoring model and product features.

We do not sell your data. We do not share your data with third parties except as necessary to provide the Service (Supabase for DB, Resend for email, Stripe for payments, and any brokerage-sync provider we explicitly enable later).

3. Data Storage

Data is stored in Supabase (PostgreSQL) hosted in the US. All data is encrypted in transit (TLS) and at rest. If brokerage sync is enabled later, vendor access tokens will be additionally encrypted using a server-side key.

4. Your Rights

You may request a copy of your data, correction of inaccurate data, or deletion of your account and all associated data. To exercise these rights, email us at the address below. We will respond within 30 days.

5. Cookies

We use a single session cookie for authentication (Supabase SSR). We do not use tracking cookies, ad pixels, or third-party analytics cookies.

6. Data Retention

We retain your data while your account is active. If you cancel, we retain it for 90 days before deletion to allow for reactivation. You may request immediate deletion at any time.

7. Contact

Privacy questions: support@investment-ai-analyst.vercel.app.