Account data: Email address, display name, profile image (from Google OAuth if applicable), hashed password.

Usage data: Portfolio names and holdings (ticker symbols), stock analysis history, session tokens.

Technical data: IP address (for security), browser type, access timestamps — standard server logs.

We do NOT collect: Financial account numbers, bank details, SSNs, credit cards, or trading history.

▸ To authenticate you and maintain your session

▸ To store and retrieve your portfolio and analysis data

▸ To provide the causal analysis features of the Platform

▸ To send transactional emails (account creation, password reset) — no marketing emails without consent

All data is stored in encrypted PostgreSQL databases provided by Neon (neon.tech), a SOC 2 Type II compliant cloud database provider.

Passwords are hashed using bcrypt with 12 salt rounds. We never store plaintext passwords.

Authentication tokens are JWT-signed with a secret key stored as an environment variable, never in source code.

We DO NOT sell your personal data.

Ticker symbols you analyze are sent to Yahoo Finance, FRED, and Perplexity APIs to fetch market data. These providers have their own privacy policies.

Google OAuth: If you sign in with Google, we receive your name, email, and profile picture from Google. We do not receive your Google account password.

▸ Access: View all your data from your Profile page

▸ Correction: Update your name and email in Profile settings

▸ Deletion: Delete your account and all associated data from the Profile page. Deletion is permanent and cannot be undone.

▸ Portability: Contact us to request a JSON export of your data

We use only essential session cookies required for authentication (NextAuth.js). We do not use advertising or tracking cookies.

See our Cookie Policy for details.

For privacy inquiries, contact: privacy@infinidatum.com