StoxSage Privacy Policy

1. Core Principles

• Collect the minimum viable data necessary to operate and improve the platform.
• No sale of personal data to third parties.
• Data used only for security, reliability, performance, and product evolution.
• Transparent disclosure of any future expansion of data categories.

2. Data We Currently Process

3. Future / Conditional Data (Not Yet Active)

• User Accounts: Display name, email (for authentication & saved watchlists) – only if you opt‑in when launched.
• Advertising Identifiers: If we enable contextual or limited personalized ads, a consent banner will precede activation.
• Portfolio Simulation Inputs: Hypothetical holdings you manually enter – never shared, purge-on-demand.

4. Cookies & Local Storage

• Session / preference tokens: Theme choice, locale, UI settings.
• Analytics (future optional): Will require explicit opt‑in.
• No third‑party marketing pixels currently deployed.

5. Data Processors & Infrastructure

We may utilize reputable cloud and analytics infrastructure. Any sub‑processors added will be listed in a changelog.

6. Your Rights

• Request access or export (when accounts launch).
• Request correction or deletion (subject to legal holds).
• Withdraw analytics / cookie consent (forthcoming UI control).
• Lodge a complaint with an applicable supervisory authority (EU/UK users).

7. Security Measures

• Transport Layer Security (TLS) for in‑transit encryption.
• Principle of least privilege for internal service roles.
• Automated dependency vulnerability scanning.
• Selective log redaction & minimal PII footprint.

8. International Access

Data may be processed in the United States or other regions where infrastructure providers operate. We apply protective controls irrespective of jurisdiction.

9. Policy Changes

Material changes: on‑site banner + version note. Minor clarifications: changelog entry only. Your continued use after effective date signifies acceptance.

10. Contact

Privacy inquiries: [email protected]