Privacy Policy

At Ascentia, we take your privacy seriously. This policy explains what information we collect, how we use it, and your rights regarding your data. We are committed to transparency and giving you control over your personal information.

Key Principles

• Transparency: We clearly explain what data we collect and why
• Control: You decide what data to share and can delete it anytime
• Security: We use industry-leading encryption and security measures
• Minimal collection: We only collect data necessary for our services
• No selling: We never sell your personal data to third parties

Last Updated: January 2025

Account Information

• Name and email address
• Password (encrypted and hashed)
• Profile picture (optional)
• Phone number (for 2FA, optional)
• Account preferences and settings

Trading Data

• Trade entries (symbols, prices, dates, P&L)
• Trade notes and screenshots
• Performance metrics and analytics
• Trading strategies and tags
• Journal entries and reflections

Usage Information

• Login history and session data
• Device information (browser, OS, device type)
• IP address and location (for security)
• Feature usage and interaction patterns
• Error logs and diagnostic data

Payment Information

• Billing address
• Payment method (processed by Stripe, not stored by us)
• Subscription plan and billing history
• Invoice information

Communications

• Support tickets and correspondence
• Feedback and survey responses
• Email preferences

Providing Services

• Create and manage your account
• Store and display your trading journal
• Generate performance analytics and insights
• Provide AI-powered recommendations
• Enable data export and backup features

Security and Fraud Prevention

• Verify your identity and prevent unauthorized access
• Detect and prevent fraudulent activity
• Monitor for suspicious behavior
• Enforce our terms of service

Communication

• Send important account notifications
• Respond to support requests
• Send product updates (with your consent)
• Provide educational content

Improvement and Development

• Analyze usage patterns to improve features
• Develop new functionality
• Fix bugs and technical issues
• Optimize performance

Legal Compliance

• Comply with legal obligations
• Respond to lawful requests from authorities
• Protect our rights and property
• Enforce our agreements

We do not sell your personal data. We only share information in the following limited circumstances:

Service Providers

We work with trusted third-party service providers who help us operate Ascentia:

• Hosting: Vercel (infrastructure and hosting)
• Database: Neon (encrypted data storage)
• Payments: Stripe (payment processing)
• Email: SendGrid (transactional emails)
• Analytics: Vercel Analytics (privacy-focused usage data)

These providers are contractually obligated to protect your data and can only use it to provide services to us.

Third-Party Integrations

When you connect external services (brokers, trading platforms):

• You explicitly authorize data sharing
• Only necessary data is shared
• You can revoke access at any time
• Third parties have their own privacy policies

Legal Requirements

We may disclose information if required by law:

• In response to valid legal requests (subpoenas, court orders)
• To protect our rights, property, or safety
• To prevent fraud or illegal activity
• In connection with legal proceedings

Business Transfers

If Ascentia is acquired or merged, your data may be transferred to the new entity. You will be notified of any such change.

Access and Portability

• View all your personal data in Account Settings
• Export your trading data at any time
• Download a complete copy of your information
• Receive data in a machine-readable format

Correction and Updates

• Update your profile information anytime
• Correct inaccurate data
• Modify your preferences and settings

Deletion

• Delete individual trades or journal entries
• Request complete account deletion
• Data is permanently deleted within 30 days
• Some data may be retained for legal compliance

Opt-Out Rights

• Unsubscribe from marketing emails
• Disable non-essential cookies
• Opt out of analytics tracking
• Revoke third-party integrations

Exercising Your Rights

To exercise any of these rights:

1. Go to Account Settings → Privacy
2. Or email privacy@ascentia.app
3. We'll respond within 30 days
4. Identity verification may be required

Active Accounts

• Data is retained as long as your account is active
• You can delete specific data at any time
• Backups are kept for 90 days

Deleted Accounts

• Most data is deleted within 30 days of account deletion
• Some data may be retained for legal or security purposes
• Anonymized analytics data may be retained indefinitely
• Backups are purged after 90 days

Legal Requirements

Certain data must be retained for compliance:

• Financial records: 7 years
• Security logs: 1 year
• Support tickets: 3 years

Ascentia is based in the United States, and your data is primarily stored on servers in the US. If you access Ascentia from outside the US, your data will be transferred to and processed in the US.

Data Protection Measures

• We comply with GDPR for EU users
• Standard contractual clauses are in place
• Data is encrypted during transfer and at rest
• We follow international data protection standards

Ascentia is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

We may update this privacy policy from time to time. When we make significant changes:

• We'll notify you via email
• We'll display a notice in the app
• The "Last Updated" date will be changed
• You'll be asked to review and accept major changes

Continued use of Ascentia after changes indicates acceptance of the updated policy.

If you have questions or concerns about this privacy policy or our data practices:

• Email: privacy@ascentia.app
• Support: Use the in-app chat or help center
• Mail: Ascentia Privacy Team, [Address]

We'll respond to privacy inquiries within 30 days.