← Back to ScanInsight
Privacy Policy
Last updated: April 8, 2026
1. Information We Collect
| Data Type | What | Why |
|---|
| Account | Email, hashed password | Authentication |
| Billing | Name, billing address, last 4 of card | Payment processing (Stripe) |
| Journal | Trade entries you log | Your trade journal data |
| Broker tokens | OAuth tokens (encrypted) | Broker sync feature |
| Usage | Pages viewed, features used | Improving the product |
2. How We Use Your Data
- To provide the Service: Authenticate you, display scans, store your journal entries, sync broker trades.
- To process payments: Stripe handles all payment data. We never see or store full card numbers.
- To improve ScanInsight: Anonymous usage analytics help us understand which features are used.
- To communicate: Transactional emails (welcome, trial ending, payment issues). We do not send marketing emails without consent.
3. What We Do NOT Do
- We do not sell your personal data to third parties.
- We do not share your trade journal data with anyone.
- We do not use your data for advertising.
- We do not store full credit card numbers (Stripe handles this).
- We do not track you across other websites.
4. Third-Party Services
We use the following third-party services:
- Supabase — Database and authentication (hosted in US)
- Stripe — Payment processing (Stripe Privacy Policy)
- SendGrid — Transactional emails
- Polygon.io — Real-time market data
- DigitalOcean — Server hosting (US)
5. Broker Integration Data
When you connect a brokerage account, we store OAuth tokens securely to sync your trades. We access only trade history data — we cannot place orders, transfer funds, or modify your brokerage account in any way. You can disconnect any broker at any time, which immediately revokes our access.
6. Data Storage and Security
- All data is stored on encrypted servers hosted in the United States.
- Passwords are hashed using bcrypt (via Supabase Auth).
- Broker tokens are stored encrypted in the database.
- All connections use HTTPS/TLS encryption.
- We perform regular backups with retention policies.
7. Data Retention
Your data is retained as long as your account is active. If you delete your account:
- Account data is deleted within 30 days.
- Trade journal data is deleted within 30 days.
- Broker connections are immediately revoked and tokens deleted.
- Backup copies are purged within 90 days.
8. Your Rights
You have the right to:
- Access your personal data (export via CSV in the journal)
- Correct inaccurate data (edit trades, update profile)
- Delete your account and all associated data
- Disconnect any broker integration at any time
- Opt out of non-essential communications
To exercise any of these rights, email info@scaninsight.io.
9. Cookies
We use only essential cookies for authentication (session tokens stored in localStorage). We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
10. Children's Privacy
ScanInsight is not intended for use by anyone under the age of 18. We do not knowingly collect data from minors.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of material changes via email. Continued use of the Service constitutes acceptance.
12. Contact
Questions about privacy? Email info@scaninsight.io.