AI Stock Platform - Privacy Policy

1. INTRODUCTION

This Privacy Policy explains how GROZA M. CĂLIN PFA who operates the AI Stock Platform ("we", "us") collects and uses information when you visit or use our website and related services (the "Service"). We aim to keep data collection minimal and comply with the General Data Protection Regulation (GDPR).

2. ACCOUNTS & AUTHENTICATION (FREE)

You can browse parts of the Service without creating an account. However, some features may require you to sign in with a free account.

When you sign in, the Service uses short‑lived access tokens and longer‑lived refresh tokens to maintain your session. These tokens are sent to our backend to authorize protected API requests.

3. DATA WE COLLECT

A. Automatically Collected (Technical Data)

When you access the Service, our servers may log standard technical data for security and operational purposes (Legal Basis: Legitimate Interest, Art. 6(1)(f) GDPR), such as:

  • IP address (where feasible, minimized/anonymized)
  • Browser type and operating system
  • Request timestamps and basic request metadata
  • Error logs needed to diagnose issues

B. Usage and Measurement Data (With Consent)

When you consent via our cookie banner, we use Google Analytics 4 to collect aggregated usage data, such as:

  • Pages and features used (page views, navigation)
  • Events like sign_up
  • Device and browser type (aggregated)

If you arrive via a Google ad, Google may store an ad click identifier and measure conversions for attribution.

C. Account Data (When You Create a Free Account)

If you register an account, we collect (Legal Basis: Contract, Art. 6(1)(b) GDPR):

  • Email address
  • Password (stored in a secure form such as a one-way hash; we do not use or store plaintext passwords)
  • Country (if provided/selected during sign up)
  • Marketing opt-in preference (if you choose to receive occasional product emails; Legal Basis: Consent, Art. 6(1)(a) GDPR)

D. Cookies / Local Storage (Preferences & Session Support)

We use client-side storage to keep the Service functional and remember your preferences:

  • Preference/consent cookies (e.g., cookie consent and UI preferences)
  • Authentication session data stored in your browser (used to keep you signed in and to attach authorization to protected requests)

We do not sell personal data. We do not run remarketing or personalized ads audiences unless explicitly enabled and disclosed.

E. Communication Data

If you contact us (e.g., through the Contact page), we may process the information you provide (such as your name, email, and message) to respond (Legal Basis: Legitimate Interest or Consent, depending on the context).

4. HOW WE USE YOUR DATA

We use the data described above to:

  • Provide and operate the Service (including protected features for signed-in users)
  • Secure the Service and prevent abuse
  • Respond to support requests and inquiries
  • Send occasional product emails only if you opt in for marketing
  • Understand usage patterns and measure conversions (with consent)

5. SHARING AND DISCLOSURE

We do not sell your personal data. We may share limited data with:

  • Hosting/infrastructure providers necessary to run the Service
  • Analytics and ads measurement providers (Google), for aggregated usage and conversion measurement
  • Authorities if required by Law

Some providers may process data outside the EU. When this happens, we rely on appropriate safeguards where applicable.

6. COOKIE CONTROLS AND CONSENT

You can manage your preferences through our cookie banner or the cookie settings page. You can withdraw consent at any time, which will disable analytics and ads measurement cookies. You can also use your browser controls to block or delete cookies.

7. SECURITY

We use reasonable technical and organizational measures to protect your information, including:

  • Token-based authentication for protected routes
  • Secure handling of passwords (e.g., hashing) and access controls
  • Logging and monitoring for security and reliability

No system is 100% secure, but we continuously improve protections.

8. DATA RETENTION

We retain data only as long as needed:

  • Account data is retained while your account is active (and may be retained longer if required for security, backups, or legal compliance)
  • Logs are retained for a limited time for security/operations
  • Marketing preference is retained until you opt out

9. YOUR RIGHTS (GDPR)

Depending on your location, you may have rights to:

  • Access, correct, or delete your personal data
  • Object to or restrict certain processing
  • Withdraw consent (e.g., marketing emails) at any time
  • Data portability (where applicable)

To exercise your rights, contact us using the information below.

10. CONTACT

For privacy questions or requests, contact us via the Contact page or at at: contact@aistockplatform.com

**Privacy Version 1.1

Last updated: 2026-01-21