1. Information We Collect
We collect the following types of information when you use FlowGX:
- Account information: Email address, name (optional), and hashed password when you register.
- Usage data: Pages visited, features used, and interaction patterns to improve the Service.
- Payment information: Handled entirely by Stripe. We do not store credit card numbers or payment details.
- Watchlist data: Tickers you add to your personal watchlist.
- Alert configurations: Alert settings you configure, stored locally in your browser.
2. How We Store Your Data
Your account data is stored in an encrypted database. Passwords are hashed using bcrypt and are never stored in plain text. We use industry-standard security practices to protect your information.
Our production database uses SQLite (development) or PostgreSQL (production), hosted in secure, access-controlled environments.
3. Third-Party Services
We work with the following third parties who may process your data:
- Stripe — Payment processing. Stripe processes and stores your payment information. Review Stripe's Privacy Policy.
- Polygon.io — Options and market data provider. Data displayed on FlowGX is sourced from Polygon.io.
- Resend — Transactional email delivery for verification and password reset emails. Your email address is transmitted to Resend solely for delivering these emails.
4. How We Use Your Information
- To provide and maintain the Service
- To process payments and manage your subscription
- To send transactional emails (account verification, password resets)
- To improve the platform through usage analytics
- To comply with legal obligations
5. Cookies
FlowGX uses cookies and local storage for session management and user preferences (e.g., language selection, alert settings). We do not use third-party advertising cookies.
6. Your Rights
You have the right to:
- Access your data: Request a copy of the personal data we hold about you.
- Delete your account: Request deletion of your account and associated data. Contact us through the support section.
- Data export: Request an export of your data in a machine-readable format.
- Correct your data: Update your account information through the settings page.
7. Data Retention
We retain your account data for as long as your account is active or as needed to provide the Service. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
8. Security
We implement reasonable technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. However, no internet transmission is 100% secure, and we cannot guarantee absolute security.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a notice on the platform. Continued use of the Service after changes constitutes acceptance of the updated policy.
10. Contact
For privacy-related inquiries or to exercise your data rights, please contact us through the support section of the platform.