← Back to Trackfolio

Privacy Policy

Last updated: April 15, 2026

The short version

Trackfolio stores your portfolio and trade data to power the app. We do not sell your data, show you ads, or share your information with third parties. Your trading data belongs to you.

Owner commitment: The app owner does not manually browse, review, or use your personal trading data. Access to the database is only used for technical maintenance (e.g. fixing bugs, running backups). Row-level security is enabled so your data is isolated from other users.

What we collect

  • Account info — your email address and a hashed (bcrypt) password. We never store your plaintext password.
  • Portfolio data — holdings (symbol, quantity, price), trades, and watchlist items you add.
  • Usage data — how many AI questions you've used (for the free plan limit). No page-view tracking or analytics.
  • Feedback — if you submit feedback via the sidebar form, we save it to a private Google Sheet.

What we don't collect

  • No IP address logging beyond standard Vercel infrastructure logs
  • No cookies beyond a single auth session cookie
  • No advertising or marketing tracking
  • No selling or sharing of data with any third party
  • No reading of your brokerage accounts or external wallets

Where your data is stored

Data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure in the EU region. Row-level security (RLS) is enabled — each user can only access their own rows. The app backend uses a service role key that bypasses RLS only for legitimate app operations (loading your dashboard, saving trades, etc.).

The app is deployed on Vercel. Payments are processed by Stripe — we never see or store your card details.

Third-party services

  • Stripe — payment processing. Governs by Stripe's privacy policy.
  • Anthropic (Claude) — powers the AI Research chat. Your questions and the ticker context are sent to Anthropic's API. No personal account data is shared.
  • CoinGecko / Yahoo Finance — live price lookups. Only the ticker symbol is sent, no personal data.
  • Google Sheets — feedback submissions are stored in a private sheet accessible only to the app owner.

Data retention & deletion

Your data is retained as long as your account is active. You can delete your account and all associated data at any time from the Settings page using the "Reset All Data" option, or by emailing us at patryxnft@gmail.com and we will permanently delete your account within 7 days.

Security

Passwords are hashed with bcrypt (12 rounds) and never stored in plain text. All communication is over HTTPS. Database access is restricted via Supabase RLS and a server-side service role key that is never exposed to the browser.

Contact

Questions about your data? Email patryxnft@gmail.com.

© 2026 TrackfolioBack to app →