Privacy Policy

Capital Sound ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services.

By using Capital Sound, you consent to the data practices described in this policy. If you do not agree with our practices, please do not use our services.

Account Information

When you create an account, we collect:

•Email address

•Name (if provided through OAuth)

•Profile picture (if provided through OAuth)

•Authentication tokens from Google or Apple Sign-In

Usage Data

We automatically collect:

•App usage patterns and interactions

•Feature usage statistics

•Device information (model, OS version)

•Crash logs and error reports

Subscription Information

For premium subscribers:

•Subscription tier and status

•Payment history (processed by Stripe)

•Trial period information

User Preferences

•Stock watchlist selections

•Notification preferences

•App settings and preferences

We use collected information to:

•Provide Services: Deliver daily market digests, AI-generated podcasts, and personalized stock watchlists

•Personalization: Customize content based on your watchlist and preferences

•Account Management: Manage your subscription, authentication, and account settings

•Communications: Send important updates, notifications, and service announcements

•Analytics: Understand usage patterns to improve our services

•Security: Detect and prevent fraud, abuse, and security incidents

•Legal Compliance: Meet our legal obligations and enforce our terms

We do not sell your personal information to third parties.

Where We Store Data

Your data is stored securely using Supabase, a cloud-based platform built on PostgreSQL. Our servers are located in secure data centers with industry-standard protections.

Security Measures

•Row-Level Security (RLS) policies ensure users can only access their own data

•All data transmission is encrypted using TLS/SSL

•Authentication tokens are securely managed

•Regular security audits and monitoring

•Secure payment processing through Stripe (PCI-DSS compliant)

Data Retention

•Account data: Retained while your account is active

•Usage logs: Retained for up to 12 months

•Payment records: Retained as required by law

•Deleted accounts: Data is purged within 30 days

We cannot guarantee absolute security, but we implement reasonable measures to protect your information.

We may share your information with:

Service Providers

•Supabase: Database and authentication services

•Stripe: Payment processing (for subscriptions)

•Google/Apple: OAuth authentication

•AI Services: Content generation (no personal data shared)

Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights and safety.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

With Your Consent

We may share information in other ways if you explicitly consent.

What We Never Share

•Your watchlist or portfolio information

•Your payment details (handled solely by Stripe)

•Personal information for marketing by third parties

Depending on your location, you may have certain rights regarding your personal information:

Access & Portability

•Request a copy of your personal data

•Export your watchlist and preferences

Correction

•Update or correct inaccurate information

•Modify your account settings at any time

Deletion

•Request deletion of your account and data

•Delete individual items from your watchlist

Opt-Out

•Unsubscribe from promotional communications

•Disable push notifications

•Opt out of analytics tracking

GDPR Rights (for EU residents)

•Right to be informed

•Right to rectification

•Right to erasure ("right to be forgotten")

•Right to restrict processing

•Right to data portability

•Right to object

CCPA Rights (for California residents)

•Right to know what personal information is collected

•Right to delete personal information

•Right to opt-out of sale (we do not sell your data)

•Right to non-discrimination

Types of Communications

•Service Notifications: Essential updates about your account, subscription, or the app

•Market Updates: Daily digest notifications (optional)

•Promotional: New features and special offers (optional)

Managing Preferences

You can control notifications through:

•In-app notification settings

•Device notification settings

•Unsubscribe links in emails

Required Communications

Some communications are necessary for service operation and cannot be opted out of, including:

•Security alerts

•Subscription-related notices

•Legal or policy updates

Capital Sound is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at support@capitalsound.app. We will take steps to delete such information.

Our app integrates with third-party services that have their own privacy policies:

•Supabase: Database and authentication

Privacy Policy: supabase.com/privacy

•Stripe: Payment processing

Privacy Policy: stripe.com/privacy

•Google: OAuth authentication

Privacy Policy: policies.google.com/privacy

•Apple: Sign in with Apple

Privacy Policy: apple.com/legal/privacy

We encourage you to review these policies. We are not responsible for the privacy practices of third-party services.

We may update this Privacy Policy from time to time. Changes will be effective when posted.

How We Notify You

•Material changes: Email notification and in-app notice

•Minor changes: Updated "Last Modified" date

Your Continued Use

Continued use of Capital Sound after changes constitutes acceptance of the updated policy.

We encourage you to periodically review this policy for the latest information on our privacy practices.

If you have questions, concerns, or requests regarding your privacy or this policy, please contact us:

Email: support@capitalsound.app

Data Protection Requests

For data access, correction, or deletion requests:

•Email: support@capitalsound.app

•Subject line: "Privacy Request - [Your Request Type]"

•Include your account email for verification

We aim to respond to all privacy-related inquiries within 30 days.