Privacy Policy

What this is

InsiderTrack aggregates publicly available SEC Form 4 insider trading filings and public social media discussion to surface insider trading signals. Access is limited to an allowlist of users approved by the admin. This policy explains what personal data we collect, why, and how we handle it.

What we collect

• Email address — provided directly when you sign up, or received from Google, Apple, or Facebook when you log in via OAuth.
• Name — received from your OAuth provider when you use social login. Not required for email/password signup.
• OAuth profile ID — a provider-specific identifier used to link your social login to your account. Used only for authentication.
• Session cookie — set when you log in, used to keep you authenticated. Expires when you sign out or after a period of inactivity.

We do not collect browsing behavior, analytics, location data, IP addresses, or anything beyond what is listed above.

Why we collect it

Solely for authentication and account management. Your email is used to identify your account and verify you are on the allowlist. We do not send marketing emails or newsletters.

How we store it

Account data is stored in a PostgreSQL database on a private server. Connections are encrypted. We do not store OAuth tokens or passwords in plaintext.

Third-party services

We offer login via Google, Apple, and Facebook. When you use one of these, the provider sends us your email address, name, and a profile ID. We do not receive your password or any other profile data. We use these only to authenticate you.

The data displayed in the app (insider trades, company filings) comes from publicly available SEC EDGAR filings and public social media posts. None of this is personal data about our users.

Data retention

We keep your account data for as long as your account is active. If you request deletion, we will remove it within 30 days.

Requesting data deletion

You can request deletion of your personal data at any time. Email us at privacy@insidertrack.app with the subject line "Data deletion request" and include the email address on your account.

We will delete your email address, name, OAuth profile linkage, and any other personal data associated with your account within 30 days, and confirm once done.

Cookies

We set one session cookie when you log in. It is used only to keep you authenticated and is cleared when you sign out. We do not use tracking cookies, advertising cookies, or any analytics service.

Children's privacy

InsiderTrack is not directed at children under 13. We do not knowingly collect personal data from anyone under 13.

Changes to this policy

We may update this policy as the product evolves. The "last updated" date at the top reflects any changes. Continued use after changes are posted constitutes acceptance of the updated policy.

Contact

Questions or concerns about this policy can be sent to privacy@insidertrack.app.