Privacy Policy

Market Lens ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our AI-powered chart analysis Service. By using Market Lens, you agree to the practices described in this policy.

We collect the following categories of information: **Account Information:** When you register, we collect your email address, name, and optionally a profile picture (via Google OAuth). **Chart Images:** Images you upload for analysis are stored temporarily for processing and then saved to your analysis history in Supabase Storage. These images are associated with your account. **Analysis History:** We store your analysis results, including ticker symbols, timeframes, templates used, AI providers selected, and the resulting analysis data in our database. **Usage Data:** We collect information about how you interact with the Service, including API calls made, credit usage, and subscription status. **Payment Information:** Payment processing is handled entirely by Stripe. We do not store credit card numbers or banking details. We only receive Stripe customer IDs and subscription status information.

We use collected information to: (a) provide and improve the Service; (b) process your subscription and manage billing via Stripe; (c) send transactional emails related to your account; (d) monitor and enforce usage limits per subscription tier; (e) analyze usage patterns to improve AI model performance and platform reliability; (f) comply with legal obligations; and (g) communicate important service updates.

We use the following trusted third-party services to operate Market Lens: **Supabase** — Database, authentication, and file storage. Your chart images and analysis data are stored in Supabase's secure cloud infrastructure. Supabase is SOC 2 Type II compliant. **Stripe** — Payment processing. All payment data is handled by Stripe and governed by Stripe's Privacy Policy. We do not see or store your full payment card details. **Anthropic (Claude)** — AI analysis for Claude-powered analyses. Chart images are sent to Anthropic's API for processing. Anthropic's data handling policies apply. **OpenAI (GPT-4)** — AI analysis for GPT-4 powered analyses. Chart images are sent to OpenAI's API for processing. OpenAI's data handling policies apply. **Upstash Redis** — Caching layer to improve performance. Cached data is time-limited and does not contain personally identifiable information beyond user IDs used as cache keys.

Analysis history is retained as long as your account is active. Chart images stored in Supabase Storage are retained with your analysis history. You can delete individual analyses or your entire account at any time. Upon account deletion, your personal data is permanently removed from our database within 30 days, subject to any legal retention requirements. Stripe retains payment records as required by financial regulations.

We implement industry-standard security measures to protect your data: HTTPS encryption in transit, Row Level Security (RLS) on our database ensuring users can only access their own data, secure JWT-based authentication via Supabase Auth, bcrypt password hashing (for email/password accounts), and regular security reviews. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Depending on your location, you may have the following rights regarding your personal data: **Access:** You can request a copy of your personal data we hold. **Correction:** You can update your profile information through your account settings. **Deletion:** You can delete your account and associated data through your account settings. We will process deletion requests within 30 days. **Data Portability:** You can request an export of your analysis history. **Opt-out:** You can opt out of non-essential communications by updating your notification preferences. For GDPR (EU/EEA), CCPA (California), or other applicable privacy law requests, please contact us directly.

We use cookies and similar technologies solely for authentication (session cookies via Supabase Auth) and essential Service functionality. We do not use third-party advertising cookies, tracking pixels, or behavioral advertising. Our session cookies expire after your session ends or upon sign-out. We do not use analytics services that track you across other websites.

Market Lens is not directed to children under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe a child has provided personal information to us, please contact us immediately and we will take steps to remove that information.

When you submit a chart for analysis, the image data is transmitted to our AI providers (Anthropic or OpenAI) for processing. This transmission is necessary to provide the Service. Chart images are processed in accordance with Anthropic's and OpenAI's respective API data policies. We encourage you to review their privacy policies. We do not sell your chart images or analysis results to third parties.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by updating the "Last updated" date and, for significant changes, via email or prominent notice in the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We are committed to resolving privacy-related questions promptly and transparently. For formal GDPR requests, please clearly indicate the nature of your request in your communication.