FolioForecast ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our portfolio optimization service at www.folioforecast.com (the "Service").
By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies, please do not use the Service.
Our Commitment: We collect only the data necessary to provide the Service. We do not sell personal information that directly identifies you. However, we may share aggregated, anonymized data and public portfolio rankings with third parties. See Section 4 for details.
Processed by Stripe (we do not store card numbers)
Processing subscription payments
Agreement Records
Acceptance of Terms/Disclaimer, timestamps, IP addresses
Legal compliance, audit trail
Communications
Support emails, feedback
Customer support, service improvement
2.2 Information Collected Automatically
Data Type
Examples
Purpose
Usage Data
Features used, optimization methods selected, pages visited
Service improvement, analytics
Device Information
Browser type, operating system, device type
Compatibility, debugging
Log Data
IP address, access times, referring URLs
Security, fraud prevention
2.3 Information We Do NOT Collect
Brokerage account credentials or access
Actual investment holdings or account balances
Social Security numbers or government IDs
Credit card numbers (handled by Stripe)
3. How We Use Your Information
We use collected information for the following purposes:
Provide the Service: Run optimizations, save portfolios, display analytics
Account Management: Create and manage your account, process subscriptions
Communication: Send service updates, respond to inquiries, provide support
Improvement: Analyze usage patterns to improve features and user experience
Security: Detect and prevent fraud, abuse, and security threats
Legal Compliance: Comply with applicable laws and regulations, maintain agreement records
Note: We do not use your portfolio data to make investment decisions, share investment strategies, or provide personalized investment recommendations to other users.
4. Information Sharing
We do not sell your personal information that directly identifies you. We may share information in the following circumstances:
4.1 Service Providers
We share data with trusted third-party providers who assist in operating our Service:
Clerk: Authentication and user management
Stripe: Payment processing
Railway: Cloud hosting infrastructure
EODHD: Market data provider (we send ticker requests, not your personal data)
4.2 Aggregated & Anonymized Data
Important: We may share, sell, or license aggregated, anonymized, or de-identified data that does not directly identify you. This includes:
Portfolio Rankings Data: Aggregated performance metrics, asset allocations, and optimization results from public portfolios
Market Trends: Anonymized data about popular assets, allocation strategies, and optimization preferences
Research Data: Statistical analysis of portfolio performance across our user base
API Access: Third-party websites and services may purchase access to view public rankings, anonymized portfolio allocations, and aggregate performance data
This aggregated data cannot reasonably be used to identify you personally. Your username may be visible in public rankings if you opt in to that feature.
4.3 Advertising Partners
We may display advertisements on the Service provided by third-party advertising networks. These partners may:
Use cookies and similar technologies to collect information about your browsing activity
Display targeted advertisements based on your interests
Track ad performance and engagement
You can manage your advertising preferences through your browser settings or by using opt-out tools provided by advertising networks such as the Digital Advertising Alliance (optout.aboutads.info).
4.4 Legal Requirements
We may disclose information if required by law, subpoena, court order, or government request, or to protect our rights, safety, or property.
4.5 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
4.6 Public Rankings (Optional)
If you submit a portfolio to our public rankings feature, the following may be visible to other users and third-party partners:
Your username (or anonymous identifier if you choose)
Portfolio performance metrics
Portfolio allocations and asset weights
Optimization method used
Participation in rankings is optional. By submitting to public rankings, you consent to this data being shared publicly and with our data partners.
5. Data Storage & Security
5.1 Storage Location
Your data is stored on secure servers provided by Railway, located in the United States. Market data is sourced from EODHD and cached in our database.
5.2 Security Measures
We implement industry-standard security measures including:
HTTPS encryption for all data transmission
Secure authentication via Clerk
Database encryption at rest
Regular security updates and monitoring
Access controls and audit logging
5.3 Data Retention
Account Data: Retained while your account is active, deleted within 30 days of account deletion request
Portfolio Data: Retained while your account is active
Agreement Records: Retained indefinitely for legal compliance
Usage Logs: Retained for up to 12 months
Payment Records: Retained as required by tax and accounting regulations
Important: While we implement robust security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
6.1 Access & Portability
You can request a copy of your personal data in a portable format by contacting us.
6.2 Correction
You can update your account information through your account settings or by contacting us.
6.3 Deletion
You can request deletion of your account and associated data. To delete your account, contact us at [email protected]. We will process deletion requests within 30 days. Note: Agreement records may be retained for legal compliance.
6.4 Opt-Out
You can opt out of marketing communications by clicking "unsubscribe" in any email or adjusting your account preferences.
6.5 California Residents (CCPA)
California residents have additional rights under the California Consumer Privacy Act:
Right to know what personal information is collected
Right to delete personal information
Right to opt-out of sale of personal information (we do not sell personal information)
Right to non-discrimination for exercising your rights
6.6 European Users (GDPR)
If you are in the European Economic Area, you have additional rights under GDPR:
Right to access, rectify, or erase your data
Right to restrict or object to processing
Right to data portability
Right to withdraw consent
Right to lodge a complaint with a supervisory authority
Our legal basis for processing is: contract performance (to provide the Service), legitimate interests (analytics, security), and consent (marketing communications).
Mobile device settings: iOS and Android have advertising ID controls
Note: Disabling essential cookies may affect Service functionality. Disabling advertising cookies will not remove ads but will make them less relevant to you.
7.4 Do Not Track
We currently do not respond to Do Not Track browser signals, as there is no industry standard for compliance.
8. Third-Party Services
Our Service integrates with third-party services that have their own privacy policies:
We encourage you to review their privacy policies. We are not responsible for the privacy practices of third-party services.
9. Children's Privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 18, we will delete it promptly. If you believe a child has provided us with personal information, please contact us.
10. International Users
The Service is operated in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.
By using the Service, you consent to the transfer of your information to the United States and the processing of your information in accordance with this Privacy Policy.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
Posting the updated policy on the Service
Updating the "Effective Date" at the top
Sending email notification for significant changes (if you have an account)
We encourage you to review this Privacy Policy periodically. Continued use of the Service after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: