Introduction

This Privacy Policy describes how ARDOR 0608 OOD ("we," "our," or "us") collects, uses, and protects your personal information when you use our AI-powered stock analysis SaaS service available at alphai.io (the "Service").

Data Controller

ARDOR 0608 OOD acts as the data controller for the personal data processed through our Service, in accordance with the General Data Protection Regulation (GDPR) and applicable Bulgarian data protection laws.

Information We Collect

Personal Information

When you register for our Service, we collect:

• Email address: (required for account creation and communication)
• Full name: (collected during registration)
• Profile avatar: (if provided through Google authentication or uploaded by you)
• Password: (encrypted and stored securely if you register directly)

Authentication Data

• Google OAuth data: (if you choose to sign in with Google): We receive your Google profile information including name, email, and profile picture
• Login credentials: (for direct registration): Username/email and encrypted password

Technical Information

• IP address and location data
• Browser type and version
• Device information
• Usage patterns and interaction data with our Service
• Log files and error reports

Payment Information

Payment processing is handled by Stripe. We do not store your credit card information. Stripe may collect and process payment-related data according to their privacy policy.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract performance: To provide our AI stock analysis service
• Legitimate interests: To improve our Service, ensure security, and communicate about service updates
• Consent: For marketing communications (where required)
• Legal obligations: To comply with applicable laws and regulations

How We Use Your Information

We use your personal information to:

Service Provision

• Create and manage your user account
• Provide AI-powered stock analysis services
• Process your subscription and payments
• Authenticate your access to the Service

Communication

• Send service-related notifications
• Respond to your inquiries and support requests
• Provide important updates about our Service
• Send marketing communications (with your consent)

Service Improvement

• Analyze usage patterns to improve our Service
• Develop new features and functionality
• Ensure technical functionality and security

Legal and Security

• Comply with legal obligations
• Protect against fraud and abuse
• Enforce our Terms of Service

Data Sources and Third-Party Services

Financial Data Sources

Our AI stock analysis service utilizes financial market data provided by Alpha Vantage Inc. under a commercial data agreement. This includes:

• Real-time and historical stock prices
• Market indicators and financial metrics
• Company fundamental data

Data Processing

When you use our Service:

• Your usage patterns and analysis requests may be logged for service improvement
• We do not share your personal trading decisions or portfolio information with Alpha Vantage
• Alpha Vantage does not have access to your personal account information

Data Sharing and Third Parties

Service Providers

We share your data with trusted third-party service providers:

• Stripe: Payment processing (subject to Stripe's privacy policy)
• Google: Authentication services (if you use Google sign-in)
• Cloud hosting providers: For secure data storage and service delivery
• Analytics providers: For service improvement and usage analysis

Legal Requirements

We may disclose your information when required by law, legal process, or to protect our rights and the safety of our users.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

International Data Transfers

Your data may be processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards as required by GDPR

Data Retention

We retain your personal data for as long as necessary to provide our Service and fulfill the purposes outlined in this policy:

• Account data: Retained while your account is active and for 3 years after account deletion
• Payment data: Retained as required by financial regulations (typically 7 years)
• Technical logs: Retained for 12 months for security and service improvement purposes
• Marketing data: Retained until you withdraw consent or for 3 years of inactivity

Your Rights Under GDPR

You have the following rights regarding your personal data:

How to Exercise Your Rights

To exercise any of your rights, please contact us at:

We will respond to your request within 30 days as required by GDPR.

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: Data is encrypted in transit and at rest
• Access controls: Limited access to personal data on a need-to-know basis
• Regular security assessments: Ongoing monitoring and security updates
• Secure authentication: Multi-factor authentication options
• Data breach procedures: Established incident response procedures

Minors

Our Service is not intended for individuals under 16 years of age. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will delete it promptly.

Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by:

• Posting the updated policy on our website
• Sending an email notification to registered users
• Displaying a prominent notice on our Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

Contact Information

For questions about this Privacy Policy or our data practices, please contact us: