Privacy Policy

Last updated: March 2026

1. What we collect

When you create an account: email address, name, and password (hashed — we never store your plaintext password). When you use the app: the stocks you analyse, trading mode selections, signal history, and watchlist tickers. We collect this to power the OutcomeTracker and improve signal accuracy over time. Automatically: IP address, browser type, and usage events (pages visited, signals generated). We use Plausible Analytics — a privacy-friendly, cookie-free analytics tool. No personal data is sent to Plausible.

2. How we use your data

We use your data to: - Provide the Riprop service (signal generation, history, watchlist) - Track signal outcomes and improve our AI models - Send transactional emails (welcome, subscription receipts) - Monitor platform health and prevent abuse We do not sell your personal data to third parties. We do not use your data for ad targeting.

3. Data storage

Your account and signal data is stored in Supabase (PostgreSQL), hosted on AWS infrastructure. Signal history is retained for 12 months. Backups are retained for 30 days. We use Upstash Redis for short-lived cache data (market snapshots, signal results). Cache entries expire within minutes and contain no personal data.

4. Third-party services

We share minimal data with the following third-party services to operate Riprop: - Groq: Your trading prompts are sent to Groq's API to generate AI reasoning. Groq's privacy policy applies. - Razorpay / Stripe: Payment processing. We share your email and subscription details. We do not store card numbers. - Resend: Transactional email delivery. We share your email address. - Sentry: Error monitoring. Sentry may capture anonymised stack traces to help us fix bugs.

5. Your rights

You have the right to: - Access the personal data we hold about you - Correct inaccurate data - Delete your account and associated data - Export your signal history To exercise any of these rights, email privacy@riprop.ai. We will respond within 14 days.

6. Security

Passwords are hashed with bcrypt. All data in transit is encrypted via TLS. Database connections use SSL. We run regular dependency audits and apply security patches promptly. If you discover a security vulnerability, please report it to security@riprop.ai before public disclosure.

7. Cookies

Riprop does not use tracking cookies. We use localStorage in your browser to store your conversation history and watchlist locally — this data never leaves your device. Our analytics provider (Plausible) is cookie-free.

8. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email. The date at the top of this page reflects the most recent revision.

9. Contact

For privacy questions, email privacy@riprop.ai.