Privacy Policy

1. Overview

This Privacy Policy explains how stokr collects, uses, stores, and shares information when you access or use our website, stock research tools, AI-generated reports, watchlists, dashboard features, subscription services, and related functionality.

stokr is an informational stock research platform. stokr does not provide financial advice, investment advice, trading advice, tax advice, legal advice, brokerage services, investment advisory services, personalized recommendations, or fiduciary services.

2. Information We Collect

We may collect the following categories of information:

• Account information: username, email address, account identifier, account status, accepted Terms of Service status, accepted Terms timestamp, and accepted Terms version.
• Authentication information: login session data and authentication tokens handled through Supabase Auth. stokr does not directly store your plaintext password in the application database.
• Watchlist information: watchlist names, watchlist descriptions, saved stock tickers, watchlist settings, and related account-linked watchlist records.
• Report usage information: tickers requested for AI reports, report usage counts, visitor identifiers, account identifiers when logged in, and timestamps used to enforce free report limits and premium access rules.
• Subscription and billing status: Stripe customer ID, Stripe subscription ID, Stripe price ID, subscription status, subscription renewal period, cancellation status, premium access tier, and premium access timestamps. Payment card details are processed by Stripe and are not directly stored by stokr.
• Stock research data: tickers searched or viewed, generated report access activity, financial metrics, cached market data, cached AI analysis, SEC filing references, and filing comparison data.
• Device, usage, and analytics information: pages viewed, interactions, approximate device/browser information, referring pages, and similar analytics data if analytics tools are enabled.
• Technical information: IP address, request headers, logs, error messages, security events, and other technical data needed to operate, secure, debug, and improve the service.

3. Information Stored Locally on Your Device

stokr may use browser storage, including localStorage, to support site functionality. For example, stokr may store a visitor identifier named stokr_visitor_id to enforce free AI report limits for users who are not logged in.

stokr may also use browser storage, authentication session storage, cookies, or similar technologies through third-party tools such as Supabase, Stripe, Google Analytics, or the browser itself. The site may also register a service worker for progressive web app functionality and offline asset handling.

You can control cookies and local storage through your browser settings. Blocking or deleting storage may affect login, report-limit tracking, analytics, and other site features.

4. How We Use Information

We may use collected information to:

• Create, authenticate, and manage user accounts.
• Provide stock research pages, AI reports, charts, metrics, watchlists, and dashboards.
• Enforce free usage limits, premium access rules, rate limits, and anti-abuse controls.
• Process subscriptions, cancellations, billing portal access, and premium account status through Stripe.
• Generate and cache AI-powered stock analysis based on public company filings and market-related data.
• Retrieve and display public company information, SEC filing data, financial metrics, and market data.
• Maintain, debug, secure, and improve stokr.
• Analyze site usage and performance if analytics tools are enabled.
• Prevent fraud, abuse, unauthorized access, scraping, excessive API usage, and misuse of the service.
• Comply with legal, tax, accounting, security, and operational obligations.

5. AI Processing

stokr uses OpenAI or similar AI service providers to generate stock analysis from public company information, including SEC filing text, ticker symbols, company names, and related financial research inputs.

Based on the current application code, AI report generation is designed around public company data and does not need to send your password, payment card details, or full account profile to the AI provider.

AI-generated content may be inaccurate, incomplete, outdated, or misleading. You should independently verify all financial information before relying on it.

6. Payment Processing

stokr uses Stripe to process subscriptions, checkout sessions, billing portal access, subscription updates, cancellations, and related payment events.

stokr stores Stripe-related identifiers and subscription status information so that premium access can be granted, updated, or removed. stokr does not directly store full payment card numbers, card security codes, or complete banking details.

Your use of Stripe checkout, billing, and payment features is also subject to Stripe’s own terms and privacy practices.

7. Third-Party Services

stokr may use third-party services to operate the platform, process payments, authenticate users, provide market data, generate AI analysis, measure usage, and maintain site performance.

These services may include:

• Supabase for authentication, account data, database storage, access control, and backend records.
• Stripe for checkout, subscription billing, billing portal sessions, payment events, and payment-related records.
• OpenAI for AI-generated stock analysis based on public filing and company data.
• Finnhub and Alpha Vantage for stock quotes, company profile data, chart data, and market data.
• SEC EDGAR for public company filings and related filing information.
• Google Analytics if enabled through the site’s analytics configuration.
• Hosting, infrastructure, logging, security, and deployment providers used to operate the website.

Third-party services may process information according to their own terms, privacy policies, security practices, and legal obligations.

8. How We Share Information

We may share information in the following circumstances:

• Service providers: with vendors that help operate stokr, including hosting, database, authentication, payment, analytics, AI, and market data providers.
• Payment processing: with Stripe to create customer records, process subscriptions, manage billing, and update premium access.
• Security and abuse prevention: when needed to detect, prevent, investigate, or respond to fraud, unauthorized access, scraping, excessive usage, security incidents, or violations of our Terms of Service.
• Legal compliance: when required to comply with law, regulation, subpoena, court order, tax obligations, accounting obligations, or lawful government requests.
• Business transfers: in connection with a merger, acquisition, financing, reorganization, sale of assets, or transfer of all or part of stokr.

stokr does not sell personal information for money. If stokr later uses advertising, affiliate tracking, retargeting, or analytics practices that qualify as a “sale” or “sharing” under applicable privacy laws, this Privacy Policy should be updated and additional opt-out mechanisms may be required.

9. Affiliate Links and Brokerage Offers

stokr may display affiliate links, sponsored links, referral links, brokerage offers, or partner offers. If you click an affiliate or referral link, the destination provider or affiliate network may receive information such as the referring page, link identifier, browser information, approximate device information, and conversion activity.

stokr may receive compensation if you open an account, subscribe, sign up, or complete another qualifying action through certain partner links. Affiliate relationships do not make stokr a broker, investment adviser, financial adviser, or fiduciary.

10. Data Retention

stokr keeps information for as long as reasonably necessary to provide the service, maintain accounts, enforce usage limits, process subscriptions, comply with legal obligations, resolve disputes, prevent abuse, improve the platform, and maintain security.

Specific retention periods may vary depending on the type of information. The current codebase does not define a single universal deletion schedule for all tables, logs, analytics records, billing records, or cached research data.

Cached market data, cached AI analysis, SEC filing analysis, and other non-user-specific research records may remain after an individual account is deleted because those records are used to operate the platform and may not be tied only to one user.

11. Account Deletion

stokr provides an account deletion flow from account settings. Based on the current application code, account deletion removes your profile record, watchlists, watchlist items, and Supabase authentication account.

Account deletion may not immediately remove all information from backups, logs, analytics systems, billing systems, third-party processors, cached non-user-specific research records, fraud-prevention records, or records that must be kept for legal, tax, accounting, dispute-resolution, or security reasons.

If you have an active paid subscription, you should also manage or cancel the subscription through the billing portal before or during account deletion to avoid future billing issues.

12. Security

We use technical and organizational measures intended to protect information, including authentication, authorization, backend access controls, third-party payment processing, and server-side handling of sensitive service-role operations.

No website, application, database, API, hosting provider, or internet transmission is completely secure. We cannot guarantee that unauthorized access, data loss, misuse, service interruption, or security incidents will never occur.

13. Your Choices

Depending on your location and applicable law, you may have the right to request access to personal information, correction of personal information, deletion of personal information, information about how personal information is used or shared, or other privacy rights.

You can also:

• Delete or block cookies and local storage through your browser settings.
• Log out of your account when you are done using stokr.
• Use account settings to manage your account and subscription options.
• Use the billing portal to manage paid subscription status when available.
• Request account deletion through the account settings flow.
• Contact stokr about privacy-related requests using the contact information below.

14. California Privacy Notice

If California privacy law applies to you and to stokr, you may have rights to know what categories of personal information are collected, used, disclosed, sold, or shared; request deletion; request correction; opt out of certain sale or sharing practices; limit certain uses of sensitive personal information; and avoid discrimination for exercising privacy rights.

stokr does not currently sell personal information for money. If stokr later implements advertising, affiliate tracking, retargeting, data sharing, or analytics practices that qualify as a sale or sharing under applicable law, this policy should be updated and the required opt-out methods should be provided.

To make a privacy request, contact stokr using the contact information below. We may need to verify your identity before fulfilling certain requests.

15. Children’s Privacy

stokr is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to stokr, contact us so we can review and take appropriate action.

16. International Users

stokr is operated from the United States. If you access stokr from outside the United States, your information may be processed in the United States or other jurisdictions where our service providers operate. Privacy laws in those jurisdictions may differ from the laws where you live.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised “Last updated” date. Continued use of stokr after the updated policy is posted means you acknowledge the updated policy.

18. Contact

For privacy questions, account deletion questions, or privacy rights requests, contact:

support@stokr.live