Launch Foundation

Privacy Policy

What Alphrex collects, why it is collected, and where third parties such as Stripe or optional Umami analytics fit into the current product workflow.

Operational draft for launch readiness. Aligns with current product behavior but should still receive human legal review before a broader commercial launch.

Section 01

Data Alphrex stores

  • Account data: username, email address, hashed password, verification timestamps, and plan state.
  • Research workspace data: saved backtests, paper tracking, portfolios, watchlists, public share links, and other user-scoped artifacts created inside the product.
  • Billing linkage: Stripe customer, subscription, price, and billing-period identifiers needed to keep plan state synchronized.
  • Operational contact data: support requests, category, message content, and the reply address you provide.
Section 02

Why Alphrex uses the data

  • Authenticate accounts, verify email ownership, recover access, and keep the workspace secure.
  • Render user-specific research history, saved artifacts, and publication links inside the product.
  • Synchronize Free vs Pro access with Stripe billing events and billing-portal actions.
  • Diagnose product issues, review support requests, and understand broad product usage through optional analytics when Umami is enabled.
Section 03

Third parties and public artifacts

  • Stripe processes checkout, invoices, card updates, and cancellation events. Alphrex does not store raw payment-card details.
  • If Umami is enabled on this deployment, Alphrex uses it for lightweight product analytics and funnel measurement on public and logged-in pages.
  • Public share links intentionally expose the saved artifact behind that link. Do not publish a result if you do not want that artifact viewed publicly.
  • Alphrex does not provide broker connectivity or live trading, so it does not request brokerage credentials or execution permissions.
Section 04

Retention and requests

  • User-created research artifacts remain tied to the account until removed or the account is deleted through an internal support workflow.
  • Password reset and email verification tokens are time-limited and are not meant to be durable records.
  • If you need a privacy, correction, or deletion request reviewed, use the support page so the request can be matched to the correct account.
Related pages
Support Terms Billing policy