This Privacy Policy explains how [ENTITY NAME], registered with the Dutch Chamber of Commerce (KVK) under number [KVK NUMBER], with its registered office at [ADDRESS], the Netherlands ("we", "us", "our") collects, uses, and protects your personal data when you use the STOq Terminal platform ("Service").
We are committed to protecting your privacy in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection legislation.
[ENTITY NAME] is the data controller responsible for processing your personal data. For any questions regarding your data, please contact:
Email: privacy@stoqterminal.com
Address: [ADDRESS], the Netherlands
We collect and process the following categories of personal data:
| Data Category | Data Collected | Purpose | Legal Basis |
|---|---|---|---|
| Account Data | Username, email address | Account creation and authentication | Contract performance (Art. 6(1)(b) GDPR) |
| Authentication Data | Password (stored as cryptographic hash only) | Secure account access | Contract performance (Art. 6(1)(b) GDPR) |
| Portfolio Data | Portfolio positions (tickers, quantities, weights) | Providing risk analytics and portfolio analysis | Contract performance (Art. 6(1)(b) GDPR) |
| Analysis Cache | Cached analysis results | Performance optimization and faster loading | Legitimate interest (Art. 6(1)(f) GDPR) |
| Session Data | Session cookies | Maintaining authenticated sessions | Contract performance (Art. 6(1)(b) GDPR) |
We do not collect or store:
We process your personal data for the following purposes:
We use Stripe, Inc. as our payment processor. When you subscribe to the Service, Stripe processes your payment data directly. We do not have access to your full payment card details. Stripe acts as an independent data controller for payment data. Please review Stripe's privacy policy at stripe.com/privacy.
Data shared with Stripe includes your email address and subscription details, as necessary to process payments and manage your subscription.
The Service is hosted on infrastructure that may process your data as part of providing hosting services. All hosting providers are bound by data processing agreements in accordance with GDPR requirements.
We retain your personal data according to the following schedule:
You may request earlier deletion of your data at any time (see Section 7).
We implement appropriate technical and organizational measures to protect your personal data, including:
As a data subject, you have the following rights under the GDPR:
To exercise any of these rights, please contact us at privacy@stoqterminal.com. We will respond to your request within 30 days.
Your data may be transferred to and processed in countries outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission or adequacy decisions.
The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):
Autoriteit Persoonsgegevens
https://autoriteitpersoonsgegevens.nl
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice within the Service. The "Last updated" date at the top of this policy indicates when it was last revised.
For any questions or requests regarding this Privacy Policy or your personal data, please contact:
[ENTITY NAME]
[ADDRESS]
KVK: [KVK NUMBER]
Email: privacy@stoqterminal.com