Skip to main content
← Back to home

Privacy Policy

Last updated: 29 April 2026

1. Who we are

Portfolio Intelligence (“we”, “us”, the “Service”) is a UK-operated stock-analytics tool accessible at portfolio-intelligence.co.uk. You can reach us at portfoliointelligenceuk@gmail.com for any privacy enquiry.

2. What we collect

  • Account data: email address, hashed password (bcrypt — we never see your plaintext password), display name, and timestamps for sign-up, last login, and email verification.
  • Portfolio data: the tickers you add, optional cost prices, optional notes (capped at 100 characters per ticker), and any bank-statement uploads you choose to import.
  • Operational metadata: request logs (IP address, route, status code, latency) used for debugging and abuse detection.
  • Captcha tokens: Cloudflare Turnstile issues a one-time anti-bot token on sign-in / sign-up / password-reset forms; we forward it to Cloudflare for verification and discard it after.

3. What we do NOT do

  • We do not sell your data.
  • We do not share your portfolio holdings with advertisers.
  • We do not run third-party analytics or ad-network trackers.
  • We do not connect to your brokerage account directly. CSV / bank-statement import is opt-in and processed on our servers without forwarding to any third party.

4. Sub-processors

We rely on the following providers to operate the Service. Each one only sees the minimum data required for its job. If you object to any of them, please email us — but the Service may not be usable without them.

ProviderPurposeData they see
VercelApp hosting + CDNRequest metadata, IP
Neon (PostgreSQL)Primary databaseAccount + portfolio rows
Upstash RedisCaching layerCached price snapshots only
ResendTransactional email (verification, password reset, contact form)Email address + message body
Cloudflare TurnstileBot / abuse protectionAnti-bot token + IP
Polygon.io / Yahoo Finance / FinnhubMarket-data sourcesTicker symbols only — never your account or portfolio

5. How long we keep your data

Account and portfolio data is kept for as long as your account is active. If you delete your account, the related rows are removed from our database within 30 days. Encrypted backups can persist for up to 90 days before they roll off Neon’s standard backup window. Operational logs (request metadata) are retained by Vercel for up to 30 days.

6. Security

  • All connections to the Service are encrypted in transit (TLS 1.2+).
  • Passwords are stored as bcrypt hashes — they cannot be reversed to plaintext.
  • Failed-login lockout, password rotation, and email verification are enforced (PICU-844 / PICU-846 / PICU-673).
  • API keys and secrets are stored in Vercel environment variables, never in source code.
  • We are a small operation, not a bank. We will never claim “bank-level” security as a marketing term — we describe what we actually do above. If you handle high-stakes holdings, treat this Service as one analysis tool among many and do not store information you would not be comfortable with appearing on a small private SaaS.

7. Your rights (UK GDPR / EU GDPR)

You can request a copy of the personal data we hold about you, ask us to correct inaccuracies, or ask us to delete your account. Send any of these requests from the email associated with your account to portfoliointelligenceuk@gmail.com and we will respond within 30 days.

You can also raise a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk.

8. Cookies

We use a single first-party cookie for your authenticated session (NextAuth). We do not set advertising or analytics cookies. If you sign out, the cookie is cleared.

9. Changes to this policy

We’ll update the “Last updated” date at the top of this page when material changes are made. For substantive changes (new sub-processors, expanded data collection), we’ll notify registered users by email.

10. Not legal advice

This policy describes our current practices in plain English. It does not replace formal legal advice. The Service is a stock-analytics tool — nothing here, on the dashboard, or in the analysis output is investment, financial, or tax advice. See our Terms of Service for the full disclaimer.