Privacy Policy

Last Updated: December 9, 2025

Guardfolio ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered portfolio risk monitoring service and platform.

1. Information We Collect

1.1 Personal Information

When you register for Guardfolio, we may collect:

• Name and email address
• Payment information (processed securely through Stripe)
• Portfolio connection credentials (via secure third-party integrations)
• Account preferences and alert settings
• Risk tolerance and investment goals (optional)

1.2 Usage Data

We automatically collect certain information when you use our service:

• IP address and device information
• Browser type and operating system
• Pages visited and features used
• Portfolio monitoring interaction data (alerts viewed, analysis requested)
• Performance analytics and error logs

1.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to enhance your experience, analyze usage patterns, and deliver personalized content. You can control cookie preferences through your browser settings.

1.4 Sensitive Data

We do not actively request sensitive personal information such as racial or ethnic origin, political opinions, religion, trade union membership, sexual orientation, health information, or biometric data. If we require such information for legitimate purposes, we will obtain your explicit consent first and handle it with enhanced security measures.

2. How We Collect Personal Information

We collect your information through various methods:

• Direct Submission: When you register, create an account, or complete forms on our platform
• Website Usage: Automatically when you visit our website or use our services (IP address, cookies, browser data)
• Third-Party Integrations: From Plaid and SnapTrade when you authorize portfolio connections
• Analytics Services: From Google Analytics and similar tools that track your interactions
• Publicly Available Sources: Information available through public records or social media

3. How We Use Your Information

We use the collected information to:

• Monitor your portfolio and deliver real-time risk alerts
• Process payments and manage subscriptions
• Improve our AI algorithms and risk analysis quality
• Send portfolio health updates, security alerts, and administrative messages
• Analyze usage patterns to enhance user experience
• Detect and prevent fraud or unauthorized access
• Comply with legal obligations and enforce our Terms of Service

3.1 Purpose & Legal Basis

Our processing of your data is based on one or more of the following legal grounds:

• Contract Performance: To provide services you've requested and manage your account
• Legitimate Interests: To improve our service, prevent fraud, and analyze usage
• Legal Compliance: To meet tax, regulatory, and legal obligations
• Your Consent: For marketing communications and optional features (you can withdraw at any time)

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We share your information with trusted third parties who assist in operating our service. These include:

• Payment Processors: Stripe (for payment processing and fraud detection)
• Portfolio Integration Services: Plaid and SnapTrade (for secure portfolio connection)
• Analytics Services: Google Analytics (for usage analysis and insights)
• Cloud Infrastructure: AWS, Cloudflare (for hosting, storage, and security)
• Email Services: SendGrid, Mailgun (for alerts and notifications)
• Customer Support: Intercom (for support tickets and communication)
• Monitoring & Analytics: Sentry, Datadog (for error tracking and performance)

4.2 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. User-Generated Content

If our platform enables you to post reviews, comments, or other content, please note:

• Any content you submit may be accessible to other users
• We are not responsible for how others use or misuse publicly posted content
• Consider not sharing sensitive financial information in public comments

6. Cookies and Analytics

We use cookies and similar technologies to enhance your experience and analyze usage:

• Cookies: Text files stored in your browser to remember preferences and login information
• Web Beacons: Invisible pixels used to track page views and user behavior
• Google Analytics: Tracks usage patterns and helps us understand how you interact with our platform

6.1 Opting Out of Tracking

You can control cookies through your browser settings. To opt out of Google Analytics:

• Install the Google Analytics Opt-out Browser Add-on
• Visit Google's Ad Settings to control personalized ads

7. Links to Other Websites

Our website may contain links to third-party websites. We do not control or endorse these external sites and are not responsible for their content, privacy practices, or security. We recommend reviewing their privacy policies before interacting with them.

8. Data Security

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit (SSL/TLS)
• Encrypted storage of sensitive data
• Regular security audits and vulnerability assessments
• Access controls and authentication mechanisms
• Secure API integrations with third-party services

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

9. Your Rights and Choices

5.1 Account Access and Updates

You can access and update your account information through your dashboard settings.

5.2 Data Portability

You have the right to request a copy of your personal data in a machine-readable format.

5.3 Data Deletion

You may request deletion of your account and personal data by contacting us at [email protected]. Some information may be retained for legal or operational purposes.

5.4 Marketing Communications

You can opt out of promotional emails by clicking the unsubscribe link in any marketing message.

5.5 Cookie Preferences

You can manage cookie settings through your browser or our cookie preference center.

10. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. After account closure, we may retain certain data for:

• Legal compliance (e.g., tax records, fraud prevention)
• Dispute resolution and enforcement of agreements
• Aggregated analytics (anonymized data)

11. Overseas Disclosure & International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States and other jurisdictions. We ensure appropriate safeguards are in place to protect your data in compliance with applicable laws including GDPR and local privacy regulations.

12. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

13. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell personal data)
• Right to non-discrimination for exercising privacy rights

To exercise these rights, contact us at [email protected].

14. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

To exercise these rights, contact us at [email protected].

15. Amendments to Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Sending you an email notification
• Posting a prominent notice on our website
• Requiring your consent where legally required

Your continued use of the service after changes become effective constitutes acceptance of the updated policy.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our platform. Your continued use of the service after changes become effective constitutes acceptance of the updated policy.

17. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: [email protected]
• Support: [email protected]
• Website: Guardfolio