Portfolio Pulse
PrivacyTerms
Legal DocumentEffective June 17, 2026·Last updated June 17, 2026

Privacy Policy

Portfolio Pulse is committed to protecting your privacy. This policy explains what personal data we collect, how we use it, who we share it with, and what rights you have under Swiss law.

01

Introduction

Portfolio Pulse is a product operated by Peacock Solutions SARL, a company incorporated under Swiss law and registered at the Swiss Commercial Registry (Registre du commerce vaudois).

This Privacy Policy describes the personal data we collect when you use Portfolio Pulse, how we process it, with whom we share it, and what rights you have — in particular under the revised Swiss Federal Act on Data Protection (nLPD / FADP, in force since September 1, 2023).

This policy is effective as of June 17, 2026 and was last updated on June 17, 2026.

02

Who We Are

The data controller responsible for your personal data is:

Peacock Solutions SARL

EPFL Innovation Park, Building D

1015 Lausanne, Vaud, Switzerland

Registered at the Swiss Commercial Registry (Registre du commerce vaudois)
Data Controller under the nLPD (revised Swiss Federal Act on Data Protection)

03

Data We Collect

We collect the following categories of personal data when you use Portfolio Pulse:

Account Data

  • Email address
  • Name (if provided by you)
  • Password — hashed using an industry-standard algorithm; never stored in plain text

Portfolio Data

  • Asset names and ticker symbols entered by you
  • Quantities, purchase prices, and transaction dates

Usage Data

  • Pages visited and features used
  • Session duration and browser type
  • IP address (collected via PostHog analytics)

Payment Data

  • Subscription plan (Free or Pro) and payment status
  • Payment card details are processed exclusively by Stripe and are never stored on our servers

AI Interaction Data

  • Number of AI insight requests made
  • Rate-limit counters stored in Redis — not personally identifiable beyond aggregate usage counts

Technical Data

  • Error logs collected via Sentry for debugging purposes
  • Performance metrics used to improve platform reliability
04

How We Use Your Data

We use your personal data solely to operate and improve Portfolio Pulse. Specifically:

  • To provide and operate the Portfolio Pulse service
  • To personalize your dashboard with your portfolio holdings
  • To enforce subscription-based rate limits (Free vs. Pro plans)
  • To send transactional emails (account confirmation, password reset) via Resend
  • To improve the platform through aggregated, anonymized analytics
  • To detect and prevent fraud or abuse

Our Data Commitment

We do NOT sell, rent, or share your personal data with any third party for commercial purposes. All data is used exclusively for operating and improving Portfolio Pulse.

05

Third-Party Services We Use

We work with the following sub-processors who may receive or process your data in order to deliver the Portfolio Pulse service. All processors are contractually bound to handle data appropriately and are not permitted to use it for their own marketing or commercial purposes.

SupabaseDatabase

Stores account and portfolio data; EU-compliant infrastructure operating under Standard Contractual Clauses.

VercelHosting

Processes request logs and IP addresses as part of serving the application.

StripePayments

Processes payment information; PCI-DSS compliant. Payment card details are handled exclusively by Stripe and never stored on our servers.

PostHogAnalytics

Receives anonymized usage events such as page views and feature interactions.

SentryError tracking

Receives anonymized error reports and stack traces to help us diagnose and fix bugs.

ResendEmail

Receives your email address to deliver transactional emails such as account confirmation and password reset.

OpenAIAI insights

Receives anonymized portfolio context (asset names and ticker symbols only — no personal identity) to generate analytical insights. OpenAI's data usage policies apply.

Upstash RedisCaching

Temporarily caches rate-limit counters and market data. Data auto-expires and is not personally identifiable.

06

Data Retention

We retain your personal data only for as long as necessary for the purposes described in this policy:

Account data (active)Retained while account is active
Account data (after deletion)Deleted within 30 days
Portfolio dataDeleted immediately on request
Analytics dataAnonymized after 12 months
AI rate-limit countersAuto-expire (daily / monthly)
Payment records10 years (Swiss accounting law)
07

Your Rights Under Swiss Law (nLPD)

Under the revised Swiss Federal Act on Data Protection (nLPD), you have the following rights with respect to your personal data:

Right of Access

Request a copy of all personal data we hold about you.

Right of Rectification

Ask us to correct inaccurate or incomplete data.

Right of Deletion

Request erasure of your personal data ("right to be forgotten").

Restriction of Processing

Request that we limit how we use your data in certain circumstances.

Data Portability

Export your portfolio data in a machine-readable format.

Right to Object

Object to certain types of data processing.

Withdraw Consent

Withdraw previously given consent at any time without affecting prior processing.

To exercise any of these rights, email us at privacy@portfoliopulse.ch or visit your account settings page. We will respond within 30 days.

08

Cookies & Tracking

  • Session cookies for authentication — these are essential and cannot be opted out without losing your login state.
  • Analytics cookies via PostHog — you can opt out via your browser settings or our cookie preference centre.
  • We do not use advertising, retargeting, or cross-site tracking cookies of any kind.
09

Security

  • All data is encrypted at rest and in transit using TLS 1.2 or higher.
  • Passwords are hashed using industry-standard algorithms (bcrypt / Argon2). We never store credentials in plain text.
  • We conduct regular security reviews and code audits.
  • In the event of a personal data breach, we will notify affected users within 72 hours as required by the nLPD.
10

International Data Transfers

The majority of your personal data is processed within Switzerland or the European Economic Area (EEA). Some third-party services — notably OpenAI — may process data on servers located in the United States or other countries outside Switzerland and the EEA.

When data is transferred outside Switzerland or the EEA, we ensure protection through:

  • Standard Contractual Clauses (SCCs) approved by the relevant data protection authorities.
  • Data minimization: we send only asset names and ticker symbols to OpenAI — no personal identifiers such as your email or name.
  • Adequacy decisions by the Swiss Federal Council where applicable.
11

Children's Privacy

Portfolio Pulse is not directed at persons under 18 years of age. We do not knowingly collect personal data from minors. If you believe that a minor has provided us with personal data, please contact us at privacy@portfoliopulse.ch and we will promptly delete such data.

12

Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you by email or through an in-app notice at least 30 days before the change takes effect. Continued use of Portfolio Pulse after receiving notice of a material change constitutes your acceptance of the updated policy.

The "Last Updated" date at the top of this page reflects the most recent revision. We encourage you to review this policy periodically.

13

Contact

For any questions, requests, or concerns regarding your personal data and privacy, please contact us:

Peacock Solutions SARL — Data Protection

EPFL Innovation Park, Building D

1015 Lausanne, Vaud, Switzerland

Email: privacy@portfoliopulse.ch