Privacy Policy
Last updated: May 12, 2026
This Privacy Policy describes how diviStock collects, uses, and protects your personal information. It applies to all users of the Service.
1. Information We Collect
1.1 Information you provide
- Email address — required to receive alerts and to authenticate via magic link.
- Payment information — handled exclusively by our payment processor, Stripe. We never see, collect, or store full credit-card numbers. We receive limited billing metadata from Stripe (last 4 digits, card brand, billing country) for support purposes.
- Contact-form messages — when you submit our contact form, we receive the name, email address, and message you provide.
1.2 Information we collect automatically
- Push notification subscription tokens — if you opt in to push notifications, your browser provides us with a push endpoint and cryptographic keys.
- Server logs — like all websites, our servers automatically log IP addresses, timestamps, and request paths for security and debugging.
- Cookies — we use a single session cookie to keep you logged in. We do not use third-party tracking, analytics, or advertising cookies.
2. How We Use Your Information
- To deliver the Service, including sending alerts, magic-link sign-in emails, and account notifications;
- To process payments and manage subscriptions;
- To respond to support inquiries;
- To detect and prevent fraud and abuse;
- To comply with legal obligations.
We do not sell your data. We do not share your data with advertisers. We do not use your data to train machine-learning models.
3. Service Providers
We use the following third-party service providers, each subject to their own privacy policies:
- Stripe — payment processing. stripe.com/privacy
- Resend — transactional email delivery. resend.com/legal/privacy-policy
- Railway — application hosting.
- Cloudflare — DNS, edge caching, security.
- cron-job.org — scheduled task execution.
4. Data Retention
We retain account data for as long as your subscription is active and for a reasonable period thereafter to handle support requests, comply with legal obligations, and resolve disputes. You may request deletion of your account and associated data at any time by emailing [email protected].
5. Your Rights
Depending on your jurisdiction, you may have rights including:
- Right to access the personal information we hold about you;
- Right to request correction of inaccurate information;
- Right to request deletion of your information;
- Right to withdraw consent at any time;
- Right to file a complaint with the Office of the Privacy Commissioner of Canada or your local data-protection authority.
To exercise any of these rights, contact [email protected].
6. Security
We use commercially reasonable security measures to protect your data, including HTTPS for all connections, encrypted credentials, and limited access controls. No system is perfectly secure; we cannot guarantee absolute security.
7. International Transfers
Our servers and service providers are located in Canada and the United States. By using the Service you consent to the transfer of your information to these jurisdictions.
8. Children
The Service is not directed to anyone under 18. We do not knowingly collect data from children. If you believe we have inadvertently collected data from a child, contact us and we will delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced by email and through a notice on this page.
10. Contact
Questions or requests about this Privacy Policy: [email protected].