Back to home

Privacy Policy

Effective: May 2026

1. Who We Are

Equity Spotlight is operated by Proofbox GmbH, Germany ("we," "us," "our"). As the controller of your personal data under the EU General Data Protection Regulation (GDPR), we determine how your information is collected, used, and protected.

For privacy inquiries: privacy@equity-spotlight.com

2. Data We Collect

We collect the following information when you use our service:

  • Email address — required for account creation and sign-in.
  • Subscription configuration — exchanges, price categories, and delivery channel preferences.
  • Delivery channel identifiers — your Telegram chat ID or WhatsApp phone number, if you connect a channel.
  • Usage and technical data — pages visited, browser type, and IP address for security purposes.
  • Payment data — handled entirely by Stripe, Inc. We do not store card details.

3. How We Use Your Data

We use your data to:

  • Provide and operate the Equity Spotlight service.
  • Deliver weekly Spotlight content to your linked Telegram or WhatsApp.
  • Process your subscription and billing via Stripe.
  • Send transactional emails (sign-in links, account notifications).
  • Improve and secure the platform.

4. Legal Basis for Processing

We process your data under the following GDPR legal bases:

Contract performance (Art. 6(1)(b) GDPR): processing your email, subscription configuration, and delivery channel data is necessary to provide the service.

Legitimate interests (Art. 6(1)(f) GDPR): processing usage data to maintain security and improve the service.

Legal obligation (Art. 6(1)(c) GDPR): retaining billing records as required by German commercial and tax law.

5. Third-Party Service Providers

We share data with the following providers solely to operate our service:

  • Supabase, Inc. (USA) — authentication and database hosting.
  • Stripe, Inc. (USA) — subscription billing and payment processing.
  • Telegram Messenger Inc. / Meta Platforms, Inc. — delivery of Spotlights if you connect a channel.
  • Anthropic, PBC (USA) — AI-powered educational content generation using anonymized stock data only.
  • Amazon Web Services, Inc. (USA) — server infrastructure.
  • Vercel, Inc. (USA) — website hosting.

6. International Data Transfers

Some service providers are located in the United States. We transfer data to them under appropriate safeguards, including Standard Contractual Clauses approved by the European Commission and, where applicable, the EU-US Data Privacy Framework.

7. Data Retention

Account and subscription data is retained for the duration of your account and deleted within 30 days after closure, unless a longer period is required by law.

Billing and transaction records are retained for 10 years under German commercial law (§ 238 HGB).

Delivery channel identifiers are deleted immediately upon disconnection or account closure.

8. Your Rights

Under the GDPR, you have the following rights:

  • Right of access — request a copy of your data.
  • Right to rectification — correct inaccurate data.
  • Right to erasure — request deletion of your data ("right to be forgotten").
  • Right to restriction — limit how we process your data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to processing based on legitimate interests.
  • Right to lodge a complaint — with the relevant supervisory authority in your EU member state.

9. Cookies

We use only technically necessary cookies and local storage for authentication session management. No advertising, tracking, or analytics cookies are used.

10. Changes to This Policy

We may update this policy from time to time and will notify you of material changes via email. The current version is always available at equity-spotlight.com/privacy.

11. Contact

Proofbox GmbH · privacy@equity-spotlight.com