← Back to home

Privacy Policy

Last updated: February 7, 2026

The Ledger Terminal (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and Portuguese data protection law. This Privacy Policy explains how we collect, use, and protect your information when you use our stock research platform.

Data Controller

The Ledger Terminal, based in Portugal, is the data controller responsible for your personal data. For data protection inquiries, contact us at privacy@theledgerterminal.com

1. Information We Collect

Information You Provide

  • Account Information: Email address and password when you create an account
  • Profile Information: Name (if provided via Google sign-in)
  • Payment Information: Billing details processed securely through Stripe (we do not store credit card numbers)
  • User Content: Watchlists you create and stocks you save

Information Collected Automatically

  • Usage Data: Pages viewed, stocks researched, features used, lookup counts
  • Device Information: Browser type, operating system, device type
  • Log Data: IP address, access times, referring URLs
  • Cookies: Session cookies for authentication and preferences

2. How We Use Your Information (Legal Basis)

Under GDPR, we process your data based on the following legal grounds:

  • Contract Performance: Provide, maintain, and improve the Service; process subscriptions and payments; enforce usage limits
  • Legitimate Interests: Analyze usage patterns to improve features; prevent fraud and abuse; send transactional emails
  • Legal Obligation: Comply with applicable laws and regulations
  • Consent: Send marketing communications (only if you opt in)

3. Information Sharing

We do not sell your personal information. We share data only with:

  • Service Providers: Third parties that help us operate the Service:
    • Supabase (authentication and database)
    • Stripe (payment processing)
    • Vercel (hosting and analytics)
    • Resend (transactional emails)
    • Upstash (caching)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

4. Data Retention

We retain your account information for as long as your account is active. Usage logs are retained for up to 90 days. You may request deletion of your account and associated data at any time through your account settings or by contacting us.

5. Data Security

We implement industry-standard security measures including:

  • HTTPS encryption for all data transmission
  • Secure password hashing
  • Access controls and authentication
  • Regular security reviews

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Your Rights Under GDPR

Under the GDPR, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (“right to be forgotten”)
  • Right to Restriction: Request limitation of processing in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at privacy@theledgerterminal.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Portuguese Data Protection Authority (CNPD) at www.cnpd.pt or your local supervisory authority.

7. Cookies

We use cookies for:

  • Essential Cookies: Required for authentication and security
  • Preference Cookies: Remember your settings (e.g., theme, watchlists)
  • Analytics Cookies: Understand how users interact with the Service (Vercel Analytics and Vercel Speed Insights). These cookies are only loaded after you provide consent via the cookie banner displayed on your first visit.

When you first visit the Service, a cookie consent banner will ask for your permission before any analytics cookies are set. You can accept or decline analytics cookies at any time. To change your preference after your initial choice, clear the ledger-terminal-cookie-consent entry from your browser's local storage and refresh the page.

Disabling essential cookies through your browser settings may affect Service functionality.

8. Third-Party Links

The Service may contain links to third-party websites (e.g., company investor relations pages). We are not responsible for the privacy practices of these external sites.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

10. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA), including in the United States. When we transfer your data outside the EEA, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Transfers to countries with adequacy decisions
  • Binding corporate rules where applicable

You can request more information about these safeguards by contacting us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or Service notification. Your continued use after changes constitutes acceptance.

12. Contact Us

For questions about this Privacy Policy or your data, contact us at:

Email: privacy@theledgerterminal.com

Terms of Service·Home