legal

Privacy policy

Effective May 13, 2026 · Questions? Contact us

Market Chat is operated by Venita SL, a company registered in Spain. Venita SL is the data controller for the purposes of GDPR.

Plain English first.We collect what we need to run Market Chat — your account, your chats, your watchlist — and a few signals (tracked X handles, cost-meter telemetry) so the product works. We don't sell your data. This page tells you what's stored, why, and how to delete it.

Summary

  • Account. Email + name + hashed password from Better Auth.
  • Chats. Your message threads, including any inline tool outputs (quotes, news, tweets, sentiment), live in our database so you can refresh and resume.
  • Product data. Watchlist, tracked X handles, price alerts, MCP server connections, notification preferences.
  • Telemetry. Per-API-call cost meter for every external request your usage triggers (provider, endpoint, tokens, cost, latency, success/failure). No request body is stored.
  • Billing. Stripe holds payment info — we keep a Stripe customer ID + subscription state.

What we collect

We hold the following data tied to your account:

  • Account identity (email, display name, password hash).
  • Session + device metadata (IP address, user agent) — required for authentication.
  • Chat threads, messages, and the parts that compose them (text, tool-invocation records, inline result snapshots).
  • Watchlist tickers, tracked X handles, MCP server connections (URL + bearer token), price alerts.
  • Per-call cost meter rows: provider, endpoint, tokens in/out, USD cost, latency, success/failure, timestamp.
  • Subscription state from Stripe + override audit log.
  • Timezone string used to anchor your daily limits.

How we use it

  • Provide the chat product (route requests, persist threads, gate by tier).
  • Compute usage counters so you stay within your plan.
  • Run cron jobs that refresh quotes, scan discovery, score sentiment, deliver email digests + price alerts.
  • Track cost of external API calls so we can warn admins of breaches and block runaway spend.
  • Support — admins/support can look up your account by email.

Third parties

Market Chat relies on a small set of vendors. Each holds only what it needs:

  • Supabase Postgres — primary database (your account, chats, billing state, telemetry).
  • Upstash Redis — short-lived caching of quotes, news, tweets, sentiment payloads.
  • Better Auth — session + auth implementation, runs on our database.
  • Stripe — billing + payment processing. We send your email + the products you select. Card data lives only in Stripe.
  • Resend — transactional email (welcome, invites, discovery digest, price alerts).
  • Vercel — application hosting + cron triggers.
  • LLM providers— Groq, Cerebras, Google (Gemini), Anthropic. Your chat content + tool inputs reach whichever provider handles a given request. We don't store prompts at those providers beyond their respective data-retention policies (see each provider's terms).
  • SerpAPI — Google Finance + News scraping.
  • Apify — Twitter/X scraping for tweets + sentiment + discovery.

Retention

  • Account data: kept until you delete your account.
  • Chat history: kept until you delete a thread or your account. Deleted threads are removed immediately.
  • Cache rows (quotes, news, tweets, sentiment): retained for at most a few hours; rolled over by cron.
  • Cost-meter rows: kept indefinitely for billing reconciliation & abuse analysis, never sold.
  • Audit log of admin actions: kept indefinitely for accountability.

Your rights

You can request a copy or deletion of your data at any time by emailing the contact below. Deleting your account purges your auth record, chats, watchlist, alerts, MCP connections, tracked accounts, notification preferences, and subscription row. Stripe customer retention follows Stripe's policy.

If you reside in the EEA/UK or California, you may also have rights to access, port, restrict, or object to processing under GDPR / CCPA. Use the same contact channel.

Security

  • Postgres Row-Level Security on every user-owned table.
  • Service-role writes restricted to webhook + cron + admin paths.
  • MCP bearer tokens stored plaintext in our DB (RLS-scoped to owner; encryption-at-rest pass planned).
  • HTTPS-only transport, secure cookies, Better Auth session JWT.
  • Admins can override subscription tier; every override is audit-logged.

We are not yet SOC 2 certified. If you require formal compliance, use the contact channel before signing up.

Changes

We'll post material changes on this page with a new effective date. Continued use after a change means you accept the updated policy.

Contact

Data controller: Venita SL (Spain).

Privacy questions or data-subject requests (access, portability, deletion): use the contact form or delete your account directly under Settings → Account.

EU/EEA users with unresolved complaints may lodge a complaint with the Spanish data protection authority (Agencia Española de Protección de Datos, AEPD).

Note: this policy is a sensible starting point — please have a qualified lawyer review before relying on it in production.