Security and Privacy Policy

We collect various types of information to provide and improve our Services:

1.1 Information You Provide

• Account information: Name, email address, password, company details
• Service usage: Data you create, upload, or share through our Services
• Contact information: Details you provide when contacting support
• Subscription information: Billing address, payment method details
• Survey responses: Feedback and opinions you share with us

1.2 Information Collected Automatically

• Usage data: Pages visited, features used, time spent, click patterns
• Device information: IP address, browser type, operating system, device identifiers
• Location data: General location based on IP address
• Log data: Server logs, error reports, performance metrics
• Cookies and tracking: Information collected through cookies and similar technologies

1.3 Information from Third Parties

• Authentication providers: Google, Facebook, Microsoft (if you use social login)
• Integration partners: Data from connected third-party services
• Analytics providers: Aggregated usage statistics
• Payment processors: Transaction verification data

We use the information we collect for the following purposes:

2.1 Service Delivery

• Provide, maintain, and improve our Services
• Process transactions and manage subscriptions
• Authenticate users and secure accounts
• Store and manage your investment data
• Enable collaboration features and integrations

2.2 Communication

• Send service notifications and updates
• Respond to support requests and inquiries
• Provide technical assistance and troubleshooting
• Send marketing communications (with your consent)
• Notify you of changes to our policies or Services

2.3 Analytics and Improvement

• Analyze usage patterns and trends
• Monitor performance and system health
• Identify and fix bugs and technical issues
• Develop new features and enhancements
• Conduct research and data analysis

2.4 Security and Compliance

• Detect and prevent fraud and abuse
• Investigate security incidents
• Comply with legal obligations
• Enforce our Terms and Conditions
• Protect the rights and safety of users

We do not sell your personal information. We may share your information in the following circumstances:

3.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our Services:

• Cloud hosting: AWS, Google Cloud for infrastructure
• Payment processing: Stripe, PayPal for transaction handling
• Email services: SendGrid, Mailchimp for communications
• Analytics: Google Analytics, Mixpanel for usage insights
• Support tools: Zendesk, Intercom for customer service

3.2 Business Transfers

If SharesSaver is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Services of any change in ownership.

3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including to:

• Comply with legal obligations or court orders
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing
• Protect the personal safety of users or the public
• Protect against legal liability

3.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so, such as when enabling integrations with third-party applications.

We implement industry-leading security measures to protect your information:

4.1 Technical Safeguards

• Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
• Authentication: Multi-factor authentication (MFA) support
• Access controls: Role-based access control (RBAC) and least privilege principles
• Network security: Firewalls, intrusion detection, DDoS protection
• Monitoring: 24/7 security monitoring and incident response

4.2 Operational Safeguards

• Regular audits: Annual SOC 2 Type II audits
• Penetration testing: Quarterly security assessments
• Employee training: Security awareness programs
• Vendor management: Third-party security reviews
• Incident response: Documented procedures for security events

4.3 Backup and Recovery

• Automated daily backups with 30-day retention
• Geo-redundant storage across multiple data centers
• Disaster recovery plan with RTO of 4 hours
• Regular backup restoration testing

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

5.1 Account Data

• Active accounts: Retained for the duration of your subscription
• Inactive accounts: Deleted after 12 months of inactivity
• Canceled accounts: Data available for 30 days, then permanently deleted

5.2 Other Data

• Usage logs: Retained for 90 days for troubleshooting
• Financial records: Retained for 7 years for tax purposes
• Support tickets: Retained for 3 years for quality assurance
• Marketing data: Retained until you unsubscribe

Depending on your location, you may have the following rights regarding your personal information:

6.1 Access and Portability

• Request access to your personal information
• Receive a copy of your data in a portable format
• Export your data from your account settings

6.2 Correction and Update

• Update your account information at any time
• Correct inaccurate or incomplete data
• Request changes through our support team

6.3 Deletion

• Request deletion of your account and data
• Delete specific data from your account
• Right to be forgotten (where applicable)

6.4 Marketing Communications

• Opt-out of marketing emails at any time
• Manage communication preferences in account settings
• Unsubscribe links in every marketing email

6.5 Regional Rights

To exercise any of these rights, please contact us at legal@sharessaver.com. We will respond to your request within 30 days.

We use cookies and similar tracking technologies to enhance your experience and analyze usage patterns.

7.1 Types of Cookies

7.2 Managing Cookies

You can control cookies through:

• Browser settings (most browsers allow you to refuse or delete cookies)
• Our cookie preference center (accessible in account settings)
• Third-party opt-out tools (e.g., Google Analytics opt-out)

SharesSaver operates globally, and your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States.

8.1 Data Transfer Mechanisms

We use appropriate safeguards for international data transfers:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Privacy Shield certification (where applicable)
• Adequacy decisions by regulatory authorities
• Data processing agreements with all third-party processors

8.2 Data Residency

Enterprise customers may request data residency in specific regions. Contact our sales team for more information.

Our Services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information from our servers.

Our Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

10.1 Integrations

When you connect third-party applications to SharesSaver, you authorize us to access and process data from those services as described in the integration permissions. Review each integration's permissions carefully before connecting.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email to the address associated with your account
• Display a prominent notice within our Services
• Require your acceptance for material changes that affect your rights

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

SharesSaver maintains compliance with major privacy and security standards: