Privacy Policy
GoCharting Inc. ("GoCharting", "we", "us") provides web- and mobile-based financial charting and market-data analytics tools (the "Services"). This Policy explains what personal data we collect, why, who we share it with, how long we keep it, and your choices and rights. It applies to our websites, applications, and communications.
GoCharting is a software and market-data provider. We are not a broker, bank, exchange, or investment adviser. We do not execute trades, hold your funds, or give regulated financial advice. When you connect a brokerage account, that relationship is governed by your broker, not by us.
If you are in the EEA/EU, UK, India, California, or another US state with privacy rights, see the region-specific section that applies to you near the end.
1. The personal data we collect
We collect:
- Account data — your name, email address, and login credentials (passwords are stored only in hashed form).
- Profile and preferences — chart layouts, watchlists, indicator and tool settings, language, region, and subscription tier.
- Billing data — your plan and billing history. Payment card details are handled directly by our payment processors; we do not receive or store full card numbers or security codes.
- Usage and device data — IP address, approximate location from your IP, browser and device type, and how you use the Services (features used, events, sessions, timestamps, and crash/diagnostic data).
- Cookies and similar technologies — see § 3.
- Communications — messages, support tickets, feedback, and whether our emails were delivered or opened.
- Broker-connection data — when you connect a broker, the identifiers and tokens needed to display your data. We do not receive or store your broker login credentials and do not trade on your behalf unless you initiate it.
We do not intentionally collect government identifiers (such as Social Security numbers), biometric data, or special-category/sensitive data. Most data comes from you or is generated by your use of the Services; some comes from a third-party sign-in or a broker you choose to connect.
2. How we use your data, and our legal bases
For users in the EEA, UK, and India, the table sets out each purpose and its legal basis. US state privacy laws (such as California's) do not operate on a "legal basis" model; the rights and disclosures that apply to US residents are in § 12.4 and § 12.5.
| Purpose | Legal basis (GDPR / UK GDPR) | Basis (India DPDP) |
|---|---|---|
| Create your account and provide the Services | Contract | Necessary for the purpose / consent |
| Process subscriptions and payments | Contract; legal obligation (tax) | Necessary; legal obligation |
| Keep the Services secure; prevent fraud and abuse | Legitimate interests — protecting our platform and users | Legitimate use |
| Provide customer support | Contract; legitimate interests — responding to you | Necessary for the purpose |
| Measure and improve product reliability and performance (analytics) | Legitimate interests — improving the Services; consent for non-essential cookies | Consent |
| Send service / transactional messages | Contract; legitimate interests | Necessary for the purpose |
| Send marketing communications | Consent (or legitimate interests where permitted) | Consent |
| Comply with law and respond to lawful requests | Legal obligation | Legal obligation |
| Establish/defend legal claims; corporate transactions | Legitimate interests | Legitimate use |
Where we rely on consent, you can withdraw it at any time (this doesn't affect prior processing). You can opt out of marketing using the link in any marketing email.
3. Cookies and similar technologies
We use cookies and similar technologies for three purposes: strictly necessary (to run the Services, keep you signed in, route you to the right region, and protect security), functional (to remember preferences), and analytics (to understand usage and improve reliability). We do not use cookies for advertising or to sell your data.
How we ask for consent depends on your region: in the EEA/UK, we do not set non-essential cookies (including analytics) without your consent; in India, we obtain consent as required; in the US, you can opt out and we honor recognized opt-out signals such as Global Privacy Control (GPC). You can change your choices anytime in our cookie settings.
4. How we share your data
We do not sell your personal data, and we do not share it for targeted or cross-context behavioral advertising.
We share personal data only:
- with service providers who host our systems, process payments, deliver email and messaging, provide customer support, and provide product analytics — all under contract and only on our instructions;
- with brokers and market-data providers you choose to connect or subscribe to (for licensed market-data subscriptions, we may share limited identifying details with the relevant exchange or provider to fulfil and license your subscription);
- where required by law or to protect rights and safety — to comply with legal obligations and lawful requests, enforce our terms, or protect our users, the public, or GoCharting; and
- in a corporate transaction — if we are involved in a merger, acquisition, financing, or sale of assets, subject to this Policy.
The categories of recipients above describe everyone we share data with.
5. International data transfers
We and our service providers may store and process personal data in countries other than your own. Where we transfer personal data out of the EEA, the UK, or another region with transfer restrictions to a country that has not been recognized as providing adequate protection, we put in place appropriate safeguards — such as the EU Standard Contractual Clauses, the UK International Data Transfer Agreement/Addendum, or reliance on the EU-U.S. Data Privacy Framework where applicable. You can request details at privacy@gocharting.com.
6. How long we keep your data
We keep personal data only as long as necessary, then delete or anonymize it:
| Data | Retention |
|---|---|
| Account and profile data | Life of your account, then deleted within 30 days of a verified deletion request |
| Billing and invoice records | 7 years (tax and accounting) |
| Product-usage analytics | Up to 14 months |
| Support and communications | 3 years |
| Records of privacy requests | 3 years |
We may keep data longer where the law requires, or to establish or defend legal claims.
7. How we protect your data
We use technical and organizational measures appropriate to the risk, including encryption in transit, encryption at rest for our databases, access controls on a least-privilege basis, and multi-factor authentication for our team. Because payment card data is handled by our payment processors, we do not store it. We strongly recommend you enable two-factor authentication and use a strong, unique password. No system is completely secure; if a personal-data breach occurs, we will notify the relevant authorities and affected individuals where the law requires and within the required timeframes.
8. Children's privacy
The Services are for adults. You must be at least 18 to use the Services. We do not knowingly collect data from anyone under 18, profile them, or direct advertising to them. If you believe someone under 18 has given us data, email privacy@gocharting.com and we will delete it.
9. Automated decision-making
We do not make decisions producing legal or similarly significant effects about you based solely on automated processing. If this changes, we will update this Policy and provide any disclosures and choices the law requires.
10. Your rights and choices
Depending on where you live, you may have the right to access, correct, delete, port, object to or restrict processing of your data, to withdraw consent, and to opt out of marketing. The region-specific sections below set out the rights that apply to you.
To exercise a right, email privacy@gocharting.com or use your account settings. We will verify your request and respond within the time your region's law requires. You will not be treated differently for exercising your rights, and you may use an authorized agent where the law allows.
11. Changes to this Policy
We may update this Policy. If changes are material, we will post the updated Policy with a new "Last updated" date and, where appropriate, notify you by email or in-app notice.
12. Region-specific disclosures
12.1 EEA / European Union
Under the GDPR, GoCharting Inc. is the controller (see § 13). You have the rights set out in § 10, including the right to object at any time to direct marketing and to withdraw consent. International transfers use the safeguards in § 5. You may lodge a complaint with your local supervisory authority (list at edpb.europa.eu). Where data is needed to provide the Services, not providing it may mean we cannot offer them.
12.2 United Kingdom
The UK GDPR and Data Protection Act 2018 apply, with the same rights as § 12.1. Transfers from the UK use the UK IDTA/Addendum or the UK Extension to the EU-U.S. Data Privacy Framework. You may complain to the UK Information Commissioner's Office (ico.org.uk).
12.3 India
Under the Digital Personal Data Protection Act 2023, GoCharting Inc. is the Data Fiduciary. We process your personal data based on your consent or other legitimate uses permitted by law, and you may withdraw consent at any time — as easily as you gave it — via privacy@gocharting.com or your account settings. You have the rights to access a summary of your data and our processing, to correction and erasure, to grievance redressal, and to nominate another person to exercise your rights in the event of death or incapacity. To raise a grievance, contact us at privacy@gocharting.com; if it is unresolved, you may complain to the Data Protection Board of India. The Services are for users 18 and older; we do not knowingly process children's data or direct advertising to children. You may request this notice in English or any language in the Eighth Schedule to the Constitution of India.
12.4 California
Under the CCPA/CPRA, in the last 12 months we have collected these categories of personal information: identifiers (name, email, IP and device/account identifiers); customer-records information (limited billing details — card data is handled by our processors); commercial information (subscription and transaction history); internet/network activity (usage and analytics); approximate geolocation (from IP); and electronic information (your communications with us). Sources and purposes are described in §§ 1–2; recipient categories in § 4.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. Because we do not sell or share, we do not provide a "Do Not Sell or Share" mechanism; we honor Global Privacy Control (GPC) signals. We do not collect sensitive personal information for purposes that would require a "Limit the Use of My Sensitive Personal Information" link.
You have the rights to know/access, delete, correct, and to non-discrimination for exercising them. To exercise, email privacy@gocharting.com; we respond within 45 days (extendable by 45 with notice). If we deny a request, you may ask us to reconsider by replying to our decision. You may use an authorized agent with proof of authorization.
12.5 Other US states
If you reside in a US state with a comprehensive privacy law, you have the rights to confirm and access, correct, delete, obtain a portable copy, and opt out of targeted advertising, sale, and certain profiling. We do not sell personal data, conduct targeted advertising, or profile you in ways producing legal or similarly significant effects, and we honor recognized universal opt-out signals (GPC). We do not collect sensitive data as defined under these laws (such as precise geolocation, health data, or racial/ethnic origin); if that changes, we will update this section and obtain any required consent. To exercise rights, email privacy@gocharting.com. If we deny a request, you may appeal by replying to our decision; if the appeal is denied, you may contact your state Attorney General.
13. Contact us
Questions, requests, or complaints: privacy@gocharting.com, or write to GoCharting Inc., 131 Continental Drive, Suite 305, Newark, DE 19713, USA. For security issues: security@gocharting.com.