← Back

Privacy Policy

Effective date: May 3, 2026  ·  DCA Navigator  ·  Analytica Labz  ·  Last updated: May 3, 2026

This Privacy Policy explains how Analytica Labz ("Company," "we," "us," or "our") collects, uses, and shares information when you use DCA Navigator ("Service"). By using the Service, you agree to the practices described here.

1. Information We Collect

Information you provide directly:

• Account registration data: email address, display name, and password (stored as a salted hash — never in plaintext).
• Payment information: processed and stored by Stripe. We do not store your card details.
• Support communications: messages you send to our support email.

Information collected automatically:

• Usage data: symbols searched, tools used, feature interactions, session duration.
• Technical data: IP address, browser type, device type, referring URL, timestamps.
• Authentication data: login timestamps, session tokens (stored client-side, never logged server-side).

2. How We Use Your Information

• To provide, operate, and improve the Service.
• To process subscription payments and manage your account.
• To send transactional emails (password resets, billing confirmations).
• To detect and prevent fraudulent or abusive activity.
• To understand usage patterns and prioritize product development.
• To communicate product updates, new features, or policy changes.

We do not sell your personal information to third parties. We do not use your data to train external AI models.

3. Data Sharing

We share your information only with service providers that help us operate the Service:

• Stripe — payment processing (subject to Stripe's Privacy Policy).
• Supabase — database hosting for account and cached market data.
• Railway — application hosting infrastructure.
• Financial Modeling Prep (FMP) — market data provider (queries are not linked to user identities).

We may disclose information if required by law, court order, or to protect the rights and safety of our users or the public.

4. Data Retention

We retain account data for as long as your account is active. If you close your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law or legitimate business need (e.g., billing records).

5. Security

We implement reasonable technical and organizational safeguards to protect your information, including:

• Passwords hashed with PBKDF2-SHA256 (200,000 iterations).
• HTTPS-only communication.
• Authentication tokens with expiry and one-time-use password reset tokens.
• Access controls limiting credential exposure to authorized personnel only.

No system is completely secure. We encourage you to use a strong, unique password and to enable device-level security.

6. Cookies and Local Storage

The Service uses browser localStorage to store session tokens, user preferences (such as chart settings and last viewed symbol), and sidebar state. We do not use third-party advertising cookies. If you clear your browser storage, you will be logged out.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your account and associated data.
• Withdraw consent where processing is based on consent.

To exercise any of these rights, contact us at support@dcanavigator.com. We will respond within 30 days.

8. Children's Privacy

The Service is not directed at children under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have collected information from a child under 18, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service constitutes acceptance of the revised policy.

10. Contact

Questions, concerns, or data requests: support@dcanavigator.com