Privacy Policy

Last updated: April 28, 2026

This Privacy Policy explains how Paturn ("we", "us", or "our") collects, uses, and protects your information when you use our Service.

We respect your privacy and aim to be transparent about what data we collect and why.

What we collect

Account information:

• Email address (used for sign-in and account communications)
• Password (stored as a secure hash, never in plain text)
• Subscription status (whether you're on Free or Pro tier)

Alert preferences:

• Event types you've subscribed to alerts for
• Alert timing preferences (1 day, 1 hour, or 15 minutes before)

Usage data:

• Pages you visit and features you use within Paturn
• IP address and approximate location (country/city)
• Browser type, device type, and operating system
• Timestamps of your activity

Payment information:

• We don't directly store payment card details. Our payment processor (Polar) handles payment information per their privacy policy.
• We do receive and store: subscription status, billing cycle dates, payment success/failure events.

Communications:

• Emails you send to us (kept for support history)
• Email engagement data for our alerts (delivery status, opens, clicks)

How we use your information

We use your information to:

• Provide and maintain the Service
• Send you alerts you've subscribed to
• Send important account notifications (billing changes, policy updates, security alerts)
• Process payments and manage subscriptions
• Improve the Service through analytics
• Respond to your support requests
• Detect and prevent fraud or abuse
• Comply with legal obligations

We don't use your information for behavioral advertising. We don't sell your data to third parties.

Who we share information with

We share information with the following service providers, only as necessary to operate the Service:

• Supabase (database and authentication) — stores your account data
• Vercel (hosting) — runs the Paturn application
• Polar (payment processing) — handles subscription payments
• Resend (email delivery) — sends alerts and account emails
• Finnhub (asset price data) — we send asset symbols, not your personal data
• Federal Reserve Economic Data / FRED (economic events) — we don't send your data here
• Analytics providers (when active) — aggregate usage patterns, no personally identifiable details shared with third parties

Each of these providers has their own privacy practices. We choose providers that meet reasonable security and privacy standards.

We may also share information when:

• Required by law (subpoena, court order, regulatory request)
• Necessary to protect our rights, safety, or property
• As part of a business transfer (merger, acquisition, sale of assets) — you'll be notified

Cookies and tracking

We use cookies for:

• Essential cookies — keep you signed in, remember your preferences
• Analytics cookies — understand how the Service is used (in aggregate)

We don't use third-party advertising cookies or behavioral tracking.

You can disable cookies through your browser settings, but some features (like staying signed in) require cookies to work.

Data retention

We retain your data for as long as your account is active. If you delete your account:

• Account data is deleted within 30 days
• Some data may be retained for legal or accounting reasons (e.g., transaction records for tax purposes)
• Anonymized usage data may be retained for analytics

Your rights

Depending on your jurisdiction, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and personal data
• Export your data in a portable format
• Object to certain types of processing
• Withdraw consent for processing (where consent is the legal basis)

To exercise any of these rights, email hello@paturn.trade with your request. We'll respond within 30 days.

For users in the European Union, the GDPR provides these rights under European law. For users in California, the CCPA provides similar rights. For users in the UAE, the Federal Data Protection Law provides similar rights.

Data security

We implement reasonable technical and organizational measures to protect your data:

• Encrypted data transmission (HTTPS)
• Encrypted password storage (bcrypt or equivalent hashing)
• Access controls limiting who can view personal data
• Regular security reviews

No system is perfectly secure. If we discover a data breach affecting your information, we'll notify you within the timeframes required by applicable law.

International data transfers

Paturn operates from Dubai, UAE. Our service providers are based in various jurisdictions including the United States, European Union, and elsewhere. By using Paturn, you consent to your data being transferred to and processed in these locations.

We comply with applicable data protection laws including the UAE Federal Data Protection Law for our home jurisdiction, the GDPR for EU users, and the CCPA for California users. We ensure transfers comply with these laws (such as Standard Contractual Clauses for EU data transfers).

Children's privacy

Paturn is not intended for users under 18. We don't knowingly collect data from children. If you believe we've collected data from a child, contact us at hello@paturn.trade and we'll delete it promptly.

Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email to active users. The "Last updated" date at the top reflects the most recent changes.

Contact

Questions about this Privacy Policy or your data? Reach us at hello@paturn.trade.