Overview
This Privacy Policy explains how Arthamon Capital ("we", "us") collects, uses, shares, and protects personal data when you use the Arthamon Capital Market Terminal (the "Service"). By using the Service you acknowledge the practices described here.
Data We Collect
We collect the following categories of data:
- Account data: email, username, hashed password, account status, timestamps.
- Payment data: handled by our payment provider (Stripe). We store payment status, plan, amount, currency, and a provider reference, but not card details.
- Usage data: pages visited, features used, error and diagnostic logs, IP address, browser type, device information.
- User-submitted research: notes, watchlists, comments, or other content you create within the Service.
- Cookies / local storage: small identifiers used for sessions, preferences, and the launch-offer timer (see our Cookie Policy).
Support Requests
When you contact us through the in-product support form or by email, we may collect information needed to triage and respond to your request, including:
- Issue type, subject, message body, and urgency level you select.
- The affected product area (for example terminal, billing, research, account).
- Browser and device information you provide or that is automatically attached (user agent, screen size, app version).
- Screenshots, log excerpts, or other files you choose to upload.
- Account context (user id, email, subscription state) used to locate your record and verify your request.
This data is used solely to investigate and resolve your request, improve the Service, and maintain a security and service history.
Crypto Payment Requests
If you choose to pay with cryptocurrency, we collect data needed to manually verify the transaction and activate access. This includes:
- The coin and network you select (for example USDT on TRON, USDC on Base).
- The destination wallet address that was displayed to you at the time of payment.
- The transaction hash or signature you submit.
- Any proof-of-payment screenshot or file you upload and any notes you add.
- Payment status, verification outcome, and internal reviewer notes maintained for accounting, anti-fraud, and dispute resolution purposes.
Crypto submissions are reviewed by an administrator before access is activated. We do not custody crypto assets or have access to your wallet's private keys.
Research Submissions and Uploads
When you submit research to the Service, the files, notes, tickers, summaries, and any related metadata you provide are stored in our backend and may be reviewed by our team before publication. Reviewer and administrator notes attached to your submission are retained as part of the editorial record. Approved public research may be made available to other subscribers; rejected or pending research remains accessible only to you and authorized reviewers.
How We Use Data
- Operate, secure, and maintain the Service.
- Authenticate users and manage access periods.
- Process payments and manage billing.
- Provide support and respond to inquiries.
- Detect, prevent, and respond to abuse, fraud, and security incidents.
- Comply with legal obligations.
- Improve the Service through aggregated and diagnostic analysis.
Legal Bases (where applicable)
Where the GDPR or similar laws apply, we process data on the bases of contract performance (providing the Service to you), legitimate interests (security, fraud prevention, product improvement), consent (where required, for example certain cookies), and legal obligation.
Service Providers (Processors)
We share data with carefully selected service providers acting on our behalf:
- Supabase — managed database, authentication, and storage.
- Stripe — payment processing and billing infrastructure.
- Hosting and VPS providers — application hosting, API endpoints, and market-data ingestion.
- Market data and news providers — upstream sources of quotes, fundamentals, and headlines.
- Analytics — if enabled, used to understand product usage in aggregate.
These providers may store and process data in jurisdictions outside your country. Where required, we rely on appropriate safeguards for international data transfers.
Security
We apply layered safeguards designed to protect your data, including:
- Authentication with hashed credentials and session-based access tokens.
- Row-level access controls so users can only read and modify their own records.
- Private storage buckets with per-user policies for uploaded files (such as crypto proofs and research files).
- Operational monitoring and logging to detect abuse, errors, and security incidents.
- Limited administrative access, granted only to authorized personnel and only for legitimate operational, support, or compliance purposes.
- Encrypted transport (HTTPS/TLS) for traffic between your browser and our infrastructure.
No system can be guaranteed fully secure. If you believe your account has been compromised, contact security@arthamon.tech immediately.
Logs and Security Data
Our VPS and API infrastructure produces operational logs (including IP addresses, request paths, timestamps, and error traces) used to operate, monitor, secure, and debug the Service. These logs are retained for limited periods proportionate to those purposes.
Data Retention
We retain different categories of data for different periods, based on why they were collected and the legal obligations that apply:
- Account data: retained while your account exists, and for a reasonable period thereafter to resolve disputes and enforce our agreements.
- Payment records: retained as required for accounting, tax, and other legal obligations, which typically exceeds the lifetime of the account.
- Support requests: retained to maintain a service and security history, and to provide continuity for follow-up requests.
- Operational and security logs: retained for limited periods proportionate to operational, debugging, and security needs.
- Uploaded files (crypto proofs, research files, support attachments): retained until you delete them, the related submission is rejected or withdrawn, or they are no longer needed for the original purpose.
- Backups: may persist in encrypted backups for additional, limited periods before being overwritten.
Your Rights
Subject to applicable law, you may have the right to access, correct, delete, restrict, or object to the processing of your personal data, to data portability, and to withdraw consent at any time where processing is based on consent. You may also lodge a complaint with your local data protection authority.
To exercise these rights, contact us at legal@arthamon.tech. We may need to verify your identity before fulfilling the request.
International Data Transfers
The Service relies on infrastructure and service providers that may store and process data in countries other than the one where you live, including jurisdictions outside the European Economic Area, the United Kingdom, and Switzerland. Laws in those countries may differ from the laws of your home jurisdiction and may give government authorities access to data under conditions that differ from your local law.
Where required, we rely on appropriate safeguards for international transfers, such as the European Commission's Standard Contractual Clauses, equivalent UK and Swiss mechanisms, and our providers' supplementary technical and organizational measures. By using the Service, you acknowledge that your data may be transferred to and processed in such jurisdictions.
Children
The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us so we can take appropriate action.
Changes to this Policy
We may update this Policy from time to time. Material changes will be communicated through the Service or by email. The "Last updated" date at the top of this page reflects the latest revision.
Contact
The primary contact for privacy questions and data-subject requests is legal@arthamon.tech. For account or product support, write to support@arthamon.tech. Security or abuse reports should go to security@arthamon.tech.
Support is provided by email during private beta. Response times may vary and are not guaranteed unless otherwise agreed in writing.
Questions about this document? Contact us at legal@arthamon.tech. See also Terms, Privacy, Cookies, Risk Disclaimer.