Profile · Privacy

Privacy Policy – PROFITING OÜ

Last updated: November 2025

1. Purpose of Processing

PROFITING OÜ collects and processes users' personal data for the following purposes:

  • Manage access, registration, and use of the application and associated services.
  • Administer subscriptions, plans, payments, and virtual tokens (Profiteroles).
  • Offer automated market analysis using AI for exclusively informational and non-personalized purposes.
  • Allow optional connection with external broker accounts (e.g., Alpaca) in read-only mode, in order to show positions, executed orders, or aggregated data coming from the broker itself.
  • Facilitate the generation of deep links that allow the user to transfer information about an opportunity to their broker, always under manual confirmation by the user.
  • Ensure security, prevent fraud and misuse, detect anomalous activity, and protect the integrity of the system.
  • Improve user experience, performance, and stability through aggregated analytics and usage metrics.

Profiting does not execute orders, does not act as a broker, does not provide personalized financial advice, and does not make automated decisions that produce direct legal or economic effects on users.

2. Legal Basis for Processing

  • Execution of a contract (Art. 6.1.b GDPR): account management, subscriptions, access to the service, or voluntary connection with external brokers.
  • Consent (Art. 6.1.a GDPR): for optional functions, voluntary use of Profiteroles, and acceptance of this policy.
  • Legitimate interest (Art. 6.1.f GDPR): fraud prevention, network security, service maintenance, and improvement of user experience.

3. Processed Data

  • Identifiers: username and email.
  • Technical: IP address, language, device type, operating system, technical identifiers, and diagnostic data.
  • Usage Data: interaction with the app, frequency metrics, preferences, feature performance, and Profiteroles used or purchased.
  • Financial Data Managed by Third Parties: Payments are managed through Stripe, Paysera, Revolut Business, or other authorized platforms. PROFITING does not store card numbers, banking credentials, or similar financial information.
  • Optional Connection with External Brokers (e.g., Alpaca): If the user connects voluntarily, Profiting may access account data in read-only mode, such as positions, executed orders, and basic history provided by the broker. These data are used solely to show consolidated information within the app, improve user experience, and relate signals to operations performed.

4. Data Retention

Data will be retained while the user maintains their active account, while a contractual relationship exists, or during legal retention periods. Once these periods have ended, data will be securely deleted or anonymized.

5. Communication of Data to Third Parties

Data may be communicated to:

  • Data processors providing infrastructure, hosting, analytics, development, technical support, or payment gateway services.
  • External brokers connected by the user, only in cases necessary to enable integration (for example, OAuth authentication or API key verification).
  • Competent authorities, when legally required.

PROFITING does not sell personal data nor transfer it to third parties for commercial purposes.

6. International Transfers

If data transfers are made outside the European Economic Area (e.g., to technology providers or brokers like Alpaca), PROFITING will guarantee:

  • that the country has an adequacy decision from the European Commission, or
  • that Standard Contractual Clauses (SCC) are in force, or
  • that other appropriate safeguards are applied in accordance with the GDPR.

7. User Rights

The user may exercise at any time the rights of:

  • access,
  • rectification,
  • erasure,
  • restriction,
  • portability,
  • objection.

Requesting their exercise at support@profiting.pro with the subject "Data Protection". If not satisfied with the response, you may complain to the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your national supervisory authority.

8. Information Security

PROFITING applies appropriate technical and organizational measures, such as:

  • Encryption via HTTPS/TLS 1.3,
  • Secure servers in the European Union,
  • Internal access controls,
  • Strong authentication,
  • Periodic internal and external audits,
  • Hashing and minimization of personal data use.

9. Automated Decisions and Profiling

Analyses ("Profits", "SuperProfits", etc.) are generated by artificial intelligence without individual personalization. PROFITING does not create risk profiles, does not evaluate suitability, and does not make automated decisions that produce legal or economic effects on users.

10. Connection with Brokers and Liability

The connection with brokers like Alpaca:

  • is voluntary,
  • is performed under credentials managed by the user,
  • operates exclusively in read-only mode,
  • does not allow PROFITING to execute orders.

Deep links generated by PROFITING serve only to facilitate the user's access to their broker with pre-configured fields. The final confirmation of any operation is the exclusive responsibility of the user within the broker.

PROFITING is not responsible for failures, delays, availability, commissions, policies, requirements, or operation of external brokers.

11. Changes to the Privacy Policy

PROFITING may update this policy to adapt it to legislative changes, technical improvements, or new functionalities. Modifications will be notified within the app and will enter into force upon publication.