ProfundaProfunda
HomeLegalPrivacy Policy

Legal

Privacy Policy

This Privacy Policy explains how Profunda collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

Last updated: December 25, 2024

1. Introduction

At Profunda, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy describes our practices regarding the collection, use, and disclosure of information when you use our Service.

We process personal data in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws.

By using our Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Service.

2. Data Controller

The data controller responsible for your personal data is:

Profunda

Website: profunda.io

Email: privacy@profunda.io

Data Protection Officer: dpo@profunda.io

If you have any questions about this Privacy Policy or our data practices, please contact us using the information above.

3. Data We Collect

3.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

  • Account Information: Email address, password (encrypted), name (optional)
  • Profile Information: Timezone preferences, notification settings
  • Payment Information: Billing details processed by our payment providers (Stripe)
  • Communications: Messages sent through our contact forms or support channels
  • Feedback: Feature requests, bug reports, and survey responses

3.2 Information Collected Automatically

When you access our Service, we automatically collect:

  • Device Information: Browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent on the platform
  • Log Data: IP address, access times, referring URLs
  • Cookies: See our Cookie Policy for details

3.3 Information from Third Parties

We may receive information from:

  • Authentication Providers: If you sign in with Google, we receive your email and name
  • Payment Processors: Transaction status and payment confirmations (not full card details)

4. How We Use Your Data

We use your personal data for the following purposes:

4.1 Service Provision

  • Creating and managing your account
  • Providing access to Market Pulse, Signal Cards, and Chart Studio
  • Processing subscription payments
  • Delivering email alerts and notifications (based on your preferences)
  • Providing API access for Blue Whale subscribers

4.2 Service Improvement

  • Analyzing usage patterns to improve our algorithms and features
  • Conducting research and development
  • Debugging and troubleshooting issues

4.3 Communication

  • Responding to your inquiries and support requests
  • Sending service-related notices (e.g., security alerts, billing updates)
  • Sending marketing communications (with your consent)

4.4 Legal and Security

  • Complying with legal obligations
  • Protecting against fraud and abuse
  • Enforcing our Terms of Service

6. Data Sharing

We do not sell your personal data. We may share your data with:

6.1 Service Providers

  • Hosting: Cloud infrastructure providers (Vercel, AWS)
  • Payments: Stripe for payment processing
  • Email: Transactional email services
  • Analytics: Privacy-focused analytics tools

6.2 Legal Requirements

We may disclose your data when required by law, court order, or to protect our rights and safety.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this policy:

Data TypeRetention Period
Account dataUntil account deletion + 30 days
Billing records7 years (legal requirement)
Usage logs90 days
Support tickets2 years after resolution
Marketing consentUntil consent is withdrawn

8. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

8.1 Right of Access

You can request a copy of your personal data that we hold.

8.2 Right to Rectification

You can request correction of inaccurate or incomplete data.

8.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances.

8.4 Right to Restriction

You can request that we limit how we use your data.

8.5 Right to Data Portability

You can request your data in a structured, machine-readable format.

8.6 Right to Object

You can object to processing based on legitimate interests or for direct marketing.

8.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

8.8 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority. In France, this is the CNIL (Commission Nationale de l'Informatique et des Libertés).

To exercise your rights:

Email us at privacy@profunda.io with your request. We will respond within 30 days.

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption: Data encrypted in transit (TLS) and at rest
  • Access Control: Role-based access with principle of least privilege
  • Authentication: Secure password hashing, optional 2FA
  • Monitoring: Security monitoring and incident response procedures
  • Vendor Security: Regular security assessments of service providers

While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

10. International Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules where applicable

11. Cookies

We use cookies and similar technologies to enhance your experience. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

12. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete that information.

13. Policy Changes

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date
  • Sending an email notification for material changes

We encourage you to review this policy periodically.

14. Contact Us

For privacy-related inquiries or to exercise your rights:

Privacy Team: privacy@profunda.io

Data Protection Officer: dpo@profunda.io

General Contact: profunda.io/contact

We aim to respond to all legitimate requests within 30 days. In complex cases, we may need additional time, in which case we will keep you informed.

Other Legal Documents

Terms of Service

User agreement and conditions

Privacy Policy

How we handle your data

Cookie Policy

Cookie usage and preferences

Imprint

Legal notice and company info