Legal
Privacy Policy
Last updated: 20 April 2026
This Privacy Policy explains what data the Portfolio Explainer mobile application ("the App") and its backend service (operated by Excludium) collect, why they collect it, and how it is stored, shared, or deleted.
1. Who we are
Excludium is an independent developer of consumer mobile software. For privacy questions or data requests, contact excludiumgc@gmail.com.
2. Data we collect
- Account identifiers from Sign in with Apple or Google — a stable federated user id, email (may be a private-relay address), and display name if you choose to share it.
- Portfolio data you add manually: asset symbols and amounts. We do not connect to exchanges or wallets.
- Generated reports and chat messages produced by the app based on your portfolio.
- Subscription status from Apple App Store or Google Play receipts — used to grant premium access.
- Device info (platform name, app version) attached to refresh-token records for session management.
We do not collect: contacts, precise location, photos, advertising identifiers, or analytics events beyond what's required for operation.
3. How we use it
- Authenticate you and keep you signed in across devices.
- Generate personalized daily reports about your portfolio.
- Enforce subscription entitlements and per-tier quotas.
- Send generated content (reports, chat) to OpenAI's API for inference — see Section 5.
4. Storage and security
Data is stored on Excludium's servers (Microsoft Azure, EU-region). Transport is HTTPS everywhere. Refresh tokens and purchase receipts are hashed before storage — raw values never leave the first request.
5. Third parties
- OpenAI — we send portfolio snapshots and conversation context to OpenAI's Chat Completions API to generate reports and chat replies. OpenAI's data-use policy applies: API traffic is not used to train their models by default. See openai.com/policies.
- CoinGecko — we fetch anonymous price and market-cap data. No user data is sent.
- Apple / Google — for federated sign-in and subscription receipt verification.
6. Retention
Account data, portfolio holdings, reports, and chat history are retained while your account is active. If you delete your account (in-app or by email request), all personal data is removed from production databases within 30 days. Encrypted backups are rotated within 90 days.
7. Your rights
You can request a full data export or account deletion at any time:
- In the app: Settings → Delete account (immediate).
- Outside the app: pfexplainer.excludium.com/api/legal/account-deletion or by email to excludiumgc@gmail.com.
Residents of the EEA, UK, California or similar jurisdictions have additional rights (access, rectification, portability, objection). Email us to exercise them.
8. Children
Portfolio Explainer is not intended for users under 18 and must not be used by minors. We do not knowingly collect data from children.
9. Changes to this policy
We may update this Privacy Policy. Material changes will be announced in the app and reflected here with a new "Last updated" date. Continued use after changes constitutes acceptance.