FortuneOK ("we", "us", "our") operates FortuneOK (the "Service"). This Privacy Policy describes how we collect and process information when you visit our website or use the Service.
1. The short version
- We collect the minimum needed to run a portfolio tracker: your email, the assets you record, and standard service logs.
- Payments are handled by Lemon Squeezy. We never see your full card number.
- We do not sell your data, do not run third-party advertising trackers, and do not share your portfolio with anyone.
- You can export or delete your data at any time from your dashboard.
2. Scope
This policy covers data we process about visitors to fortuneok.com and registered users of FortuneOK. It does not cover the privacy practices of third-party sites or services you may connect to from within the Service - their own policies apply.
3. Information we collect
We collect only what we need to operate the Service. The categories below summarize everything we touch.
Account information
Your name and email address, captured when you sign up with Google or via a magic link.
Portfolio & asset data
The assets, portfolios, currencies and notes you record. We treat this as private and never sell or share it for advertising.
Payment information
Handled directly by Lemon Squeezy, our merchant of record. We receive subscription status and the last 4 digits of your card, never the full card number.
Connected broker data
If you choose to connect a broker, we receive read-only holdings and activity from the brokerage aggregator (SnapTrade) so we can sync your portfolio.
Usage & device data
Standard server logs (IP, user agent, timestamps, error traces) used for security, debugging and abuse prevention.
Cookies
A session cookie to keep you logged in, plus a small number of functional cookies. We do not use third-party advertising cookies.
4. How we use your data
We use the information described above to:
- Provide, operate and maintain the Service (calculate allocations, fetch prices, convert currencies, render charts).
- Authenticate you, secure your account and prevent fraud or abuse.
- Process subscription payments and send transactional emails (receipts, magic links, account notices).
- Diagnose bugs and improve performance using aggregate logs and error traces.
- Communicate with you about product changes, security alerts and important policy updates.
We rely on the following legal bases under GDPR where it applies: performance of a contract (running the Service you signed up for), legitimate interest (security, debugging) and consent (optional broker connections, optional marketing emails).
5. How we share data
We do not sell your personal data. We share information only in the following limited cases:
- With service providers who help us run the Service (see section 6), under data-processing terms.
- When required by law, court order or to protect the rights, property or safety of users.
- In connection with a merger, acquisition or sale of assets, in which case we will notify you before your data is transferred and becomes subject to a different policy.
6. Service providers
The following third parties process limited data on our behalf so we can deliver the Service:
| Provider | Purpose | Region |
|---|---|---|
| Supabase | Database hosting & authentication | USA / EU |
| Lemon Squeezy | Payments & subscription billing (merchant of record) | USA |
| Resend | Transactional email (magic links, receipts) | USA |
| OAuth sign-in (optional) | USA | |
| Financial Modeling Prep | Market & symbol data | USA |
| SnapTrade | Broker connections & holdings sync (optional) | USA / Canada |
| Vercel | Application hosting & CDN | Global |
| Redis Cloud | Short-lived caching of exchange rates | USA / EU |
7. Cookies
We use a small, focused set of cookies:
- Session cookie - keeps you logged in across pages. Strictly necessary.
- Preference cookies - remember your base currency, theme and other UI settings.
- No advertising cookies - we do not run third-party ad trackers or behavioral profiling.
You can clear cookies in your browser at any time. Doing so will sign you out and reset your preferences.
8. Data retention
We keep your account and portfolio data for as long as your account is active. If you delete your account, we erase your personal data and portfolio entries within 30 days, except for records we are required to keep for legal, tax or accounting reasons (typically up to 7 years for invoice records held by Lemon Squeezy).
9. Security
We use industry-standard safeguards: TLS in transit, encrypted storage at rest, least-privilege access for staff, and audit logging on production systems. No system is perfectly secure, so please use a strong, unique sign-in email and notify us immediately if you suspect unauthorized access.
10. Your privacy rights
Depending on where you live (e.g. EU/UK under GDPR, California under CCPA/CPRA, Brazil under LGPD), you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your data (the "right to be forgotten").
- Export your data in a portable format.
- Object to or restrict certain processing.
- Withdraw consent for optional processing at any time.
You can exercise most of these rights directly from your account settings. For anything else, email support@fortuneok.com and we will respond within 30 days.
11. International transfers
FortuneOK is operated from the United States and our service providers may process data in the US, EU or other jurisdictions. Where required, we rely on Standard Contractual Clauses or equivalent safeguards to protect international transfers.
12. Children's privacy
The Service is not directed to children under 13 (or the relevant age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us and we will delete it.
13. Changes to this policy
We may update this Privacy Policy from time to time. If a change is material we will notify you by email and update the "Last updated" date at the top of this page. Your continued use of the Service after the update takes effect constitutes acceptance of the revised policy.
14. Contact us
Questions, requests or complaints about your privacy? Email support@fortuneok.com. We read every message and take privacy concerns seriously.