Privacy Policy

Last Updated: March 4, 2026

Introduction

At Bekodia, we are committed to protecting your privacy and ensuring transparency in how we collect, use, and safeguard your personal data. This Privacy Policy explains our practices regarding the collection, processing, and protection of your personal information when you use our Service.

This Privacy Policy is incorporated into and forms part of our Terms of Service. By using the Service, you agree to the collection and use of information in accordance with this policy.

We have designed this privacy policy to comply with applicable data protection regulations, including:

  • General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA)
  • California Consumer Privacy Act (CCPA) for users in California
  • Other applicable data protection laws

1. Data Controller

Owner: Bekodia

Contact Information:

  • Email: support@bekodia.com
  • For privacy-related inquiries: support@bekodia.com

2. Types of Data We Collect

2.1 Account Registration Data

When you create an account with Bekodia, we collect:

  • Email address (required for account creation and communication)
  • Password (stored in encrypted/hashed format, never in plain text)
  • Email verification status (to confirm your email address)
  • Terms of Service and Privacy Policy acceptance (recorded at account creation)

2.2 Subscription and Billing Data

When you subscribe to our Service, we collect and process:

  • Stripe Customer ID (for payment processing)
  • Stripe Subscription ID (for subscription management)
  • Plan type and tier (Trader or Analyst)
  • Subscription status (active, canceled, past due, trialing, etc.)
  • Trial status and eligibility (whether you have used a free trial)
  • Billing period information (start and end dates)
  • Payment processing information (handled securely by Stripe, a PCI DSS Level 1 certified payment processor. All card details are entered on Stripe's hosted checkout pages — we never receive, transmit, or store your card number or CVV)

2.3 Session and Authentication Data

To maintain your account security and enforce our single-session restriction, we collect:

  • Login timestamps (to track recent login activity)
  • IP addresses (for security and fraud prevention)
  • User agent information (browser and device information)
  • Session tokens (stored securely in HTTP-only cookies)

2.4 User Preferences Data

To personalize your experience, we store the following preferences in your account:

  • Notification preferences (sound type, volume level, enabled/disabled status)
  • Push notification preferences (enabled/disabled, minimum confidence level for alerts)
  • Analytics consent preference (granted or denied — synced across devices)
  • Market analysis filters (time horizon, sentiment, risk level, asset type, confidence level, and momentum filters)
  • Display preferences (font size settings)

Note: Your preferences are stored in our database and synced across your sessions. They are used solely to personalize your experience and are not shared with third parties.

2.5 Bookmarks and Notes Data

When you use the bookmark feature, we store:

  • Bookmarked article references (which articles you have saved)
  • Personal notes and annotations (text you write about bookmarked articles)
  • Bookmark timestamps (when articles were saved)

Your bookmarks and notes are private to your account. We do not review, analyze, or share your personal notes with third parties. This data is deleted when you remove a bookmark or when your account is deleted.

2.6 Push Notification Data

If you enable push notifications, we collect and store:

  • Push subscription endpoint (a URL generated by your browser for delivering notifications to your device)
  • Encryption keys (p256dh and auth keys generated by your browser, used to encrypt notification payloads)
  • Subscription creation timestamp

Note: Push notification data is generated by your browser, not by Bekodia. This data is used solely to deliver notifications to your device. When you disable push notifications, this data is permanently deleted from our servers.

2.7 Support Request Data

When you submit a support request through our in-app support form or via email, we collect:

  • Message content (the text of your support request)
  • Contact email (your account email address)
  • Request category (the type of support issue)

2.8 Analytics Data (With Your Consent)

If you grant consent for analytics, we may collect:

  • Page views and navigation patterns
  • User interactions (signups, logins, feature usage)
  • Browser and device information (user agent, screen resolution)
  • Referrer information (how you arrived at our Service)
  • Custom event data (feature usage, search queries, content engagement)

Note: Analytics data collection is optional and requires your explicit consent. You can manage your analytics consent through your account settings. When consent is withdrawn, analytics tracking will immediately stop. Your consent preference is synced across devices via your account settings.

We use analytics providers such as Google Analytics to help us understand how the Service is used. For more information about how Google collects and uses data, please visit How Google uses information from sites or apps that use our services.

2.9 Cookies and Similar Technologies

We use the following types of cookies:

  • Authentication cookies (`auth-token`): HTTP-only, secure cookies for session management
  • Consent cookies (`analytics_consent`): Stores your analytics consent preference
  • Analytics cookies (if consent granted): Google Analytics 4 cookies including `_ga` and `_ga_*` for usage tracking, user identification, and session management

Mobile Device Identifiers

Google Analytics may collect mobile device identifiers such as Android Advertising ID or iOS Advertising Identifier when you access our Service through mobile devices.

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you create an account, subscribe to our Service, enable push notifications, or grant consent for analytics
  • Contract Performance: To provide and maintain the Service you have subscribed to, including delivering notifications, storing bookmarks, and syncing preferences
  • Legitimate Interests: For security, fraud prevention, and service improvement
  • Legal Obligations: To comply with applicable laws and regulations

4. How We Use Your Data

4.1 Service Delivery

  • To create and manage your account
  • To provide access to our AI-powered stock market analysis platform
  • To process and manage your subscription
  • To store and sync your bookmarks, notes, and preferences across sessions
  • To deliver push notifications about market signals (when enabled)
  • To generate PDF reports on demand (Analyst plan)
  • To communicate with you about your account and subscription
  • To send important service updates and notifications

4.2 Security and Fraud Prevention

  • To authenticate your identity when you log in
  • To enforce our single-session restriction (one active session per account)
  • To detect and prevent unauthorized access, fraud, or abuse
  • To protect the security and integrity of our Service

4.3 Service Improvement

  • To analyze usage patterns and improve our Service (with your consent)
  • To understand which features are most valuable to users
  • To fix bugs and technical issues
  • To develop new features and functionality

4.4 Communication

  • To respond to your inquiries and support requests (submitted via the in-app support form or email)
  • To send you service-related notifications (account updates, subscription changes)
  • To provide customer support

4.5 Legal Compliance

  • To comply with applicable laws and regulations
  • To respond to legal requests or court orders
  • To protect our rights and the rights of our users

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal data to third parties. We may share your data only in the following circumstances:

5.1 Service Providers

We share data with trusted third-party service providers who assist us in operating our Service:

  • Stripe: For payment processing and subscription management. Stripe is a PCI DSS Level 1 certified payment processor. All card details are collected on Stripe's hosted checkout pages and processed directly by Stripe — we never receive, transmit, or store your card number or CVV
  • Hosting providers: For secure data storage and infrastructure
  • Analytics providers (with consent): Such as Google Analytics for usage analytics

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your data if required by law, court order, or government regulation, or if we believe disclosure is necessary to:

  • Comply with legal obligations
  • Protect our rights, property, or safety
  • Protect the rights, property, or safety of our users or others
  • Investigate fraud or security issues

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account data: Retained while your account is active and for a reasonable period after account closure
  • Subscription data: Retained for the duration of your subscription and as required for financial record-keeping
  • Session data: Retained for security purposes and automatically purged after inactivity
  • Bookmarks and notes: Retained while your account is active; deleted upon bookmark removal or account deletion
  • User preferences: Retained while your account is active; deleted upon account deletion
  • Push notification data: Retained while push notifications are enabled; deleted when you disable notifications or close your account
  • Support request data: Retained for the duration necessary to resolve your inquiry and for quality assurance purposes
  • Analytics data: Retained in accordance with our analytics provider's retention policies

We periodically review and delete data that is no longer necessary for the purposes for which it was collected.

7. Your Rights

Depending on your location, you have the following rights regarding your personal data:

7.1 Right of Access

You have the right to request access to the personal data we hold about you, including:

  • What data we have collected
  • How we use your data
  • Who we share your data with

7.2 Right of Rectification

You have the right to request correction of inaccurate or incomplete personal data. You can update most of your account information directly through your account settings, including your password and notification preferences.

7.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data, subject to certain limitations (e.g., we may need to retain some data for legal or contractual reasons). To request account deletion, please contact us at support@bekodia.com. Upon deletion, all your account data, bookmarks, notes, preferences, and push subscription data will be permanently removed.

7.4 Right to Object

You have the right to object to processing of your personal data for certain purposes, such as direct marketing or analytics.

7.5 Right to Restrict Processing

You have the right to request that we limit how we process your personal data in certain circumstances.

7.6 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another service provider.

7.7 Right to Withdraw Consent

If we process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing that occurred before withdrawal. You can withdraw analytics consent through your account settings, and disable push notifications at any time.

7.8 How to Exercise Your Rights

To exercise any of these rights, please contact us at support@bekodia.com or use the in-app support form. We will respond to your request within 30 days, subject to applicable law.

For verification purposes, we may require you to provide proof of identity before processing certain requests.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • Encryption: Data in transit is encrypted using SSL/TLS protocols
  • Secure Storage: Data at rest is stored in secure, encrypted databases
  • Access Controls: Access to personal data is restricted to authorized personnel only
  • Authentication: Strong authentication mechanisms protect account access
  • Regular Security Audits: We conduct regular security assessments and updates
  • PCI DSS Compliance: Payment card data is handled exclusively by Stripe (a PCI DSS Level 1 certified processor) on their hosted checkout pages — card details never touch our servers
  • Push Notification Encryption: Push notification payloads are encrypted using browser-generated keys before delivery

While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard security practices.

9. Data Accuracy and Veracity

You are responsible for ensuring that the personal data you provide to us is accurate, complete, and up-to-date. You agree to update your information promptly if it changes.

We are not liable for any consequences arising from inaccurate or outdated information you provide.

10. International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by data protection authorities
  • Adequacy decisions by relevant authorities
  • Other legally recognized transfer mechanisms

11. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

12. Third-Party Links

Our Service may contain links to third-party websites or services, including within our blog content and market analysis. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting a notice on our website
  • Sending an email to the address associated with your account
  • Displaying a prominent notice within the Service

The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: support@bekodia.com
  • In-App Support: Use the support form accessible from the navigation menu
  • Subject Line: Privacy Policy Inquiry

We will respond to your inquiry as soon as possible, typically within 30 days.

15. Supervisory Authority

If you are located in the EEA and believe we have not adequately addressed your privacy concerns, you have the right to file a complaint with your local data protection supervisory authority.

For questions about this Privacy Policy, please contact us at support@bekodia.com