Privacy Policy
Last updated: 5 July 2026
This Privacy Policy explains how StockFisher (“StockFisher”, “we”, “us”, or “our”) collects, uses, shares, and protects your personal data when you use the StockFisher mobile application and website (together, the “Service”). We are committed to protecting your privacy and handling your data in line with the EU General Data Protection Regulation (GDPR) and applicable Spanish data-protection law.
1. Who we are
The data controller responsible for your personal data is Norman Coloma García, an individual established in Spain, operating the StockFisher service. For any privacy question or to exercise your rights, contact us at [email protected].
2. Information we collect
Information you provide
- Account data — when you sign in (including via Google Sign-In), we receive your name, email address, and profile identifier.
- Watchlist & preferences — the stocks you track, alert thresholds, notification channels, and settings you configure.
- Payment data — when you subscribe to a paid plan, billing is handled by our payment processor. We receive limited billing details (such as plan, status, and the last payment amount) but we do not store your full card number.
- Communications — messages you send us for support or enquiries.
Information collected automatically
- Usage data — how you interact with the Service (features used, reports generated, timestamps).
- Device & technical data — device type, operating system, app version, IP address, and diagnostic data.
- Push notification tokens — a device token so we can deliver alerts you have enabled.
- Cookies and similar technologies — see “Cookies” below.
Information from third parties
- Authentication providers (e.g. Google) — basic profile information you authorise them to share.
- Payment processor — subscription and payment status.
3. How we use your information
- Provide, operate, and maintain the Service and your account.
- Monitor your tracked stocks and send the price-drop, boost, and digest alerts you enable, by push and/or email.
- Generate AI stock reports and other insights you request.
- Process subscriptions, trials, payments, and manage plan changes.
- Provide customer support and respond to your requests.
- Improve, secure, and troubleshoot the Service, and prevent fraud and abuse.
- Comply with legal obligations.
4. Legal bases for processing (GDPR)
- Performance of a contract — to provide the Service, your account, alerts, and subscription.
- Consent — for optional notifications and certain analytics; you may withdraw consent at any time.
- Legitimate interests — to secure, improve, and promote the Service, where not overridden by your rights.
- Legal obligation — to meet accounting, tax, and other legal requirements.
5. How we share your information
We do not sell your personal data. We share it only with service providers (processors) who help us run the Service, and only as needed. These may include:
- Cloud hosting & infrastructure (e.g. Google Cloud) and content delivery (e.g. Cloudflare).
- Authentication (e.g. Google Sign-In).
- Payments (our payment processor, e.g. Stripe) and, where applicable, the Apple App Store or Google Play.
- Push notifications (e.g. Firebase Cloud Messaging) and email delivery providers.
- Market data and AI providers used to power charts, history, and stock reports.
- Analytics providers to understand and improve usage.
We may also disclose data if required by law, to enforce our terms, to protect our rights and users, or in connection with a merger, acquisition, or sale of assets.
6. International data transfers
Some providers may process data outside the European Economic Area. Where they do, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or an adequacy decision.
7. Data retention
We keep your personal data for as long as your account is active and as needed to provide the Service. After you close your account, we delete or anonymise your data within a reasonable period, except where we must retain it to meet legal, tax, or accounting obligations or to resolve disputes.
8. Security
We use technical and organisational measures — including encryption in transit, access controls, and secure infrastructure — to protect your data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
9. Your rights
Subject to applicable law, you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate or incomplete data.
- Erase your data (“right to be forgotten”).
- Restrict or object to certain processing.
- Data portability.
- Withdraw consent at any time, without affecting prior processing.
To exercise these rights, email [email protected]. You also have the right to lodge a complaint with the Spanish Data Protection Agency (Agencia Española de Protección de Datos, www.aepd.es) or your local supervisory authority.
10. Cookies and similar technologies
Our website uses only strictly necessary cookies required for it to function; it does not use analytics, advertising, or tracking cookies. If we introduce analytics or other non-essential cookies in the future, we will ask for your consent first. Our mobile app uses local storage and identifiers to keep you signed in and to deliver notifications. You can control cookies through your browser or device settings.
11. Children’s privacy
The Service is not directed to, and is not intended for use by, anyone under 18. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.
12. Third-party links
The Service may link to third-party sites or services. We are not responsible for their privacy practices; please review their policies.
13. Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated version here with a new “Last updated” date and, where appropriate, notify you in the app or by email.
14. Contact us
Questions about this policy or your data? Email [email protected].