Privacy policy

Børs is operated by the team behind børs.net. When this policy says "we", "us", or "Børs", it refers to that team. If you have questions about this policy or your personal data, contact us at hello@børs.net.

We collect the minimum needed to run the service:

• Account data: email address, authentication identifiers, and a hashed password (when you use email + password).
• Preferences: your watchlist tickers, sound/browser/SMS alert settings, and phone number if you opt into SMS.
• Usage data: aggregated visit counts and page views via privacy-respecting analytics. We do not build advertising profiles.
• Operational logs: short-lived request logs used for security, rate-limiting, and debugging.

We use your data to:

• Authenticate you and keep your account secure.
• Deliver the disclosures, prices, and alerts you asked for.
• Improve the product based on anonymized usage patterns.
• Communicate about service changes, security issues, or items you explicitly opted into.

We process your data under the following bases under the EU/EEA General Data Protection Regulation (GDPR):

• Contract: to provide the service you signed up for.
• Consent: for optional features like SMS alerts and analytics (where required).
• Legitimate interest: security monitoring and abuse prevention.

We do not sell your data. We share the minimum necessary with a small set of trusted processors:

• Supabase — authentication, database, realtime.
• Vercel — hosting, edge delivery, analytics.
• Twilio — SMS delivery (only if you enable SMS).
• Market data and news providers where required to display public disclosures.

Each provider is bound by a data-processing agreement or equivalent contractual terms.

Data is stored on infrastructure located in the European Union. When processors require transfers outside the EU/EEA, transfers rely on the EU Standard Contractual Clauses or equivalent safeguards.

We keep your account data for as long as the account is active. If you delete your account, we remove your email, preferences, and watchlist permanently and the underlying authentication record within 30 days. Short-lived operational logs are kept no longer than 90 days.

You have the right to access, correct, export, and delete your personal data, and to object to or restrict certain processing. You can:

• Delete your account any time from Settings.
• Email us at hello@børs.net for data export or any other request.
• Lodge a complaint with your national data protection authority.

We use strictly necessary cookies for authentication and session management. If we later add non-essential analytics or marketing cookies, we will ask for your consent first and show a cookie preferences control on this page.

All traffic is encrypted in transit. Passwords are hashed. Sensitive operations (account deletion, credential changes) require an active session. If we ever discover a breach affecting your data, we will notify you without undue delay and, where required, within 72 hours.

Børs is not directed at children under 16 and we do not knowingly collect data from them. If you believe a child has created an account, contact us and we will delete it.

We may update this policy as the service evolves. When we do, we post the revised version here and update the "Last updated" date. Material changes will be announced in-app or by email.