1. Data controller
The data controller is computo.app, operating Computo as an individual service provider under Argentina's monotributo regime, reachable at [email protected]. For privacy-specific requests, use the same address with "Privacy request" in the subject line.
2. Information we collect
Account data: email address, name, profile image, and language preference when you sign up via Google OAuth or email OTP. Service data: watchlists, alert rules (including optional notes), alert firing history and delivery metadata, manual portfolio accounts (Comitentes) and position quantities you enter, and subscription status. Session data: authentication tokens, IP address, and browser user-agent stored by our auth system. Usage data: pages visited and feature interactions via privacy-oriented analytics (Umami), only if you accept analytics cookies. Technical logs: server, error, and security logs in our observability stack (OpenObserve). We do not connect to or collect data from your brokerage accounts.
3. Legal bases for processing
Where applicable (including GDPR), we process personal data on the following bases: (a) contract — to provide the service you signed up for; (b) legitimate interests — security, fraud prevention, service reliability, and aggregated product improvement; (c) consent — analytics cookies and optional marketing emails where offered; (d) legal obligation — tax, billing, and regulatory retention requirements.
4. How we use your information
We use your data to authenticate you, store and evaluate alerts and watchlists, deliver email notifications, process subscriptions, respond to support requests, maintain security, and improve reliability. We do not sell or share your personal information for cross-context behavioral advertising. We do not use your watchlist, alert configuration, or portfolio entries for advertising.
5. Email communications
Transactional emails (alert triggers, account security, billing receipts) are essential to the service and are sent via Resend. Lifecycle emails (such as welcome messages) may be sent based on account activity. Marketing emails, if any, include an unsubscribe option. Alert emails cannot be disabled without deleting the underlying rules or your account.
6. Third-party processors
We share data only with vendors that help us run Computo: Google (OAuth authentication), Resend (email delivery), Creem (payments and subscription billing as merchant of record), Cloudflare (CDN, DNS, and security), Umami (privacy-oriented analytics), OpenObserve (server logs), our VPS hosting provider, and market-data providers (symbol quotes and corporate events — not linked to your identity beyond what is needed to evaluate your alerts). Each processor operates under its own terms and, where applicable, data-processing agreements.
7. International data transfers
Computo is operated from Argentina, but our infrastructure and subprocessors may process data in the United States, the European Union, and other countries. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms recognized by applicable law.
8. Cookies and local storage
We use essential cookies for authentication sessions and language preference (computo-lang). Analytics cookies (Umami) are loaded only if you accept them via our cookie banner. We also use local storage for cookie-consent preferences. See our Cookie Policy for details.
9. Data retention
We retain account, alert, and portfolio data while your account is active. If you delete your account, we remove or anonymize personal data within a reasonable period, except where retention is required for legal, billing, or security purposes (e.g. payment records kept by Creem). Server logs are rotated on a rolling basis.
10. Security
We use industry-standard measures including encrypted connections (HTTPS/TLS), session management via Better Auth, and access controls on production infrastructure. No method of transmission or storage is 100% secure; notify us at [email protected] if you believe your account has been compromised.
11. Your rights
Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal data, and to object to or restrict certain processing. We do not sell personal information as defined by the California Consumer Privacy Act (CCPA/CPRA). Contact [email protected] to exercise your rights. Argentine users may contact the Agencia de Acceso a la Información Pública (AAIP). Brazilian users may contact us regarding LGPD rights. EU/EEA users may lodge a complaint with their local supervisory authority.
12. Children
Computo is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will delete it.
13. Data breach notification
If we become aware of a personal-data breach that is likely to result in a risk to your rights, we will notify affected users and relevant authorities as required by applicable law, without undue delay.
14. Changes and contact
We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated date. Continued use after changes constitutes acceptance. Questions: [email protected].