MarketIntel

Privacy Policy

Version 1.0 · Effective May 25, 2026 · Operated by VisAI Group LLC

This Privacy Policy describes what data MarketIntel collects, why, how long we keep it, who we share it with, and how you can access or delete it. Plain English where possible; legal precision where required.
Contents
  1. 1. The Short Version
  2. 2. Who We Are
  3. 3. What We Collect
  4. 4. How We Use Your Data
  5. 5. Service Providers We Share Data With
  6. 6. How Long We Keep Your Data
  7. 7. Your Rights
  8. 8. How to Delete Your Data
  9. 9. How We Protect Your Data
  10. 10. Children
  11. 11. Notice to California Residents (CCPA / CPRA)
  12. 12. Changes to This Privacy Policy
  13. 13. Contact

1. The Short Version

MarketIntel is designed to work without a user account. By default we identify you only by an anonymous device identifier generated on first launch — we do not require your name, email, phone number, or government ID.

We collect the minimum data needed to make the product useful (the markets you bookmark, your subscription tier, your support tickets) and a small amount of anonymous product-usage telemetry (which screens you viewed, which markets you tapped) so we can improve the app.

We do NOT sell your data. We do NOT show ads. We do NOT track you across other apps or websites.

If any of this changes materially, we will update this Privacy Policy and bump the version number shown at the bottom.

2. Who We Are

MarketIntel is operated by VisAI Group LLC, a Wyoming limited liability company. For privacy questions, contact [email protected].

For purposes of this Privacy Policy, VisAI Group LLC is the "data controller" of any personal data processed within MarketIntel.

3. What We Collect

We collect three categories of data:

(a) Default — collected from every user, used to operate the Service:

  • A randomly-generated anonymous device identifier (e.g. "device_1779685394919_d19wb5us7"). This is not your Apple ID, Google ID, IDFA, or any cross-app identifier.
  • Your subscription tier, billing period, and subscription usage counters (e.g. how many AI analyses you've used this month).
  • The markets you bookmark to your watchlist.
  • Your personal prediction "calls" (the "I think YES / NO" tracking feature) and their associated snapshots.
  • Anonymous product-interaction events (which screens you viewed, which markets you tapped, how long sessions lasted). These events are keyed to your device identifier only — no email, name, or other personal data.
  • Anonymous diagnostic data (crash reports, error stack traces, performance metrics).

(b) Optional — collected only if you choose to use a feature that requires it:

  • If you create a "Recovery-Code Account" (an optional feature that lets you restore your watchlist and subscription on a new device): your email address, a chosen short nickname, and a one-way cryptographic hash of your recovery code. We never store the plaintext recovery code.
  • If you include an email in a Support ticket: that email address, used solely for follow-up.
  • If you enable push notifications: a push token issued by Apple or Google.
  • The full subject and body of any Support ticket you submit.

(c) Inferred — derived from the above to make the app useful:

  • A category-affinity profile derived from which markets you bookmark and tap (e.g. "interested in Crypto and Politics") — used solely to personalize the "For You" rail. Stored only on our servers, not shared with third parties.

What we do NOT collect:

  • Your name, postal address, phone number, government ID, or date of birth.
  • Precise or coarse geolocation.
  • Your contacts, photo library, microphone audio, or camera feed.
  • Your browsing history outside MarketIntel.
  • Any data from other apps on your device.
  • Any financial data — Apple In-App Purchase handles all subscription payments; we never see your payment card.

4. How We Use Your Data

We use the data described above to:

  • Operate the product (show you the markets you bookmarked, count your AI analyses against your subscription's monthly cap, render your "For You" rail, etc.).
  • Diagnose and fix bugs (anonymous crash reports and error logs).
  • Improve the product (anonymous product-usage analytics tell us which features matter to users so we can prioritize accordingly).
  • Respond to your support tickets.
  • Send transactional emails IF you have opted into a feature that requires it (e.g. account recovery, push-token registration).
  • Comply with legal obligations, enforce our Terms, and protect against fraud or abuse.

We do NOT use your data to:

  • Advertise to you inside or outside MarketIntel.
  • Sell, lease, or trade to data brokers, marketers, or any third party.
  • Train large-language models (your support-ticket text is read only by humans on our team; nothing is bulk-uploaded to OpenAI or Anthropic for training).
  • Build a cross-app advertising profile.

5. Service Providers We Share Data With

To operate MarketIntel we route certain data through a small set of third-party service providers. Each is bound by their own privacy policy and the data-processing agreement we have on file.

  • OpenAI (GPT-5.2) and Anthropic (Claude Sonnet 4.5) — receive the text of your AI-analysis prompt and the contextual market metadata needed to generate a response. They do NOT receive your device identifier or any account data. OpenAI and Anthropic both contractually state they do not use API inputs to train their models without explicit opt-in.
  • Sentry — receives anonymized crash reports and error stack traces (keyed only by a one-way hashed install identifier).
  • PostHog — receives anonymized in-product analytics events (which screens, which taps), keyed by your device identifier. We have configured PostHog with IP-anonymization on and do NOT enable session-replay recording.
  • Apple In-App Purchase — processes all subscription payments. We never see your payment card number, name, address, or any other Apple ID data.
  • MongoDB Atlas (or equivalent managed database) — stores all the data described in §3 in encrypted-at-rest form, hosted on AWS infrastructure in the United States.
  • TheSportsDB — provides the sports schedules and scores you see in the Sports tab. We send only a league code (e.g. "NBA"); we do NOT send any user-identifying data to TheSportsDB.

We do NOT sell your data to any party. We will only disclose data to a third party that is NOT on this list if: (a) we are legally compelled to do so (subpoena, court order); (b) you explicitly ask us to (e.g. as part of a support escalation); (c) a future business combination occurs (acquisition or merger), in which case we will notify you in-app before any transfer.

6. How Long We Keep Your Data

We keep your data only as long as it is useful for the purposes stated above:

  • Your account, watchlist, calls, and subscription data: as long as your device identifier remains active, plus twenty-four (24) months after your last app activity, after which it is purged automatically.
  • Anonymous analytics events: 90 days from collection (a TTL index on the database collection enforces this automatically).
  • AI matching logs (used to improve question-to-market resolution): 90 days from collection (TTL-enforced).
  • Support tickets: 24 months from creation, or longer if there is an ongoing legal matter.
  • Crash reports: 30 days in Sentry, then automatically purged by Sentry.
  • Backups: encrypted point-in-time snapshots are kept for up to 30 days for disaster-recovery purposes.

You can request earlier deletion at any time by following §8 below.

7. Your Rights

Regardless of where you live, you have the following rights with respect to your data:

  • The right to know what we have collected about you (see §3 above for the comprehensive list).
  • The right to access a copy of your data in a portable format.
  • The right to request correction of any inaccurate data.
  • The right to request deletion of your data ("right to be forgotten").
  • The right to opt out of any optional data collection (e.g. revoke email, disable push notifications, opt out of analytics).
  • The right to lodge a complaint with your local data-protection authority if you believe we have mishandled your data.

For California residents: California Consumer Privacy Act ("CCPA") and California Privacy Rights Act ("CPRA") additional rights are described in §11 below.

For European Economic Area and United Kingdom residents: the General Data Protection Regulation ("GDPR") and UK GDPR provide you with the rights described above, plus the right to data portability and the right to restrict processing. The lawful basis we rely on is "legitimate interest" (for product operation and analytics) and "consent" (for optional features like Recovery-Code accounts and push notifications).

8. How to Delete Your Data

We are designing a self-service "Delete my data" option for a future release. Until that ships, please email [email protected] from the email address you used to create your Recovery-Code Account (if any), OR include your device identifier in the message (visible in Settings → Account in-app), and we will permanently delete your data within thirty (30) days of receipt.

Note: Some data may persist in encrypted backups for up to thirty (30) additional days as the rolling backup window expires. Backup copies are never accessed except in a verified disaster-recovery scenario.

Note: If you delete your data while on a paid subscription, the subscription's auto-renewal continues until you separately cancel it from iOS Settings → [your Apple ID] → Subscriptions → MarketIntel.

9. How We Protect Your Data

We use industry-standard safeguards proportionate to the sensitivity of the data:

  • All data in transit between your device and our servers is encrypted via HTTPS / TLS 1.3.
  • All data at rest in our database is encrypted via the database provider's managed AES-256 encryption.
  • Recovery-code plaintext is NEVER stored — only a one-way cryptographic hash. Even VisAI Group LLC engineers cannot recover your plaintext code if you lose it.
  • Access to production data is limited to engineers with a documented operational need, secured behind multi-factor authentication.
  • We log all production-data access and review logs periodically for anomalies.
  • Sub-processors (OpenAI, Anthropic, Sentry, PostHog, MongoDB Atlas, Apple, TheSportsDB) are bound by their own enterprise-grade security commitments.

No security model is perfect. If we ever experience a data incident that affects you, we will notify you in-app and, where you have provided one, via email, within the timeframes required by applicable law (typically 72 hours from confirmation).

10. Children

MarketIntel is intended for adult users (21+ in compliance with the financial-and-event-outcome subject matter; see Terms §4). We do not knowingly collect personal data from children under the age of 13. If you believe a child has provided us data, please email [email protected] and we will delete it promptly.

11. Notice to California Residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act and California Privacy Rights Act grant you the following additional rights:

(a) Right to Know — request a copy of the specific categories and pieces of personal information we have collected about you, the categories of sources, the business purpose, and the categories of third parties with whom we share it. The answer to all three is in §3, §4, and §5 above.

(b) Right to Delete — request deletion of your personal information; see §8.

(c) Right to Correct — request correction of inaccurate personal information.

(d) Right to Opt Out of Sale or Sharing — we do not "sell" personal information as that term is defined under the CCPA, and we do not "share" it for cross-context behavioral advertising. There is no opt-out toggle because we don't engage in those activities to begin with.

(e) Right to Limit Use of Sensitive Personal Information — we do not collect sensitive personal information as defined under the CCPA.

(f) Right to Non-Discrimination — we will not deny service, charge different prices, or provide a lower-quality product because you exercise any of the above rights.

To exercise any of these rights, email [email protected] with the subject line "CCPA Request" and a verifiable description of your data (such as the device identifier visible in Settings → Account, or the email used for a Recovery-Code Account). We will respond within 45 days.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Effective Date" and "Version" at the bottom of this document will be updated whenever it changes. We will surface a non-blocking in-app notice for any material change (such as adding a new sub-processor or a new category of data collection) before that change takes effect.

We will NOT silently expand the scope of data collection. If you do not agree with an update, you may stop using MarketIntel and request deletion of your data per §8.

13. Contact

Questions, requests, or complaints about this Privacy Policy: [email protected].

For non-privacy support, use the in-app feedback button (the floating chat-bubble icon) or the Help & Glossary screen.

Effective Date: ${PRIVACY_EFFECTIVE_DATE}. Version: ${PRIVACY_VERSION}.