Stockboom

Privacy Policy

Last updated: 6 June 2026

This Privacy Policy explains how Stockboom collects, uses, and protects your personal data when you use the website at www.stockboom.pro and related services (the “Service”). The Service is operated by m2m jobs, based in Amsterdam, the Netherlands (“Stockboom”, “we”, “us”), which is the data controller for your personal data. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Dutch law. This policy forms part of our Terms and Conditions.

1. Data we collect

We collect the following categories of personal data:

  • Account data: your email address, and your name and profile image if you sign in with Google.
  • Authentication data: login credentials and session information, handled by our authentication provider. We do not store your password in plain text.
  • Preferences: the people you follow, your alert strictness, your chosen delivery channels, event reminders, and other settings.
  • Contact details for alerts: a phone number if you enable SMS or WhatsApp notifications.
  • Billing data: your plan, subscription status, and billing history. Card payments are handled by Stripe; we do not store full card numbers.
  • Usage and delivery data:notifications sent to you, alert usage counts, and similar records.
  • Technical data: IP address, device and browser information, and essential cookies or local storage needed to keep you signed in.

The public statements that Stockboom monitors come from third-party and publicly available sources and concern public figures, not our users.

2. How and why we use your data

We use your personal data for the following purposes, each with a legal basis under the GDPR:

  • To provide the Service (creating your account, delivering signals and reminders, applying your settings): performance of our contract with you.
  • To send notifications by email, SMS, or WhatsApp on the channels you choose: performance of our contract and, where required, your consent.
  • To handle billing and manage subscriptions: performance of our contract and compliance with legal obligations.
  • To secure and improve the Service, prevent fraud and abuse, and understand how it is used: our legitimate interests.
  • To send service messages (account, security, and billing notices): performance of our contract and our legitimate interests.
  • To send marketing, where you have opted in: your consent, which you can withdraw at any time.
  • To comply with the law and respond to lawful requests: compliance with legal obligations.

3. Service providers we share data with

We do not sell your personal data. We share it only with service providers (processors) who help us run the Service, under contracts that require them to protect it and use it only on our instructions. These include:

  • Supabase for our database, authentication, and storage;
  • Stripe for payment processing and subscription management;
  • Resend for sending email;
  • Twilio for sending SMS and WhatsApp messages;
  • Vercel for hosting and infrastructure;
  • OpenAI for automated classification of public statements (this processes public source content, not your account data).

We may also disclose data where required by law, to enforce our terms, or in connection with a business transfer such as a merger or acquisition.

4. International transfers

Some of our providers are located outside the European Economic Area, including in the United States. Where we transfer personal data outside the EEA, we rely on appropriate safeguards, such as the European Commission’s Standard Contractual Clauses or an adequacy decision, to protect your data.

5. How long we keep data

We keep your account data for as long as your account exists. When you delete your account, we delete or anonymise your personal data, except where we must retain certain records to comply with legal obligations (for example, billing and tax records) or to resolve disputes.

Operational data is kept on a rolling basis: raw and detected signals are typically retained for around 30 days and notification records for around 90 days, after which they are pruned.

6. Your rights

Under the GDPR you have the right to access your personal data, to have it corrected or erased, to restrict or object to its processing, to data portability, and to withdraw any consent you have given (which does not affect processing before withdrawal). You can exercise many of these directly: you can update your settings and permanently delete your account from within the app. To make any other request, contact us using the details below.

You also have the right to lodge a complaint with a supervisory authority. In the Netherlands this is the Autoriteit Persoonsgegevens.

7. Cookies and similar technologies

We use cookies and local storage that are strictly necessary to operate the Service, mainly to keep you signed in and to keep your session secure. We do not use these essential technologies for advertising.

8. Security

We take reasonable technical and organisational measures to protect your personal data against loss, misuse, and unauthorised access, including access controls and encryption in transit. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

9. Children

The Service is not intended for anyone under 18, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can remove it.

10. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you, for example by posting the updated policy with a new “last updated” date or by contacting you. Your continued use of the Service after the changes take effect constitutes acceptance of the updated policy.

11. Contact

Questions about this policy or your personal data? Contact us at hello@stockboom.pro or through the support options in the app.

Back to sign up