Privacy Policy

Last updated: March 31, 2026

1. Information We Collect

Account information: When you sign up, we collect your email address via Google OAuth or magic link authentication. For trial registration, we also collect your full name and firm name.

Payment information: Payment is processed entirely by Stripe. We do not store credit card numbers, bank account details, or other payment credentials on our servers. We store only your Stripe customer ID to link payments to your account. For NET30 invoicing (Institutional/Enterprise), invoice records are maintained through Stripe.

Usage data: We record which documents you analyze, watchlist configurations, signal alert settings, governance queries, earnings analytics requests, chat conversations with documents, and API usage logs. This data is used for service delivery, usage tracking, and service improvement.

Technical data: Standard server logs may include IP addresses, browser type, and request timestamps. API access logs include endpoint, key identifier, and request/response metadata. These are used for security, rate limiting, and debugging purposes.

2. How We Use Your Information

  • To provide the service: authenticate your account, process payments, deliver reports, manage watchlists, route signal alerts, and track usage against plan limits.
  • To deliver notifications: email digests, real-time filing alerts, Slack notifications, and webhook deliveries as configured by you.
  • To communicate with you: account-related notifications, trial expiration reminders, and service updates.
  • To improve the service: understand usage patterns and identify issues.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

3. Third-Party Services

We use the following third-party services:

  • Supabase — Authentication and database hosting. Your email, usage records, watchlists, and generated reports are stored on Supabase infrastructure with Row Level Security (RLS) for tenant isolation.
  • Stripe — Payment processing and invoicing. Subject to Stripe's Privacy Policy.
  • Anthropic (Claude AI)— Document analysis and report generation. Filing content is sent to Anthropic's API for processing. Subject to Anthropic's Privacy Policy.
  • EDINET— Source data. Corporate filings are retrieved from EDINET, a public disclosure system operated by Japan's Financial Services Agency.
  • Vercel — Application hosting.
  • Slack — If you configure Slack integration (Institutional/Enterprise), alert data is delivered to your designated Slack workspace. Subject to Slack's Privacy Policy.

Webhook endpoints: If you configure webhook delivery, data is transmitted to URLs you specify. Fugaku is not responsible for the privacy practices of your receiving infrastructure.

4. Data Retention

Account and usage data is retained for as long as your account is active. Generated reports, watchlists, and chat history are preserved across subscription changes (including trial expiration) and reactivate upon re-subscription.

If you request account deletion, we will remove your personal data within 30 days. Anonymized, aggregated usage statistics may be retained indefinitely. API access logs are retained for 90 days for security and debugging purposes.

5. Data Security

We use industry-standard security measures including: AES-256 encryption at rest, TLS 1.3 encryption in transit, secure authentication tokens, and Row Level Security (RLS) for strict tenant isolation — your queries, watchlists, reports, and API usage are never visible to other accounts. API keys are stored as hashed values. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated data.
  • Export your data in a portable format.
  • Revoke API keys and disconnect integrations (Slack, webhooks) at any time.

To exercise these rights, reach out via our contact form.

7. Cookies

We use only essential cookies required for authentication and session management. We do not use tracking cookies, advertising cookies, or analytics cookies.

8. Changes to This Policy

We may update this policy at any time. Material changes will be communicated via the email associated with your account. Continued use of the service after changes constitutes acceptance.

9. Contact

For privacy-related inquiries, reach out via our contact form.

← Back to Fugaku