Privacy Policy

    Last updated: February 2026

    1. Introduction

    EquiChamber ("we," "our," or "us") operates a real-time stock discussion platform that verifies stock ownership through brokerage integrations. This Privacy Policy describes how we collect, use, store, and protect your information when you use our platform.

    2. Information We Collect

    Account Information

    • Email address and display name (via Google sign-in or email registration)
    • Profile picture (if provided by your authentication provider)
    • Profile name you set within the platform

    Financial Information

    • Investment holdings data (stock symbols, quantities, prices) retrieved from your linked brokerage accounts via Plaid
    • Brokerage connection metadata (institution name, connection status)
    • We do not store your brokerage login credentials — authentication is handled entirely by Plaid

    Usage Data

    • Chat messages you post in stock discussion rooms
    • Discussion threads and replies
    • Ticker lists (bullish, bearish, watchlist) you create
    • Social interactions (follows)

    3. How We Use Your Information

    • To verify stock ownership and calculate investment scores for chat room access
    • To populate your portfolio data and provide insights such as market value, MOP metrics, and holding analysis using your Plaid investment data
    • To provide real-time stock discussion rooms limited to verified shareholders
    • To detect and prevent fraudulent or duplicate accounts (anti-sybil protection)
    • To deliver system notifications and alerts relevant to your account
    • To maintain and improve the platform

    4. How We Protect Your Information

    • Brokerage access tokens are encrypted at rest using AES-256-GCM encryption
    • All data in transit is encrypted via HTTPS with TLS 1.2 or higher
    • Sensitive identity data used for fraud detection is processed through one-way cryptographic hashes (SHA-256) and is not stored in its original form
    • Database access is restricted to the application layer only
    • API keys and credentials are stored in encrypted environment secrets, separate from application code

    5. Third-Party Services

    We use the following third-party services to operate the platform:

    • Plaid — To securely connect to your brokerage accounts and retrieve investment holdings. Plaid's use of your data is governed by their own privacy policy.
    • Firebase (Google) — For user authentication. Firebase's data handling is governed by Google's privacy policy.

    We do not sell your personal information to third parties.

    6. Data Retention and Deletion

    • You can disconnect any brokerage account at any time, which removes associated holdings data
    • You can delete your entire account through the Settings page, which permanently removes all your data including messages, holdings, connections, and profile information
    • Upon account deletion, all third-party access tokens are revoked to terminate external data access
    • Stale brokerage connections are automatically cleaned up after 7 days of inactivity

    7. Your Rights

    You have the right to:

    • Access your personal data through the platform's interface
    • Delete your account and all associated data at any time
    • Disconnect brokerage accounts to stop data syncing
    • Control your social presence (follow/unfollow other users)

    8. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify users of material changes through in-app notifications. Continued use of the platform after changes constitutes acceptance of the updated policy.

    9. Contact

    If you have questions about this Privacy Policy or our data practices, please contact us through the platform.