Privacy Policy

Last updated: 2026-05-06. Full policy text ships in W4. This stub governs current beta operation.

What we collect

When you use the AxisTruth API, we collect:

• Email address (signup only; used for magic-link auth and billing receipts)
• API usage counters (calls per month, per tier) — used for rate-limiting and Stripe billing only
• Server logs (IP address, timestamp, HTTP method + path, status code) — retained 30 days for abuse detection and performance monitoring

What we do NOT collect

• Portfolio composition, ticker symbols, or position sizes (API compute is stateless; holdings are discarded after each response)
• Passwords (magic-link auth only; no password is ever stored)
• Financial account numbers or brokerage credentials

How we use data

• Email: authentication + transactional email only (no marketing without explicit opt-in)
• Usage counters: billing computation + rate-limit enforcement via Stripe
• Server logs: abuse detection, SLA monitoring, debugging

Third parties

• Stripe — payment processing. Subject to Stripe’s privacy policy.
• Vercel — hosting. Edge logs retained per Vercel’s data retention policy.
• Vercel Analytics — anonymous page-view telemetry (no PII).

We do not sell, share, or aggregate your data for third-party advertising or data-broker purposes.

Data deletion

To delete your account and all associated data, email api@axistruth.com with subject line "Delete my account". We will process requests within 30 days.

Contact

Questions? api@axistruth.com