Privacy Policy

Last updated: May 2026

1. Introduction & Scope

QuantStack ("we", "us", "our") operates the QuantStack quantitative stock screening platform at quantstack.com (the "Service"). This Privacy Policy explains how we collect, use, store, and protect personal data when you use our Service.

This policy applies to all users of QuantStack, including visitors, registered users, and paying subscribers. By using the Service, you acknowledge that you have read and understood this policy.

2. Data We Collect

Account Information

When you register, authentication is handled by Clerk (our identity provider). We receive and store your name, email address, and account identifiers provided by Clerk. We do not store passwords — Clerk manages credential security on our behalf.

Usage Data

We collect data about how you use the Service, including: screening scans you run, quantitative models you select, universes you create or save, backtest configurations, and feature interactions. This data is used to improve the platform and to enforce subscription usage limits.

Payment Information

All payment processing is handled by Stripe. We do not store your credit card numbers, CVV codes, or full payment details. We retain Stripe customer IDs and subscription status to manage your account and billing.

Log Data

Our servers automatically collect log data, including your IP address, browser type and version, operating system, referring URLs, pages visited, and timestamps of requests. This data is used for security, debugging, and operational monitoring.

3. How We Use Your Data

  • Provide the Service: process your screening requests, display results, and maintain your account.
  • Billing & Subscriptions: manage your subscription tier, enforce usage limits, and process renewals via Stripe.
  • Analytics & Improvement: understand how features are used in aggregate to improve the platform.
  • Security: detect and prevent fraudulent activity, unauthorized access, and abuse.
  • Legal Compliance: comply with applicable laws, regulations, and lawful requests from authorities.
  • Communication: send service notifications, security alerts, and (with your consent) product updates.

4. Data Retention

Data TypeRetention Period
Account data (name, email, preferences)While account is active + 30 days after deletion
Usage logs (scans, model runs)1 year
Security & audit logs2 years
Billing records7 years (legal/tax requirement)

5. Third-Party Services

Clerk— Authentication and identity management. Clerk processes your email and password on our behalf. See Clerk's privacy policy at clerk.com/privacy.
Stripe — Payment processing. Stripe stores your payment method details. We share only the minimum necessary billing information with Stripe. See stripe.com/privacy.
Sentry — Error tracking and performance monitoring. Sentry may receive anonymized technical diagnostics. We configure Sentry to exclude PII from error reports.
Tiingo & SETSMART — Market data providers. These services provide financial data to power our screening platform. No personal data about you is shared with these providers.

6. Your Rights

You have the following rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you.
  • Correction: request correction of inaccurate or incomplete data.
  • Deletion: request deletion of your account and associated data, subject to retention requirements above.
  • Data Portability: request your data in a structured, machine-readable format.
  • Objection: object to processing for direct marketing or where processing is based on legitimate interests.

To exercise any of these rights, email privacy@quantstack.com. We will respond within 30 days.

7. Cookies

QuantStack uses session cookies issued by Clerk to maintain your authenticated session. These cookies are strictly necessary for the Service to function and do not track you across third-party websites.

We do not use third-party advertising cookies or cross-site tracking technologies. No data is shared with advertising networks.

8. Security

We apply industry-standard security measures to protect your data:

  • All data in transit is encrypted using TLS 1.2 or higher.
  • Data at rest is encrypted using AES-256.
  • Sensitive fields (e.g., API keys) use field-level encryption.
  • Authentication is delegated to Clerk with JWT verification on every API request.
  • Access to production systems is restricted to authorized personnel only.

To report a security vulnerability, contact security@quantstack.com.

9. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes — such as new categories of data collection or new third-party recipients — we will notify you by email at least 14 days before the change takes effect. Continued use of the Service after the effective date constitutes acceptance of the revised policy.

10. Contact

For privacy-related inquiries, contact us at privacy@quantstack.com.

QuantStack • quantstack.com