โ Back to White Stallion AI
White Stallion AI ("we", "our", "us", "the Service") is a personal wealth command centre application operated from Coimbatore, Tamil Nadu, India. This Privacy Policy explains how we collect, use, store, and protect your information when you use whitestallion.in or whitestallion.app.
We are committed to protecting your privacy and complying with India's Digital Personal Data Protection Act, 2023 (DPDP Act) and the European Union's General Data Protection Regulation (GDPR), where applicable.
1. Information We Collect
1.1 Information You Provide
- Account data: Name and email address when you sign in via Google OAuth
- Portfolio data: Files you upload (CSV broker statements, PDF CAS documents) โ this data is parsed locally in your browser and stored in your device's localStorage
- User preferences: Tab settings, watchlists, display choices you configure
- AI queries: Questions you ask Ask White Stallion (sent to Anthropic's Claude API for processing)
1.2 Information Collected Automatically
- Usage analytics: Anonymous event data (tab clicks, feature usage) to improve the product โ batched and sent via Vercel KV (no personally identifiable information beyond an anonymous user ID)
- Technical data: Browser type, device type, IP address, access times (standard web server logs)
- Cookies and local storage: We use localStorage to persist your portfolio and preferences on your device. We do not use tracking cookies for advertising.
1.3 Information We Do NOT Collect
- We never store your bank credentials, broker passwords, or trading platform logins
- We never execute trades on your behalf
- We never sell, rent, or monetize your personal data to third parties
- Uploaded portfolio files are parsed locally โ the raw data does not leave your browser unless you explicitly use the AI parse feature
2. How We Use Your Information
- To provide core portfolio tracking and analysis features
- To personalize recommendations and insights using your own data
- To process AI queries when you use Ask White Stallion or AI-powered features
- To send critical service notifications (rare, account-related only)
- To improve the product through anonymous aggregated usage analytics
- To comply with legal obligations (e.g., SEBI, RBI inquiries if applicable)
3. Data Storage and Security
Where your data lives:
- In your browser (primary): Portfolio holdings, uploaded files, preferences, watchlists โ stored in localStorage on your device
- On Vercel servers (secondary): Authentication tokens (Google OAuth), anonymous analytics events, cached public market data
- On Anthropic servers (transient): AI query content โ processed by Claude and discarded per Anthropic's data retention policy
Security measures:
- All data in transit is encrypted via HTTPS/TLS
- Content Security Policy (CSP) headers restrict script execution
- HTTP Strict Transport Security (HSTS) enforces encrypted connections
- No sensitive financial credentials are ever transmitted or stored by us
4. Third-Party Services
We use the following third-party services, each with their own privacy policies:
5. Your Rights Under DPDP Act and GDPR
You have the following rights regarding your personal data:
- Right to access: Request a copy of the data we hold about you
- Right to correction: Request correction of inaccurate data
- Right to erasure: Request deletion of your account and data ("right to be forgotten")
- Right to data portability: Export your portfolio data at any time from Settings
- Right to withdraw consent: Sign out and clear localStorage at any time
- Right to grievance redressal: Contact us using the details below
Most of your data is in your browser's localStorage โ you can clear it anytime from browser settings, which deletes that data permanently.
6. Data Retention
- Browser data: Retained on your device until you clear it or uninstall
- Authentication data: Retained while your account is active; deleted within 30 days of account deletion
- Analytics data: Aggregated anonymous events retained for 90 days
- AI query logs: Retained by Anthropic per their retention policy (typically โค30 days)
7. Children's Privacy
White Stallion AI is not intended for users under 18. Financial and investment decisions require legal adulthood. We do not knowingly collect data from minors. If we learn we have collected data from a minor, we will delete it promptly.
8. Advertising and Google AdSense
We may display advertisements served by Google AdSense to support the free tier of the Service. AdSense uses cookies and similar technologies to serve ads based on your interests.
9. Investment Disclaimer
White Stallion AI is a tracking and analytics tool, not a registered investment adviser. Nothing on this platform constitutes financial, tax, or legal advice. All investment decisions are your responsibility. Consult a SEBI-registered investment adviser for personalized advice. Past performance does not guarantee future results.
10. International Data Transfers
Our servers are hosted on Vercel, which uses global content delivery infrastructure. Your data may be processed in the United States, European Union, or other regions. Where data is transferred outside India, we ensure appropriate safeguards are in place.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via the app interface. The "Last updated" date above reflects the most recent revision.
12. Contact and Grievance Officer