개인정보 보호정책

1. Introduction and Data Controller Information

This Privacy Policy describes how Intratio SPRL ("Intratio," "we," "us," or "our"), a company incorporated under Belgian law, collects, uses, processes, and protects your personal information when you use our AI-powered stock forecasting and investment analysis platform.

Data Controller:

BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO THIS PRIVACY POLICY AND CONSENT TO THE PROCESSING OF YOUR PERSONAL DATA AS DESCRIBED HEREIN.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

• Consent (Article 6(1)(a)): When you explicitly consent to specific processing activities
• Contract (Article 6(1)(b)): To perform our contractual obligations and provide services
• Legal Obligation (Article 6(1)(c)): To comply with applicable laws and regulations
• Legitimate Interests (Article 6(1)(f)): For business operations, security, and service improvement
• Vital Interests (Article 6(1)(d)): To protect your or others' vital interests

3. Information We Collect

3.1 Personal Information

3.2 Technical Information

3.3 Communication Data

4. How We Use Your Information

We use your personal data for the following purposes:

4.1 Service Provision

• Providing AI-powered stock predictions and market analysis
• Personalizing investment recommendations and insights
• Managing your account and subscription services
• Processing payments and billing
• Providing customer support and technical assistance

4.2 Platform Improvement

• Enhancing AI algorithms and prediction accuracy
• Analyzing usage patterns to improve user experience
• Developing new features and services
• Conducting research and analytics

4.3 Security and Compliance

• Detecting and preventing fraud, abuse, and security threats
• Complying with legal obligations and regulatory requirements
• Enforcing our Terms of Service and policies
• Protecting our rights and interests

4.4 Marketing and Communication

• Sending service-related notifications and updates
• Providing educational content about investing
• Marketing communications (with your consent)
• Newsletter and promotional materials

5. Data Sharing and Disclosure

WE DO NOT SELL YOUR PERSONAL DATA TO THIRD PARTIES. We may share your information in the following limited circumstances:

5.1 Service Providers

• Cloud hosting and infrastructure providers
• Payment processors and billing services
• Email and communication service providers
• Analytics and monitoring services
• Customer support platforms

All service providers are bound by strict confidentiality agreements and data processing agreements compliant with GDPR.

5.2 Legal Requirements

• Court orders, subpoenas, or legal process
• Regulatory investigations or compliance requirements
• Law enforcement requests with proper legal basis
• Protection of our rights, property, or safety
• Prevention of fraud or illegal activities

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to equivalent privacy protections.

6. International Data Transfers

Your personal data may be processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure adequate protection through:

• European Commission adequacy decisions
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (BCRs)
• Certification schemes and codes of conduct
• Other appropriate safeguards as required by GDPR

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

• Account Data: Retained while your account is active plus 7 years for legal compliance
• Transaction Records: Retained for 7 years for tax and regulatory compliance
• Usage Analytics: Aggregated data retained indefinitely; personal identifiers removed after 3 years
• Marketing Data: Retained until consent is withdrawn or 3 years of inactivity
• Legal Claims: Retained as long as legally required or until claims are resolved

8. Your Privacy Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

8.1 Access and Portability

• Right of Access: Request copies of your personal data
• Data Portability: Receive your data in a structured, machine-readable format

8.2 Correction and Deletion

• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data

8.3 Processing Control

• Right to Restrict Processing: Limit how we process your data
• Right to Object: Object to processing based on legitimate interests
• Consent Withdrawal: Withdraw consent at any time

8.4 Exercising Your Rights

To exercise these rights, contact us at: privacy@intratio.com

We will respond within 30 days and may request verification of your identity.

9. Data Security Measures

We implement comprehensive security measures to protect your personal data:

9.1 Technical Safeguards

• End-to-end encryption for data transmission
• Advanced encryption standards (AES-256) for data storage
• Multi-factor authentication and access controls
• Regular security audits and penetration testing
• Intrusion detection and monitoring systems

9.2 Organizational Measures

• Privacy by design and by default principles
• Regular employee training on data protection
• Strict access controls and need-to-know basis
• Data breach response procedures
• Regular compliance assessments

10. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

10.1 Types of Cookies

• Essential Cookies: Required for basic functionality
• Performance Cookies: Analytics and site optimization
• Functional Cookies: Enhanced features and personalization
• Marketing Cookies: Targeted advertising (with consent)

10.2 Cookie Management

You can control cookies through your browser settings or our cookie preference center. Note that disabling certain cookies may affect functionality.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child, we will delete it immediately.

12. Third-Party Integrations

Our platform may integrate with third-party services (brokers, data providers, analytics tools). These integrations are governed by their respective privacy policies. We are not responsible for third-party privacy practices.

Common integrations include:

• Financial data providers (market data feeds)
• Social media platforms (login authentication)
• Analytics services (Google Analytics, etc.)
• Customer support platforms

13. Data Breach Notification

In the event of a data breach that may result in a high risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours
• Inform affected individuals without undue delay
• Provide clear information about the breach and our response
• Take immediate steps to contain and remediate the breach

14. Privacy Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be communicated through:

• Email notification to registered users
• Prominent notice on our website
• In-app notifications

Continued use of our services after changes constitutes acceptance of the updated policy.

15. Supervisory Authority

If you have concerns about our data processing practices, you have the right to lodge a complaint with your local data protection authority or the Belgian Data Protection Authority:

16. Contact Information

For privacy-related questions, requests, or concerns, please contact us:

17. Specific Use Case Disclaimers

17.1 AI and Machine Learning

Our AI algorithms process personal data to provide personalized predictions. This processing is based on your consent and our legitimate interests in service provision.

17.2 Financial Data

Investment-related data is processed with enhanced security measures. We do not share your specific financial information with third parties except as required by law.

17.3 Research and Development

Aggregated and anonymized data may be used for research purposes to improve our algorithms and services. Individual users cannot be identified from this data.