Data Security & Privacy
Your financial data is protected with institutional-grade security. We never sell your information.
Our Security Principles
End-to-End Encryption
All data in transit and at rest is encrypted using industry-standard protocols.
- TLS 1.3 encryption for all data in transit
- AES-256 encryption for data at rest
- Secure password hashing (bcrypt + salt)
- API keys and tokens encrypted in database
Access Control & Monitoring
Strict controls prevent unauthorized access to your data.
- Role-based access control (RBAC)
- Employees can only access data with your consent
- All access logged and monitored
- Two-factor authentication available
Compliance & Standards
SOC 2 Type II (In Progress)
We are working towards SOC 2 Type II certification to demonstrate our commitment to security, availability, and confidentiality.
- Independent security audits
- Verified security controls
- 12-month assessment period
- Contact us for audit report access
GDPR & Privacy Compliance
Full compliance with GDPR and other global privacy regulations.
- GDPR compliant data processing
- CCPA/CPRA compliant (California)
- Right to access, delete, or export data
- Data Protection Officer on staff
How We Handle Your Data
Financial Data Sources
All stock market data comes from institutional providers with strict compliance standards.
- →Price & Volume Data: Real-time feeds from regulated exchanges
- →Financial Statements: SEC filings and institutional providers
- →Insider Data: SEC Form 4 filings (public data)
- →13-F Holdings: SEC public filings
Your Personal Data
We only collect the minimum information needed to provide our service.
We collect:
- • Email address (for account & communications)
- • Name and location (optional, for profile)
- • Watchlists and portfolio data (your investment activity)
- • Billing information (payment processing only)
We do NOT collect:
- ✗ Social Security numbers or tax IDs
- ✗ Bank account or credit card numbers (payment processor stores these)
- ✗ Detailed personal information beyond email/name
- ✗ Behavioral tracking or cookies (except essential)
How We Use Your Data
Your data is used only for providing ValueMarkers services to you.
- Service Delivery: Process your screens, watchlists, and analysis
- Account Management: Login, billing, and customer support
- Communications: Email alerts, feature updates, billing updates
- Legal Compliance: Tax reporting, fraud detection, legal obligations
We Never Sell Your Data
Period. Your investment data is yours and yours alone.
- No selling to third parties: Your watchlists, portfolios, or investment activity are never sold
- No targeted advertising: We don't use your data to show you ads
- No sharing with competitors: Your data stays within our organization
- No aggregation: We don't anonymize and sell market data
Data Retention & Deletion
How Long We Keep Your Data
- →Account data: As long as your account is active
- →Watchlists & portfolios: Until you delete them
- →Billing records: 7 years (tax compliance)
- →Logs & backups: 90 days
- →After account deletion: Anonymized or deleted within 30 days
Your Right to Delete
You have full control over your data at any time.
- Delete your account: Removes all personal data
- Export your data: Download all your data in standard format
- Delete individual watchlists: Remove specific investment lists
- Right to be forgotten: GDPR compliant deletion request
Security Questions?
Have questions about our security practices, need the SOC 2 report, or want to report a vulnerability?
Email our Security Team:
security [at] valuemarkers.comOr use our contact form:
Contact UsFrequently Asked Questions
Does ValueMarkers sell my data?+
Is ValueMarkers GDPR compliant?+
How is my payment information protected?+
Your Security is Our Priority
Start using ValueMarkers with complete confidence. Your data is safe.