Privacy Policy
Last updated: 5 June 2026
EquiTrack (“we”, “us”, “our”) respects your privacy. This policy explains what information we collect, why we collect it, and what you can do about it. This policy applies to equitrack.in and all associated subdomains.
1. What we collect
Account information: your name, email, and a hashed (bcrypt) password when you register.
Portfolio data you add: stock transactions, dividends, broker contract-note files, broker PDF passwords (encrypted at rest with Fernet), and any symbol-mapping entries.
Technical logs: standard web-server logs (IP address, user agent, timestamp, path) kept for up to 30 days to debug issues and prevent abuse.
We do not collect payment card details — those are handled directly by Razorpay. We never store your card number, CVV, or expiry date.
2. How we use it
We use your data only to operate the service — i.e. compute P/L, generate ITR reports, parse contract notes, fetch end-of-day prices, and contact you about your account. We do not sell, rent, or share your portfolio data with advertisers, data brokers, or any third party, ever.
3. Third-party services
To provide the service we rely on: MongoDB Atlas (managed database storage), NSE / BSE archives & AMFI (public market data — we send only the stock ticker, never your identity), Anthropic Claude & Google Gemini via Emergent's LLM gateway for contract-note parsing (we send the PDF bytes only during parsing), Razorpayfor payment processing, and Gmail SMTP for transactional emails.
4. Cookies
We use two httpOnly cookies to keep you signed in (access_token and refresh_token). No marketing or tracking cookies. No Google Analytics. No Facebook pixel.
5. Your rights
You may request a copy of your data, correction of any record, or deletion of your account at any time by emailing admin@equitrack.in. Deletion removes all your portfolios, transactions, dividends, saved passwords, and symbol mappings within 7 working days.
6. Data retention
Account & portfolio data: kept while your account is active. Deleted within 7 working days of account deletion request. Backups are rotated out within 30 days.
7. Children
EquiTrack is not directed at anyone under 18. If you become aware that a minor has created an account, email us and we will delete it.
8. Changes
We may update this policy from time to time. Material changes will be emailed to registered users at least 7 days before taking effect.
9. Contact
Questions about this policy? Email admin@equitrack.in.