Privacy Policy

Effective date: May 2, 2026

Welcome to TrueStare. Your privacy is important to us, and this Privacy Policy explains what information we collect when you use the TrueStare website and API, how we use it, and the choices you have. By using TrueStare (the "Service") you agree to the practices described below.

If you have any questions about this policy, contact us at [email protected] or via the contact form.

Who we are

TrueStare provides a real-time market data and AI text processing API at https://truestare.com. The Service is operated as an independent project. Throughout this policy, "we", "us", and "our" refer to the operators of TrueStare.

Information we collect

We try to collect as little personal information as possible. The categories of information we may collect are:

Information you provide voluntarily. When you create an account, we collect your email address and a password (hashed, never stored in plaintext). When you use the contact form, we collect your name, email, and the message you send. When you upgrade to a paid tier, our payment processor (Stripe) collects billing information directly — we never see or store your card details.

API request data. When you call the API with your API key, we log the endpoint called, the timestamp, your IP address, the response status code, and the request size. We do not log the body content of your requests by default. You may opt into request-body logging in your dashboard if you need it for debugging; that opt-in retains the body for 7 days then deletes it.

Automatically collected information. When you visit the website, we and our service providers automatically collect technical information including your IP address, browser type and version, operating system, the pages you visit, and the time and date of your visit. This is used for security, analytics, and operational improvement.

Cookies. We and our partners use cookies and similar technologies to recognize repeat visitors, remember preferences, measure traffic, and serve relevant advertising. You can disable cookies in your browser settings; if you do, parts of the Service may not function as intended.

How we use the information

• Operate, maintain, secure, and improve the TrueStare website and API
• Authenticate users and authorize API requests by API key
• Bill paid customers and respond to support requests
• Detect and prevent abuse, fraud, denial-of-service, and unauthorized access
• Generate aggregated, non-identifying analytics on Service usage
• Display relevant advertising on editorial and documentation pages through Google AdSense
• Comply with applicable legal obligations

We do not sell or rent your personal information to third parties.

Advertising and Google AdSense

TrueStare displays advertisements on the marketing, documentation, and guide pages of the website. These ads are served by Google AdSense and may be served by other approved advertising partners. As a third-party vendor, Google uses cookies (including the DoubleClick DART cookie) to serve ads to our users based on their visits to our Service and other sites on the Internet.

You may opt out of personalized advertising by visiting Google’s Ads Settings at https://adssettings.google.com. Alternatively, you can opt out of some third-party vendors’ use of cookies for personalized advertising by visiting https://www.aboutads.info/choices (US) or https://www.youronlinechoices.com/ (EU).

Advertising and analytics partners we work with may use cookies, web beacons, and similar technologies to collect information about your activities on our website and other websites and applications, including your IP address, web browser, pages viewed, time spent on pages, and links clicked. This information is used by us and these partners to provide more relevant advertising on our Service and elsewhere.

For more information about Google’s privacy practices, please review the Google Privacy & Terms page.

Third-party services

We rely on a small set of third-party providers to operate the Service. Each receives only the data necessary to perform its function:

• Stripe — processes payments. Receives billing details directly from you.
• Cloudflare — provides CDN, DDoS protection, and TLS termination. Receives request metadata.
• Linode (Akamai) — provides server hosting. Stores all primary application data.
• Anthropic and OpenAI — provide the underlying language models for AI text processing endpoints. Receives the text you send to those endpoints (per their respective data-handling policies).
• Google AdSense — serves advertising on editorial pages.

Your rights under GDPR (EEA, UK, Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have certain rights under the General Data Protection Regulation (GDPR), including:

• The right to access the personal data we hold about you
• The right to request correction or deletion of your personal data
• The right to object to or restrict our processing of your personal data
• The right to data portability
• The right to withdraw consent where our processing is based on consent
• The right to lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

Your rights under the CCPA (California residents)

If you are a California resident, you have the right under the California Consumer Privacy Act (CCPA) to know what personal information we collect, request deletion of your personal information (subject to certain exceptions), opt out of the "sale" of personal information as defined under California law, and not be discriminated against for exercising these rights.

We do not sell personal information in the traditional sense, but the use of cookies for personalized advertising may be considered a "sale" or "sharing" under California law. To opt out, you can use the "Your Privacy Choices" mechanism in supported browsers, or contact us directly.

Children’s privacy

TrueStare is not intended for or directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided personal information to us, contact us so we can delete it.

Data retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, to resolve disputes, and to enforce our agreements. API request logs are retained for 30 days; opt-in request bodies for 7 days; account information for the life of the account plus 90 days after deletion; contact-form messages for one year.

Security

We use reasonable technical and organizational measures to protect the information we collect, including TLS encryption in transit, encryption at rest for stored credentials, and restricted access to production systems. No method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective date" at the top of this page. If the changes are material, we will provide a more prominent notice on the website. Your continued use of the Service after any change constitutes your acceptance of the updated policy.

Contact us

If you have questions, comments, or requests regarding this Privacy Policy or your personal information, contact us at [email protected] or use the contact form.