Device Identifier — We generate an anonymous device ID (Apple's vendor identifier or a random UUID) to rate-limit API requests and prevent abuse. This ID is not linked to your name, email, or Apple ID. Ticker Lookups — When you search for or view a stock, the ticker symbol and request source are logged to our server to prioritize data freshness for popular tickers. AI Chat Content — If you use the AI research feature, your chat messages are sent to our server proxy, which forwards them to Google Gemini. We do not store conversation history on our servers. AI responses are generated by third-party models and may be inaccurate, incomplete, or misleading. rarePixel LLC does not control, curate, or verify AI-generated output and is not responsible for any content produced by these models or any actions taken based on such content.
We do not collect your name, email address, phone number, location, contacts, photos, browsing history, or advertising identifiers. We do not use any third-party analytics, advertising, or tracking SDKs. We do not use Apple's App Tracking Transparency framework because we do not track you.
Your portfolio holdings, trades, watchlists, price alerts, and preferences are stored locally on your device. This data never leaves your device unless you choose to back it up to iCloud (see below).
If you enable iCloud backup in Settings, your holdings, portfolios, and watchlists are encrypted with AES-256-GCM before being stored in your personal iCloud Key-Value Store. The encryption key is stored in your iCloud Keychain. We cannot access your iCloud data.
Subscription purchases are processed entirely by Apple. We do not receive or store your payment information.
Supabase hosts our database and API proxy, receiving anonymous device IDs and ticker requests. Google Gemini powers AI research features, receiving chat messages routed through our server proxy. Financial market providers supply stock prices and fundamentals fetched through our server; your device ID is not shared with upstream data providers.
Anonymous device request logs are retained for 90 days for abuse prevention, then automatically deleted.
phiFolio is not directed at children under 13. We do not knowingly collect data from children.
We may update this policy from time to time. Material changes will be noted in app update release notes.
Questions? Email us at support@phifolio.ai.
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.