Privacy Policy

Last updated: 30 April 2026

1. Who we are

Open Folio Pro ("we", "us", "our") is an Australian investment portfolio tracking service. This Privacy Policy explains how we collect, use, and protect your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. What information we collect

Account information

Email address, collected when you sign up via Supabase Auth.

Financial data you provide

Trade records, dividend payments, crypto holdings, superannuation balances and contributions that you manually enter or import via CSV. This data is entered voluntarily by you.

API credentials

If you connect a broker or exchange via API key, we store your API key and API secret in our database. These are protected by row-level security so only you can access them. They are not end-to-end encrypted at rest.

Usage data

Standard server logs (IP address, browser type, pages visited) collected automatically by our hosting provider (Vercel). This data is used solely for security and performance monitoring.

3. How we use your information

  • To provide and operate the portfolio tracking service
  • To compute holdings, tax estimates, and dividend forecasts
  • To sync data from connected broker APIs on your request
  • To send transactional emails (account verification, billing receipts)
  • To diagnose technical issues and improve the Service

We do not sell your personal information or financial data to third parties. We do not use your financial data for advertising.

4. Third-party services

SupabaseDatabase and authentication hosting. Your data is stored in Supabase's ap-southeast-2 (Sydney) region. Privacy policy ↗
VercelWeb application hosting and edge functions. Standard server logs apply. Privacy policy ↗
StripePayment processing for subscriptions. We never see or store your card details. Privacy policy ↗
Yahoo Finance & CoinGeckoLive price feeds for stocks and crypto. No personal data is sent to these services.

5. Data storage and security

Your data is stored in Supabase's Australian (Sydney) data centre. We use row-level security (RLS) to ensure each user can only access their own data. Access to the production database is restricted to authorised personnel only.

Despite these measures, no system is completely secure. You are responsible for keeping your account credentials and API keys confidential. If you suspect unauthorised access, contact us immediately and revoke any connected API keys at the source exchange.

6. Data retention

We retain your data for as long as your account is active. If you delete your account, all associated personal data and financial records are permanently deleted from our systems within 30 days. Stripe may retain billing records as required by law.

7. Your rights (Australian Privacy Principles)

Under the Privacy Act 1988 you have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate or incomplete information
  • Request deletion of your account and associated data
  • Complain about a breach of the APPs to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au

To exercise any of these rights, email us at privacy@openfoliopro.com.

8. Cookies

We use only functional cookies necessary to maintain your login session. We do not use tracking cookies, advertising cookies, or analytics cookies beyond Vercel's standard server-side logging.

9. Children

The Service is not directed at children under 18. We do not knowingly collect personal information from anyone under 18.

10. Changes to this policy

We may update this policy from time to time. Material changes will be notified by email. Continued use of the Service after changes are posted constitutes acceptance.

11. Contact

Privacy enquiries: privacy@openfoliopro.com

Terms of ServiceOpen Folio Pro