Legal

Privacy Policy

Last updated: May 26, 2026 · Last reviewed: June 2026 (no material changes) · Applies to: Compounder HQ (iOS) v1.0+

      The short version: Compounder HQ does not collect, store, or share any personal information. All your data — accounts, positions, transactions, tax lots, watchlist, settings — lives on your device. No account, no email, no analytics. Optional iCloud sync (CloudKit private database) keeps your devices in sync. The app fetches public market data over the network using ticker symbols only — no personal data is sent.
    

1. Information We Collect

Compounder HQ does not collect any personally identifiable information. Specifically:

No account registration is required.
No name, email, or contact information is collected.
No location data is accessed.
No analytics, telemetry, or tracking SDKs are included in the app.
No advertising identifiers (IDFA) are collected.
No device identifiers, push tokens, or fingerprints are collected by us.

2. Data Stored on Your Device

All app data you enter is stored locally on your device using Apple's SwiftData framework:

Accounts — brokerage names and types you create.
Positions, lots, transactions — ticker symbols, share counts, cost basis, purchase dates, and notes you enter.
Watchlist — symbols you add to follow.
Tax settings — your residency selection and per-class tax rates.
Income goal — your target annual income and assumptions.
Preferences — sort orders, default lot allocation method, alert settings.

This data:

Never leaves your device to our servers.
May be synced to your other Apple devices via iCloud (CloudKit private database) if you enable iCloud sync in Settings — controlled entirely by you.
Is included in your iCloud backup if you have iCloud backup enabled.
Is permanently deleted when you delete the app and (if applicable) clear the associated iCloud container.

3. Third-Party Market Data Services

Compounder HQ fetches live market data from the following public APIs. These requests are made directly from your device and contain only stock ticker symbols, ETF identifiers, or date ranges — no personal data is sent:

Finnhub — primary source for quotes, fundamentals, dividend history, company profiles, basic financials, earnings calendar, and analyst data. The app ships with a shared key for casual use; Pro users may bring their own Finnhub API key, which is stored securely in your device's iOS Keychain.
SEC EDGAR (data.sec.gov) — publicly available regulatory filings. Used by Compounder HQ's covered-call ETF distribution-class manifest workflow and its 13F institutional-ownership ("Guru Owners") data, which is derived from public Form 13F filings. No personal data is sent.
OpenFIGI (OpenFIGI.com, by Bloomberg) — used only to map the CUSIP identifiers in public 13F filings to ticker symbols for the Guru Owners feature. Requests contain only security identifiers; no personal data is sent.

These services have their own privacy policies governing how they handle the API requests Compounder HQ sends:

Finnhub privacy policy: finnhub.io/privacy
SEC.gov privacy policy: sec.gov/privacy
OpenFIGI / Bloomberg privacy policy: bloomberg.com/notices/privacy

4. Shared Cache (Cloudflare Worker)

To stay within Finnhub free-tier rate limits, certain data — dividend history, ETF distribution policies, computed Compounder Scores, basic financials, and earnings dates — is read from and written to a shared cache hosted on Cloudflare Workers + D1 (in the EU — Dublin region). The cache is shared across MARS Studio's investment apps. The data flowing through this cache:

Contains only public market data — ticker symbols, ex-dividend dates, dividend amounts, ETF distribution-class breakdowns, share counts in financial statements, etc.
Contains no personal data, no holdings, no cost basis, no portfolio value, no account information, and no device identifier.
Authenticates write requests using a shared application-level credential. This credential is not tied to any user identity.

Cloudflare's privacy policy applies to data stored on their infrastructure: cloudflare.com/privacypolicy.

5. Push Notifications

Compounder HQ uses local notifications only — ex-dividend reminders and earnings reminders are scheduled on your device via iOS BackgroundTasks and UNUserNotifications. No Apple Push Notification service (APNs) tokens are sent to any server. (The Lock Screen Live Activity is likewise driven on-device, with no push token sent.) Server-driven push alerts are planned for a future release and will be opt-in with a separate consent screen at that time.

6. Subscriptions (StoreKit)

Compounder HQ is free to download and includes a 14-day free trial of full Pro access; after the trial, an active Pro subscription ($39.99/yr) is required to continue using the app (there is no permanent free tier). All subscription and trial transactions are processed entirely through Apple's App Store and StoreKit 2. MARS Studio does not receive, store, or process any payment information — we receive only a confirmation that your transaction is valid. Apple's privacy policy governs all subscription transactions: apple.com/legal/privacy.

You can manage or cancel your subscription at any time via iOS Settings > [your name] > Subscriptions or the in-app Settings > Manage Subscription link.

7. CSV Imports

When you import a brokerage CSV (Fidelity, Schwab, Vanguard, IBKR, SBI証券, 楽天証券, マネックス証券, or generic), the file is parsed entirely on your device. The CSV contents are never uploaded — only the resulting positions you choose to commit are saved to your local SwiftData store.

8. iCloud Sync (Optional, Opt-In)

If you enable iCloud sync in Settings, Compounder HQ uses Apple's CloudKit private database (your personal iCloud, scoped to the app) to keep accounts, positions, lots, transactions, watchlist, and settings in sync across your Apple devices signed in to the same Apple ID. MARS Studio cannot read or access this data — the CloudKit private database is end-to-end controlled by your Apple ID. You can disable sync at any time in Settings.

9. Analytics & Crash Reporting

Compounder HQ does not include any third-party analytics SDKs (no Firebase, no Mixpanel, no Amplitude, no Sentry, no Crashlytics, etc.). If you opt in to share crash data with Apple at the iOS level (iOS Settings > Privacy & Security > Analytics & Improvements), Apple may share aggregated, anonymised crash logs with us via App Store Connect — this is governed by Apple's privacy policy and is independent of the app.

10. Advertising

Compounder HQ contains no advertisements and does not use any advertising identifiers (IDFA).

11. Children's Privacy

Compounder HQ is intended for adults aged 18 or older and is not directed at children. The app does not knowingly collect information from children under 13. Investment tracking inherently requires adult financial accounts and tax-classification context that is unsuitable for minors.

12. International Users

Compounder HQ is available globally on the App Store. The app is designed to support investors holding US-listed securities regardless of their country of residence (NRIs, US expats, IBKR International / Schwab International / Moomoo US users). The shared cache (Section 4) is hosted in the EU (Dublin region) — if your residency selection touches a residency-specific tax engine, those calculations remain entirely on your device. No personal data crosses borders via our infrastructure.

13. European Users (GDPR) & California Users (CCPA/CPRA)

Lawful basis (GDPR Art. 6). Compounder HQ stores all personal data (positions, accounts, transactions, journal entries, alert thresholds) locally on your device and may optionally sync it to your private iCloud container (Section 8). Where we process symbol-level data via the shared public-data cache (Section 4), no personal data is included; an Art. 6 lawful basis is therefore inapplicable. If we add an opt-in feature that transmits personal data in a future release, we will update this policy and require fresh consent.

Your rights. European users have the right to access, rectify, erase, restrict, port, and object to processing of any personal data we hold (GDPR Art. 15–22). California users have equivalent rights to know, delete, correct, and limit use under CCPA/CPRA. To exercise any of these rights, contact chq-privacy@marsstudio.app — we respond within 30 days. Because all your data lives only on your device (or in your private iCloud container), "right to deletion" is satisfied by uninstalling the app and clearing the iCloud container in Settings.

We do not sell or share your personal information for cross-context behavioural advertising or any other purpose. There is no "Do Not Sell or Share My Personal Information" link because we have no sale or sharing flow to opt out of.

Supervisory authority. European users may lodge a complaint with their local data-protection authority. The shared public-data cache infrastructure (Section 4) is hosted on Cloudflare in the EU (Dublin region); the lead authority for cross-border issues is the Irish Data Protection Commission (dataprotection.ie).

MARS Studio is a small independent developer and has not appointed a Data Protection Officer or EU representative; the volume and nature of our data processing falls below the GDPR thresholds requiring either (Art. 27, Art. 37). Indian users have equivalent rights under the Digital Personal Data Protection Act 2023.

14. App Lock (Face ID / Touch ID / Passcode)

Compounder HQ offers an optional App Lock that requires Face ID, Touch ID, or your device passcode to open the app. This is handled entirely by Apple's on-device LocalAuthentication framework. The app does not collect, store, transmit, or otherwise have access to your biometric data — Face ID / Touch ID data never leaves Apple's Secure Enclave on your device, and Compounder HQ receives only a success or failure result. App Lock is off by default and can be toggled in Settings.

15. Live Activity (Lock Screen & Dynamic Island)

Compounder HQ offers an optional Live Activity that displays your portfolio's total value and today's change on the Lock Screen and in the Dynamic Island when you choose to start it. This information is rendered on your device from data already stored locally; it is not transmitted to MARS Studio or any third party. The Live Activity is off unless you start it and can be dismissed at any time.

16. Changes to This Policy

If we make material changes to this policy, we will update the "Last updated" date above and (where the change is material) surface a notice in the app on next launch. Continued use of the app after changes constitutes acceptance of the updated policy.

17. Contact

Questions about this policy? Contact us at chq-privacy@marsstudio.app or write to us at MARS Studio, marsstudio.app.