legal

Privacy Policy

Last updated: December 2024

1. Introduction

At Diffusion Zones ("we," "our," or "us"), we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our CLI tool and website.

2. Information We Collect

2.1 Email Address

We collect your email address when you purchase a license through Polar.sh. This is used solely to:

  • Generate and send your license key
  • Send download links for the CLI binary
  • Communicate about your subscription (renewals, failed payments)

2.2 License Key Information

We generate a unique license key for each purchase. License keys are stored in Deno KV with the following information:

  • License key (SHA-256 hash, not reversible to email)
  • Product type (monthly or lifetime)
  • Creation date and expiration date (for monthly subscriptions)
  • Download count and last download timestamp
  • Status (active, expired, or revoked)

2.3 Payment Information

We do NOT collect or store payment information. All payments are processed securely through Polar.sh, which is PCI DSS compliant. We receive only:

  • Notification that a payment was completed
  • Customer email address (from Polar)
  • Product type purchased

2.4 CLI Usage Data

The CLI tool does NOT send any usage data back to our servers. All calculations, backtests, and analyses run locally on your machine. We do not track:

  • Which symbols you analyze
  • How often you run the CLI
  • Your trading results or strategies used
  • Any other personal information

3. How We Use Your Information

We use your information only for the following purposes:

  • License Delivery: To generate and send your license key via email
  • Download Access: To verify your license and provide binary downloads
  • Subscription Management: To track monthly subscription expiration and renewals
  • Support: To respond to your inquiries and provide technical support
  • Security: To detect, prevent, and address technical issues and fraudulent activity

4. Data Storage & Security

4.1 Data Storage

Your data is stored in Deno KV, a managed key-value database provided by Deno Deploy:

  • Encrypted at rest (Deno KV default)
  • Access is scoped to our deployment only
  • Regular backups managed by Deno Deploy

4.2 Data Retention

  • Active licenses: Retained while license is active
  • Expired monthly licenses: Retained for 1 year after expiration
  • Lifetime licenses: Retained indefinitely (unless revoked)
  • Revoked licenses: Retained for 1 year after revocation

4.3 Security Measures

We implement appropriate security measures to protect your data:

  • HMAC-SHA256 webhook signature verification
  • Timestamp validation (5-minute window) for webhooks
  • License keys are one-way hashes (not reversible)
  • HTTPS/TLS encryption for all data in transit

5. Third-Party Services

We use the following third-party services:

Polar.sh

Purpose: Payment processing and subscription management
Data: Email address, purchase details
Privacy Policy: polar.sh/privacy

Resend

Purpose: Email delivery for license keys
Data: Recipient email address, license key, download URL
Privacy Policy: resend.com/privacy

Deno Deploy

Purpose: Hosting and database (Deno KV)
Data: License keys and metadata
Privacy Policy: deno.com/deploy/docs/security

We do not sell your data to any third parties. These services are used only to provide our core functionality (payments, email, hosting).

6. Your Rights

You have the following rights regarding your data:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your personal data (with exceptions for active licenses)
  • Revocation: Request revocation of your license key
  • Data Portability: Request your data in a machine-readable format

To exercise these rights, contact us at support@diffusion-zones.com.

7. Cookies & Tracking

We do NOT use cookies, tracking pixels, or analytics on our website. We do not track your browsing behavior, IP address, or location. The only data we collect is what you provide during the purchase process (email address).

8. Children's Privacy

Our service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by:

  • Posting the new policy on this page
  • Updating the "Last updated" date
  • Sending an email to active subscribers for significant changes

Continued use of our service after changes constitutes acceptance of the new policy.

10. Contact Us

If you have questions about this privacy policy or your personal data, please contact us: