Privacy Policy

Welcome to Pav (“we”, “our”, “us”). This Privacy Policy explains how we collect, use, and protect your information when you use the Pav mobile application and related services (the “Service”).

By using Pav, you agree to the practices described here. If you do not agree, please do not use the Service.

We collect only what is necessary to operate Pav:

• Account information: email address and a securely hashed password (we never store your password in plain text).
• Usage data: your watchlist symbols, alerts you create, and theme preference.
• Device information: basic technical info (operating system, app version) used to keep the app running smoothly.
• Subscription information: if you upgrade to Premium, your subscription tier and plan. Payments are processed by a third-party provider; we do not store full payment card data.

We use your information to:

• Authenticate you and operate your account.
• Provide predictions, alerts, and watchlist functionality.
• Fix bugs, improve performance, and develop new features.
• Communicate important account or service updates.

We never sell your personal data.

Pav relies on a small number of third-party services to function:

• Market data providers (Finnhub, Yahoo Finance) — to fetch real-time prices and historical data. Symbol lookups are sent to these providers; no personal account data is shared.
• AI provider (Anthropic Claude via the Emergent platform) — to generate prediction narratives. Only the symbol, computed indicators, and historical data are sent; we do not send your identity.
• Database hosting (MongoDB) — to securely store your account and watchlist.

We retain your account information for as long as your account is active. You may request deletion of your account and associated data at any time by emailing hello@pavapp.com.

We use industry-standard security practices: passwords are hashed with bcrypt, sessions are managed via JWTs, and all traffic is encrypted in transit (HTTPS). No system is 100% secure, so we encourage you to use a strong, unique password.

Pav is not intended for users under 18. We do not knowingly collect data from children. If you believe a child has provided us information, please contact us so we can remove it.

Depending on your location, you may have the right to access, correct, or delete the personal data we hold about you, and to object to or restrict certain processing. To exercise any of these rights, contact us at hello@pavapp.com.

We may update this Privacy Policy from time to time. Material changes will be communicated in-app or by email. The “Last updated” date at the top reflects the most recent revision.

Questions about this policy? Email hello@pavapp.com.