Effective date: May 27, 2026
J.N Family Holding, LLC d/b/a AlphaProof ("AlphaProof", "we", "us", or "our") operates the AlphaProof platform at alphaproof.app, my.alphaproof.app, and the associated mobile application (collectively, the "Service"). This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you use our Service.
By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.
When you create an account, we collect your email address, display name, and profile information. Authentication is managed by Clerk, which may also process your Apple ID or Google OAuth credentials if you choose social sign-in. Clerk stores authentication tokens and session data on our behalf.
If you choose to link a brokerage account, we use third-party financial data aggregators — Plaid Inc. ("Plaid") and SnapTrade Inc. ("SnapTrade") — to retrieve your investment transaction history. The data we receive includes:
We do not receive, store, or have access to your brokerage login credentials. Plaid and SnapTrade act as intermediaries and maintain their own security and privacy practices. We store encrypted access tokens (see Section 5) to maintain your brokerage connection. You can review their policies:
You may manually enter trade records or import them via brokerage connections. This data includes ticker symbols, trade direction (buy/sell), share quantities, execution prices, fees, execution dates, and portfolio metadata. Portfolio performance metrics, verification status, and hash chain data are derived from and associated with this trade data.
If you upload a PDF brokerage statement for trade verification, the document is transmitted to Anthropic's Claude AI service for extraction and verification. Uploaded statements are processed to extract trade data and verify consistency with your recorded trades. Uploaded PDF files are not permanently stored — they are deleted after processing is complete.
Payment processing is handled entirely by Stripe, Inc. ("Stripe"). We do not store credit card numbers, bank account details, or other sensitive payment credentials on our servers. We receive and store only:
Refer to Stripe's Privacy Policy for details on how Stripe handles your payment data.
We collect standard technical data to operate and improve the Service, including:
We use the following client-side storage mechanisms:
We do not sell your personal information, and we do not serve third-party advertisements inside the Service. Where we use a measurement pixel (such as Meta's) or analytics tag, its purpose is to measure and improve our own marketing; the provider may use the data it receives under its own terms.
We use the information we collect to:
We do not sell your personal information. We have never sold personal information, and we have no plans to do so.
We share data only in the following circumstances:
We share data with third-party service providers that perform services on our behalf. Each provider receives only the minimum data necessary to perform its function:
| Provider | Purpose | Data Shared |
|---|---|---|
| Plaid | Brokerage data aggregation | User-authorized brokerage access tokens |
| SnapTrade | Brokerage data aggregation | User-authorized brokerage access tokens |
| Stripe | Payment processing & payouts | Email, subscription data, payout amounts |
| Clerk | Authentication & identity | Email, profile data, OAuth tokens |
| Sentry | Error monitoring | Error reports, device info, IP (anonymized) |
| Resend | Transactional email | Email address, notification content |
| Polygon.io / Massive | Equity market data | Ticker symbol queries (no personal data) |
| CoinMarketCap | Cryptocurrency market data | Ticker symbol queries (no personal data) |
| Anthropic (Claude) | PDF statement verification | Uploaded brokerage statement content |
| Google Analytics | Usage analytics & measurement | Usage events, device/browser info, IP-derived approximate location |
| Meta (Facebook) Pixel | Marketing measurement | Page-view and conversion events, device/browser info |
If you set a portfolio to public visibility, your trade records, performance metrics, verification status, and display name are visible to other users (and, for non-paywalled portfolios, potentially to the public internet). You control the visibility of each portfolio. Private portfolios are never shared.
We may disclose information if required by law, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to: (a) comply with a legal obligation; (b) protect the rights, property, or safety of AlphaProof, our users, or the public; (c) detect or prevent fraud; or (d) enforce our Terms of Service.
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any choices you may have regarding your information.
If you are a California resident, you have specific rights under the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA"). This section describes those rights and how to exercise them.
You have the right to request that we disclose: (a) the categories of personal information we have collected about you; (b) the categories of sources from which the information was collected; (c) the business or commercial purpose for collecting the information; (d) the categories of third parties with whom we share the information; and (e) the specific pieces of personal information we have collected about you.
You have the right to request deletion of your personal information, subject to certain exceptions (e.g., where we are legally required to retain data, or where data is necessary to complete a transaction you initiated). Note that due to the append-only nature of the cryptographic hash chain, individual trade records cannot be selectively deleted, but we can delete your account, personal information, and brokerage connections.
You have the right to request correction of inaccurate personal information we hold about you (e.g., email, display name, profile data). Note that trade records cannot be corrected or modified due to the append-only cryptographic hash chain — this is a core feature of the Service, not a limitation.
AlphaProof does not sell your personal information. We do not sell, rent, or trade your personal data to third parties for monetary or other valuable consideration. Because we do not engage in the sale of personal information, there is no need to opt out, but we honor all such requests.
We will not discriminate against you for exercising any of your CCPA rights. We will not deny you goods or services, charge you different prices, provide a different quality of service, or retaliate in any way for exercising your privacy rights.
To submit a CCPA request, contact us at support@alphaproof.app with the subject line "CCPA Request." We will verify your identity before processing your request and respond within 45 days as required by law.
In the preceding 12 months, we have collected the following categories of personal information (as defined by the CCPA):
We implement industry-standard security measures to protect your information:
No method of transmission or storage is 100% secure. While we strive to protect your information using commercially reasonable measures, we cannot guarantee absolute security. If you discover a security vulnerability, please report it to security@alphaproof.app.
In the event of a data breach that compromises your personal information, we will:
We retain your data according to the following schedule:
Regardless of your jurisdiction, you have the following rights:
To exercise any of these rights, contact us at support@alphaproof.app. We will respond within 30 days (or 45 days for CCPA requests).
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected data from a person under 18, we will take immediate steps to delete that information and terminate the associated account. If you believe a child under 18 has provided us with personal information, please contact us at support@alphaproof.app.
AlphaProof is based in the United States. Your information may be transferred to, stored, and processed in the United States, where our servers and service providers are located. By using the Service, you acknowledge and consent to the transfer of your information to the United States and other jurisdictions that may have different data protection laws than your country of residence.
If you are located in the European Economic Area (EEA), United Kingdom, or other jurisdiction with data transfer restrictions, we rely on the following safeguards for cross-border data transfers:
Some browsers transmit a "Do Not Track" (DNT) signal. Because there is no accepted standard for how to respond to DNT signals, we do not currently respond to them. However, we do not engage in cross-site tracking or sell your data to advertisers.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a prominent notice on the Service at least 15 days prior to the change becoming effective. The "Effective date" at the top of this page indicates when this policy was last revised. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, please contact us:
This Privacy Policy is not legal advice. If you have questions about your privacy rights, consult a qualified attorney.