Privacy Policy.

1. Introduction

Insight Horizons Ltd ("Insight Horizons," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website (the "Website") and use our services.

By accessing the Website or using our Services, you consent to the data practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Website.

2. Information We Collect

2a. Information You Provide Directly

We collect information that you voluntarily provide to us when you:

• Create an account (email address, name, password)
• Subscribe to a paid plan (billing information is collected and processed by Stripe, Inc. — we do not store your credit card number, CVV, or full card details on our servers)
• Apply for coaching services (name, email, phone number, trading experience level, and other information you provide in the application form)
• Contact us via email or support channels
• Respond to surveys or provide feedback

2b. Information Collected Automatically

When you visit the Website, we may automatically collect certain information, including:

• Device information (browser type, operating system, device type)
• IP address
• Pages viewed and time spent on each page
• Referring website or source
• Date and time of access
• Cookies and similar tracking technologies (see Section 7)

2c. Information from Third-Party Services

We may receive information about you from third-party services we use, including:

• Stripe — payment confirmation, subscription status, and billing history (we do not receive or store your full card number)
• Supabase — authentication and account data
• Analytics providers — aggregated usage data

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Website and Services
• Process your subscription payments and manage your account
• Send transactional communications (account confirmation, password resets, payment receipts, subscription updates)
• Respond to your inquiries, comments, or support requests
• Monitor and analyze usage patterns and trends to improve the Website and Services
• Detect, prevent, and address technical issues, fraud, or security concerns
• Comply with legal obligations

We do not use your information to sell your personal data to third parties, send unsolicited marketing emails without your consent, or share your information with advertisers.

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service providers: We share information with third-party service providers who perform services on our behalf, including payment processing (Stripe), hosting and database services (Supabase, Vercel), and transactional email delivery (Resend). These providers are contractually obligated to use your information only for the purposes of providing services to us.
• Legal requirements: We may disclose your information if required to do so by law, or in the good-faith belief that such action is necessary to comply with a legal obligation, protect our rights or property, prevent fraud, or protect the personal safety of Users or the public.
• Business transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of the transaction. We will notify you via email or a prominent notice on the Website of any change in ownership or use of your personal information.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Services. If you cancel your subscription or delete your account, we will retain your information for a reasonable period as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Account and authentication data: retained while your account is active, deleted within 90 days of account deletion request
• Payment and billing records: retained for 7 years as required for tax and accounting compliance
• Usage analytics: retained in anonymized/aggregated form indefinitely

6. Your Rights

6a. All Users

You have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate personal information
• Request deletion of your personal information (subject to legal retention requirements)
• Opt out of non-essential communications
• Cancel your subscription at any time

To exercise any of these rights, contact us at cs.insighthorizons@gmail.com.

6b. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collecting the information, and the categories of third parties with whom we share it.
• Right to delete: You may request that we delete personal information we have collected from you, subject to certain exceptions.
• Right to opt out of sale: We do not sell your personal information. If this practice changes, we will provide an opt-out mechanism.
• Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To submit a CCPA request, contact us at cs.insighthorizons@gmail.com. We will respond to verifiable consumer requests within 45 days.

6c. European Economic Area Residents (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Legal basis for processing: We process your personal data based on: (a) your consent; (b) the performance of a contract; and (c) our legitimate interests.
• Right to access, rectification, erasure, and portability: You may request access to, correction of, deletion of, or a portable copy of your personal data.
• Right to restrict processing: You may request that we restrict the processing of your personal data in certain circumstances.
• Right to object: You may object to processing of your personal data based on our legitimate interests.
• Right to withdraw consent: Where processing is based on consent, you may withdraw your consent at any time.

To exercise any GDPR rights, contact us at cs.insighthorizons@gmail.com. We will respond within 30 days.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of the Website.

• Essential cookies: Required for the Website to function (authentication, session management, security). These cannot be disabled.
• Analytics cookies: Used to understand how visitors interact with the Website. We use privacy-respecting analytics that do not track you across other websites.

You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Note that disabling essential cookies may prevent you from using certain features of the Website.

We do not use advertising cookies or tracking pixels. We do not participate in cross-site advertising networks.

8. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your personal information from unauthorized access, use, alteration, or destruction. These measures include encryption of data in transit (HTTPS/TLS), encryption of sensitive data at rest, row-level security policies on database tables, secure authentication with hashed passwords, and regular security reviews of third-party service providers.

However, no method of electronic transmission or storage is 100% secure. While we strive to use commercially reasonable means to protect your personal information, we cannot guarantee its absolute security.

9. Third-Party Links

The Website may contain links to third-party websites or services that are not operated by Insight Horizons. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. We encourage you to review the privacy policies of any third-party websites you visit.

10. Children's Privacy

The Website and Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without verification of parental consent, we will take steps to remove that information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated Privacy Policy on the Website with a new "Last Updated" date. For material changes, we will also notify active subscribers via email. Your continued use of the Website after any changes constitutes your acceptance of the updated Privacy Policy.

12. Contact Information

For questions about this Privacy Policy or to exercise your data rights, contact: