Privacy Policy
Last Updated: November 10, 2025
Effective Date: November 10, 2025
At Covered Call Calculator ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.
Your Privacy Rights: You have the right to know what data we collect, request copies of your data, request deletion of your data, and opt-out of certain data uses. See "Your Rights" section below.
1. Information We Collect
1.1 Information You Provide
When you create an account or use our services, we collect:
- Account Information: Name, email address, profile picture (via Auth0)
- Authentication Data: Login credentials managed by Auth0 (we do not store passwords)
- Payment Information: Credit card details processed by our payment processor (not stored on our servers)
- Preferences: Your settings, watchlists, and saved calculations
1.2 Information Automatically Collected
When you use our Service, we automatically collect:
- Usage Data: Ticker symbols searched, calculations performed, features accessed
- Device Information: IP address, browser type, operating system, device identifiers
- Log Data: Access times, pages viewed, errors encountered
- Cookies and Similar Technologies: See "Cookies" section below
1.3 Information from Third Parties
- Auth0: Authentication and profile information
- Massive.com/Polygon.io: We do NOT receive any personal information from this service
- Payment Processors: Transaction confirmation (not full card details)
2. How We Use Your Information
We use your information for the following purposes:
2.1 Provide and Improve Services
- Authenticate your identity and manage your account
- Provide covered call calculations and analysis
- Save your watchlists and calculation history
- Process premium subscriptions
- Send service-related notifications (account changes, expiration warnings)
- Improve our algorithms and user experience
- Troubleshoot technical issues
2.2 Legal and Safety
- Comply with legal obligations
- Prevent fraud and abuse
- Enforce our Terms of Service
- Protect user safety and security
2.3 Marketing (With Your Consent)
- Send promotional emails about new features (you can opt-out)
- Provide personalized recommendations
- Conduct surveys and research (optional participation)
3. Data Retention
We retain your information for as long as necessary to provide services and comply with legal obligations:
| Data Type |
Retention Period |
| Account Information |
Until account deletion + 30 days |
| Calculation History |
12 months (or until account deletion) |
| Usage Logs |
90 days |
| Payment Records |
7 years (tax/legal requirement) |
| Security Logs |
180 days |
| Cookies |
30 minutes to 1 year (varies by type) |
4. How We Share Your Information
We do NOT sell your personal information. We share information only in limited circumstances:
4.1 Service Providers
We share data with trusted third-party providers who assist our operations:
- Auth0: Authentication and identity management
- Massive.com/Polygon.io: Market data (we send ticker symbols, NOT personal info)
- Payment Processors: Subscription billing (Stripe, PayPal, etc.)
- Cloud Hosting: Infrastructure providers
- Email Service: Transactional and promotional emails (if opted in)
All service providers are contractually obligated to protect your data and use it only for specified purposes.
4.2 Legal Requirements
We may disclose information if required by law or to:
- Comply with court orders, subpoenas, or legal process
- Protect our rights, property, or safety
- Investigate fraud or security incidents
- Enforce our Terms of Service
4.3 Business Transfers
If we are acquired, merge with another company, or sell assets, your information may be transferred to the new entity. We will notify you before your information is transferred and becomes subject to a different Privacy Policy.
4.4 Aggregated Data
We may share aggregated, anonymized data that cannot identify you individually (e.g., "50% of users searched AAPL this month").
5. Cookies and Tracking Technologies
5.1 What Are Cookies?
Cookies are small text files stored on your device that help us provide and improve our services.
5.2 Types of Cookies We Use
| Cookie Type |
Purpose |
Duration |
| Essential Cookies |
Authentication, session management (required for service) |
30 minutes |
| Functional Cookies |
Remember preferences, settings |
1 year |
| Analytics Cookies |
Understand usage patterns, improve service |
1 year |
| Marketing Cookies |
Track effectiveness of campaigns (with consent) |
1 year |
5.3 Managing Cookies
You can control cookies through your browser settings:
- Block All Cookies: Note that essential cookies are required for the service to function
- Delete Cookies: You can delete cookies at any time, but you'll need to log in again
- Opt-Out of Analytics: Use browser "Do Not Track" settings
6. Data Security
We implement industry-standard security measures to protect your information:
6.1 Technical Safeguards
- Encryption: TLS/HTTPS encryption for data in transit
- Authentication: OAuth 2.0 via Auth0 (industry-standard)
- Secure Sessions: HttpOnly, Secure, SameSite cookie flags
- Database Security: Prepared statements prevent SQL injection
- Access Controls: Least privilege principle for system access
- Regular Updates: Security patches applied promptly
6.2 Organizational Safeguards
- Employee access to data is limited to those who need it
- Regular security audits and penetration testing
- Incident response plan for data breaches
6.3 Your Responsibility
- Choose a strong password
- Do not share your login credentials
- Log out when using shared devices
- Report suspicious activity immediately
Data Breach Notification: If a breach occurs that compromises your personal information, we will notify you within 72 hours via email.
7. Your Privacy Rights
Depending on your location, you have specific rights regarding your personal information:
7.1 All Users
- Access: Request a copy of the data we hold about you
- Correction: Request correction of inaccurate information
- Deletion: Request deletion of your account and data
- Opt-Out: Unsubscribe from marketing emails
- Data Export: Request a machine-readable copy of your data
7.2 GDPR Rights (European Union Users)
If you are located in the EU/EEA, you have additional rights under the General Data Protection Regulation (GDPR):
- Right to be Informed: This Privacy Policy fulfills this right
- Right of Access: Request a copy of your data (free, within 30 days)
- Right to Rectification: Correct inaccurate data
- Right to Erasure: "Right to be forgotten" (with exceptions for legal obligations)
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Rights Related to Automated Decisions: We do not make automated decisions with legal/significant effects
Legal Basis for Processing (GDPR):
- Contract: To provide services you've requested
- Legitimate Interests: Improve services, prevent fraud
- Consent: Marketing communications (you can withdraw anytime)
- Legal Obligation: Comply with laws and regulations
EU Representative: [If you have significant EU users, designate an EU representative]
Supervisory Authority: You have the right to lodge a complaint with your local data protection authority.
7.3 CCPA Rights (California Users)
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):
- Right to Know: What personal information we collect, use, disclose, and sell
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: We do NOT sell personal information
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights
- Shine the Light: Request list of third parties with whom we shared info (if applicable)
CCPA Data Categories We Collect:
- Identifiers (name, email, IP address)
- Commercial information (subscription history, calculations)
- Internet activity (browsing behavior, usage data)
- Inferences (preferences, characteristics)
We Do NOT Sell Your Personal Information.
7.4 How to Exercise Your Rights
To exercise any of these rights, contact us at:
- Email: [email protected]
- Account Settings: Some data can be managed directly in your account
- Response Time: We will respond within 30 days (GDPR) or 45 days (CCPA)
Verification: We may need to verify your identity before fulfilling requests. We will request additional information only as necessary to confirm your identity.
8. Children's Privacy
Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will delete such information from our systems.
9. International Data Transfers
Our servers are located in the United States. If you access our Service from outside the US, your information will be transferred to, stored, and processed in the United States.
The United States may have data protection laws that differ from those in your country. By using our Service, you consent to the transfer of your information to the United States.
For EU Users: We rely on appropriate safeguards for international transfers, including:
- Standard Contractual Clauses (SCCs) with service providers
- Adequacy decisions by the European Commission (where applicable)
- Privacy Shield certification (where applicable)
10. Third-Party Links
Our Service may contain links to third-party websites (e.g., broker websites, financial resources). We are not responsible for the privacy practices of these third parties.
Recommendation: Review the privacy policies of any third-party websites you visit.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make changes:
- We will update the "Last Updated" date at the top
- For material changes, we will notify you via email or in-app notification
- Your continued use after changes constitutes acceptance
- We will archive previous versions for your reference
12. Contact Us
If you have questions about this Privacy Policy or our privacy practices, contact us at:
Covered Call Calculator
Email: [email protected]
Legal Inquiries: [email protected]
Data Protection Officer: [email protected]
Website: https://mycoveredcall.com
13. State-Specific Disclosures
13.1 Nevada Residents
Nevada law allows Nevada residents to opt-out of the sale of personal information. We do not sell personal information as defined by Nevada law.
13.2 Virginia, Colorado, Connecticut, Utah Residents
If you are a resident of these states, you may have additional rights under state privacy laws. Contact us for more information.
14. Data Protection Principles
We are committed to these data protection principles:
- Lawfulness, Fairness, Transparency: We process data lawfully and transparently
- Purpose Limitation: We collect data only for specified purposes
- Data Minimization: We collect only necessary data
- Accuracy: We keep data accurate and up to date
- Storage Limitation: We retain data only as long as necessary
- Integrity and Confidentiality: We protect data with appropriate security
- Accountability: We take responsibility for compliance
Summary: Your Privacy Matters
We collect minimal data to provide our service. We do not sell your information. You have the right to access, correct, and delete your data. We use industry-standard security measures to protect your information.
Questions? Contact us at [email protected]