Vantis
Legal

Privacy Policy

v1.1.0·Effective 2026-06-03·Last updated 2026-06-11

1. Overview & Scope

This Privacy Policy explains how Vantis LLC (“Vantis,” “we,” “us”) collects, uses, shares, retains, and protects information when you use our services at getvantis.ai and app.getvantis.ai (the “Service”). It applies to users in the United States. The Service is not offered outside the United States.

This Privacy Policy is part of, and incorporated into, our Terms of Service. Capitalized terms not defined here have the meanings given in the Terms.

This Privacy Policy is one of five documents that govern your use of Vantis. The others are the Terms of Service, the Risk Disclosure, the AI & Automation Disclosure, and the Disclaimers summary. We recommend you read all five before using the Service to inform any trading decision.

The Service is offered only to users physically located in the United States. If you are accessing this Privacy Policy from outside the United States, this Policy describes our practices for U.S.-resident users; the Service itself is not offered to you, and we do not knowingly collect personal information from users outside the United States. For privacy questions involving non-U.S. residency, contact privacy@getvantis.ai and we will respond on a good-faith basis to the extent applicable laws govern.

For purposes of California, Colorado, Connecticut, Virginia, Texas, and other state privacy laws that designate a “business” or “controller,” Vantis LLC, a Washington limited liability company with its principal office in Washington, USA, is the business and controller responsible for the personal information described in this Policy.

We aim for plain language. If anything is unclear, contact us at privacy@getvantis.ai. If you have a disability and need this Privacy Policy in an alternative format, contact privacy@getvantis.ai and we will provide it.

2. Information We Collect

This Section 2 also serves as our Notice at Collection under California law. The categories of personal information we collect, the purposes for which we collect them, and the retention periods (or criteria) that apply are described below and in §3 (How We Use Information) and §5 (Data Retention).

We collect information in three ways: information you provide, information generated automatically when you use the Service, and information we receive from third parties (specifically the providers we use to operate the Service).

2.1 Information You Provide

  • Account information — name, email address, profile picture (collected when you sign in via Google OAuth)
  • Brokerage transaction data — CSV exports from your broker containing trade history (dates, tickers, option contracts, strikes, expirations, quantities, prices, fees)
  • Brokerage holdings data — CSV exports containing current positions (tickers, share counts, cost basis, market values, cash balance)
  • Account labels — optional nicknames for brokerage accounts
  • Trading journal entries — thesis notes, conviction ratings, strategy tags, risk basis you record on individual trades
  • Watchlists & preferences — tickers you add to favorites; settings such as exit rule defaults
  • Communications with us — messages, support requests, feedback

Vantis reads the trade and position records in the files you upload solely to display your own activity to you; it does not place trades or make any changes to your accounts. The original CSV files you upload are retained on disk (encrypted by Vantis at rest using a Vantis-managed key) for up to 7 days after upload for diagnostic and integrity-check purposes. After that window the original file is deleted; the parsed transaction or holdings records remain (subject to §5 Data Retention). The upload event itself (timestamp, filename, parse outcome, content hash) is retained for audit-trail purposes for as long as your account is active.

2.2 Information Collected Automatically

  • Server log data — IP address, browser/user-agent string, request URLs, timestamps, response codes, referrer
  • Session cookies — an opaque session identifier that matches a server-side record; the cookie itself carries no personal information
  • Geo information — country code as reported by our hosting provider (Fly.io); used to enforce the U.S.-only restriction
  • Subscription state — subscription status, plan, renewal period

We do not currently use behavioral analytics, session replay, advertising pixels, or third-party trackers. If we add usage analytics in the future, we will update this section and notify existing users before the change takes effect.

2.3 Information from Third Parties

  • Your single sign-on provider (currently Google; we may add Apple, Microsoft, or similar providers in the future) — the stable identifier the provider issues for you (for Google this is the OAuth “sub” claim; other providers issue equivalent identifiers), your email, name, and profile picture, received when you sign in. We use the provider’s stable identifier internally to link your sign-in to your Vantis account; we do not display that identifier to you and do not share it with third parties. Your email, name, and profile picture are shown back to you within the Service (for example, in your account menu).
  • Stripe — subscription status, payment events, customer ID. We do not receive or store your full card number, CVV, or bank details — Stripe handles those
  • SnapTrade — when brokerage linking is enabled for your account and you authorize a brokerage connection, we receive from SnapTrade your authorized account list (account name and trailing-4 identifier), current balances, current positions, and transaction history. We do not receive your brokerage username, password, OAuth token, or any other authenticator — those are entered directly into SnapTrade and held by SnapTrade. See §8.1 for the full data-flow description
  • Public market data sources — pricing, volatility, fundamentals, options chains, and historical bars sourced from one or more third-party market-data vendors. We send ticker symbols, option contract symbols, and expiration dates to these vendors to fetch quotes; we do not send user-identifying information, account balances, position data, or trade history to market-data vendors. We may change or add vendors over time; this is disclosed at the category level rather than by named vendor because no user data flows to them.

2.4 Information We Do Not Collect

For clarity, Vantis does not collect:

  • Bank account numbers, routing numbers, or wire instructions
  • Credit card numbers, CVV codes, or other payment instrument details (Stripe does, we don’t)
  • Brokerage login credentials, API tokens, or OAuth tokens for your broker (when brokerage linking via SnapTrade is enabled for your account, those credentials are entered into SnapTrade and held by SnapTrade — see §8.1; we don’t)
  • Social Security numbers, government IDs, or tax identifiers
  • Health information
  • Precise geolocation (we only see country-level information from upstream proxies)
  • Biometric data
  • Information from minors (see §10)

By default, Vantis ingests brokerage data only through CSV files you choose to upload. Where brokerage linking is enabled for your account and you have authorized a brokerage connection through SnapTrade (see §8.1), Vantis additionally receives accounts, balances, positions, and transaction history for the connected accounts. The SnapTrade connection is opened with read-only scope: Vantis cannot place trades, move money, or take any other write action on your brokerage account through this integration, and we never receive your brokerage credentials.

2.5 CCPA Category Mapping

For California consumers, the personal information described above maps to the following categories enumerated in Cal. Civ. Code §1798.140(v):

  • Identifiers — your single sign-on provider’s stable user identifier (e.g., Google’s “sub” claim), email, IP address
  • Customer records — name, profile picture
  • Commercial information — subscription state, transaction history
  • Financial information (treated as Sensitive Financial Information under our Terms of Service §16) — brokerage transactions and holdings, whether uploaded as CSV or synced from a linked brokerage account via SnapTrade
  • Internet or other electronic network activity — server logs, session cookies
  • Geolocation data (country-level only) — derived from upstream proxy
  • Inferences — none drawn for profiling purposes

We do not collect: biometric information, racial or ethnic origin, religious or philosophical beliefs, union membership, genetic data, health data, sex-life or sexual-orientation data, citizenship/immigration status, or precise geolocation.

3. How We Use Information

We use the information described above to:

  • Provide the Service — authenticate you (via your single sign-on provider), render the dashboard, compute scores and signals, store the journal entries, watchlists, and uploads you create
  • Generate analytical outputs — compute quantitative scores, Kelly sizing estimates, and AI-generated narrative theses based on the methodology described in our Service. AI-generated narrative theses are produced by sending only the ticker symbol, public market data for that ticker, and generic methodology context to our AI subprocessor (currently Anthropic). The prompt does not include your name, email, account balances, holdings, trade history, journal entries, watchlists, or any other Content you have uploaded. Anonymization is verified by a written audit conducted at least quarterly. The audit log is retained for two years and is available to regulators on request. You can disable AI thesis generation entirely from your account — see §3.4. See our AI & Automation Disclosure for the full data-flow description
  • Operate billing — manage subscription state via Stripe, including renewals, cancellations, and downgrades
  • Communicate with you — send transactional emails (subscription receipts, billing notices, security alerts, account changes); we do not currently send marketing emails
  • Improve the Service — use service-operation data (feature usage counts, error rates, performance metrics) to debug, refine the methodology, and decide what to build. Where we use information to inform product decisions beyond a single user’s session, we first de-identify it in accordance with Cal. Civ. Code §1798.140(m): we apply reasonable measures to ensure the data cannot be linked back to a person, we publicly commit not to re-identify it, and we contractually require any recipient to make the same commitments. We do not train any AI model — internal or external — on Content you upload
  • Comply with law and protect users — respond to lawful requests, enforce our Terms, prevent fraud, abuse, or unauthorized access, and defend against legal claims

We process personal information only for the purposes described in this Policy.

3.1 Data Minimization

We collect, process, and retain only the personal information that is necessary to provide the features you use. We do not collect personal information speculatively for future products. If we add a feature that requires new categories of personal information, we will update this Policy and obtain any required consent before collecting that information.

3.2 Profiling and Automated Decision-Making

Vantis does not engage in “profiling” as defined under U.S. state privacy laws — that is, we do not use automated processing of personal information to evaluate, analyze, or predict aspects of a natural person related to economic situation, personal preferences, interests, reliability, behavior, location, or movements. The scoring engine described in our Terms is applied uniformly to public market data and to ticker-level inputs; it is not a personal evaluation of any user. We do not make automated decisions that produce legal or similarly significant effects on you.

3.3 AI Subprocessor Data Handling

Anthropic processes the data described above as a service provider on Vantis’s behalf. Under Anthropic’s Commercial Terms, Anthropic is contractually prohibited from training its models on Vantis API traffic. Anthropic’s published policies further indicate that prompts and responses transmitted through the API are deleted from Anthropic’s backend within 30 days of receipt or generation, except where (a) Anthropic is required by law to retain longer, or (b) automated trust-and-safety classifiers flag a prompt as potentially violating the Anthropic Usage Policy, in which case Anthropic may retain the input, output, and classification metadata for an extended period. We do not authorize Anthropic to use Vantis API traffic for any purpose other than operating the API and complying with law. Anthropic publishes its current data-handling practices at trust.anthropic.com.

3.4 Disabling AI Thesis Generation

AI thesis generation is off by default for new accounts and requires affirmative per-feature consent at first use. Existing accounts that already had AI thesis enabled retain that setting; you can disable it at any time at Settings → Privacy → AI Thesis. The prompts we send to Anthropic when AI thesis is enabled are anonymized as described in §3 above and §3.3 — they contain only the ticker, public market data, and generic methodology context, never your name, account information, or uploaded Content.

When AI thesis is disabled, the Service continues to compute quantitative scores, structure candidates, and gates locally — only the narrative paragraph generated by Anthropic is omitted. You can re-enable AI thesis at any time. Disabling AI thesis is recorded in our internal audit log along with the timestamp, IP address, and user-agent of the change, so we can verify the setting was honored if you later ask.

Disabling AI thesis stops new prompts from being sent. Prompts already sent to Anthropic are subject to the retention described in §3.3 and cannot be retroactively recalled.

3.5 Backup-Storage Subprocessor Data Handling

We maintain off-site backups of the Service database to enable disaster recovery. Backups are produced daily, compressed, encrypted by Vantis using a Vantis-managed key (Fernet symmetric authenticated encryption), and uploaded to Tigris, our backup-storage subprocessor. Each backup contains all stored Content described in §2 — your account information, brokerage transactions and holdings (whether uploaded or synced from a linked broker), journal entries, watchlists, AI thesis history (if you have enabled AI thesis), consent records, and feature preferences. Tigris additionally encrypts the stored object at rest as a defense-in-depth measure; the Vantis-side encryption is the operative protection (Tigris cannot read the contents of backups without the Vantis-managed key, which Tigris does not have).

Backups are retained for 30 days from creation and overwritten thereafter in the ordinary course. If you delete your account, personal information is removed from production systems within 30 days as described in §5; the same information may persist in the backup window for up to 30 days before it is overwritten, consistent with §5.

We do not share backups with any third party other than Tigris (which holds them as a service provider under our contractual terms) and access them only for disaster recovery or to support and troubleshoot the Service. Tigris is operated by Fly.io and stores data in Fly.io regions in the United States.

4. How We Share Information

We share information only as described here. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

4.1 With service providers (subprocessors)

We share information with vendors that help us operate the Service. They are contractually limited to processing data on our instructions and only for the purposes we specify.

  • Google (Identity / OAuth) — authentication; we receive your account info upon sign-in
  • Stripe — payment processing and subscription management; email, name, customer ID, subscription events; Stripe receives the payment instrument directly from you
  • SnapTrade — third-party brokerage linking; receives the brokerage credentials you enter into its hosted connection flow (Vantis does not see those credentials) and a Vantis-assigned user identifier; returns to Vantis the authorized account list, balances, positions, and transaction history for the accounts you link. Read-only scope; no trade placement or money movement. Off by default; data flows only after brokerage linking is enabled for your account and you authorize a brokerage connection. See §8.1 for the full data-flow description
  • Anthropic — AI-generated narrative theses; ticker symbols and market data; not your account-level financial data, balances, or trade history
  • Fly.io — application hosting; all Service traffic and stored data, as our infrastructure provider
  • Tigris — off-site database backup storage; receives a daily compressed snapshot of our SQLite database containing all stored Service data described in §2. Encrypted by Vantis using a Vantis-managed key before transmission and additionally encrypted at rest by Tigris; retained for 30 days then overwritten. Used solely for disaster recovery; not accessible by any third party. See §3.5 for the full data-flow description
  • Vercel — marketing site hosting; marketing site traffic and content

This list is current as of the effective date. We will update this Policy if we add or change material subprocessors.

We may disclose information if we reasonably believe disclosure is required to comply with a valid subpoena, court order, or legal process; comply with applicable law or regulatory request; protect the rights, property, or safety of Vantis, our users, or others; investigate or defend against legal claims; or detect, prevent, or address fraud, security issues, or abuse. Where lawful, we will attempt to notify affected users before complying with legal requests.

4.3 In a business transfer

If Vantis is involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of the transaction. We will require the receiving party to honor the privacy commitments described here, or we will notify you and provide an opportunity to delete your information before the transfer takes effect.

4.4 With your direction

We may share information at your direction (for example, if you explicitly request that we provide an export or transmit data to a third party).

5. Data Retention

We retain personal information for as long as your account is active and for a reasonable period thereafter to operate the Service for you, comply with legal, tax, accounting, and audit obligations, and enforce our Terms and resolve disputes.

We retain personal information based on the following criteria:

  • Account information (single sign-on provider identifier, email, name) — while your account is active; deleted within 30 days after account deletion
  • Brokerage transaction and holdings data (whether uploaded as CSV or synced from a linked brokerage account via SnapTrade) — while your account is active; deleted within 30 days after account deletion. Disconnecting a linked account stops further syncs but does not by itself delete previously synced data; to delete it, submit a deletion request as described in §7
  • Trading journal entries, watchlists, preferences — while your account is active; deleted within 30 days after account deletion
  • Server log data — 90 days, except where retained longer to investigate a security incident
  • Subscription and payment records — 7 years from the date of the transaction (tax and accounting compliance)
  • Communications with us (support tickets) — 3 years from the date of the last message in the thread

“Deleted” means removed from production systems. Personal information removed from production systems may persist in encrypted backups for up to 90 days, after which it is overwritten in the ordinary course. Backups are not used to operate the Service for you and are restored only in the event of a system-recovery incident.

Information that has been irreversibly de-identified in accordance with Cal. Civ. Code §1798.140(m) is not subject to these retention limits and may be retained indefinitely as de-identified data.

If you want a specific account or specific data deleted, contact us as described in §7.

6. Data Security

We use commercially reasonable measures to protect information, including:

  • Encryption in transit using TLS for all connections to and from the Service
  • OAuth-based authentication; we do not store your password (Google does)
  • Server-side session storage; cookies carry only an opaque identifier, and session state is held in our database (not in the cookie)
  • Network and access controls at our hosting providers
  • Limiting access to user data to personnel who need it to operate, support, or troubleshoot the Service

No system can be guaranteed secure. If we determine that a security incident has compromised your information in a manner that triggers notification obligations under the Washington Data Breach Notification Act (RCW 19.255) or other applicable law, we will notify affected users and the appropriate authorities within the timeframes required by those laws. We will provide a clear description of what happened, what information was involved, and the steps you can take in response.

We do not use phrases like “bank-level security,” “military-grade encryption,” or “fully secure” because they are not meaningful descriptions of any actual security control.

7. Your Rights

You have rights regarding the personal information we hold about you. The specific rights vary by state of residence; we describe both general rights and California-specific rights.

7.1 Rights available to all U.S. users

  • Access — request a copy of the personal information we hold about you
  • Correction — request that we correct inaccurate information
  • Deletion — request that we delete your account and associated personal information (subject to legal retention requirements described in §5)
  • Export / portability — request a machine-readable copy of information you have provided
  • Opt-out of marketing — we currently do not send marketing emails; if we ever do, every such email will include an unsubscribe link

To exercise these rights, contact us by either of the following methods:

  • Email: privacy@getvantis.ai (from the email address associated with your account)
  • In-app request: Settings → Privacy → “Submit a privacy request” (when signed in)

We will acknowledge your request within ten (10) business days and respond within forty-five (45) days of verifying your identity. Where a request is complex or requires additional verification, we may extend the response period by an additional 45 days and will notify you of the extension. We do not charge a fee for ordinary requests.

7.2 California residents (CCPA / CPRA)

If you are a California resident, in addition to the rights above, you have the right to:

  • Know the categories of personal information we collect, the purposes for collection, and the categories of third parties to whom we disclose it
  • Know the specific personal information we have collected about you
  • Request that we not sell or share your personal information for cross-context behavioral advertising — we do not sell or share for these purposes; this right is satisfied by our practice
  • Limit the use of “sensitive personal information” (SPI). To the extent any information we collect qualifies as SPI under California law, we use it only to provide and operate the Service for you, comply with law, and prevent fraud and abuse — never to infer characteristics about you, train models, or for advertising. Brokerage transaction and holdings data you upload is treated by Vantis as Sensitive Financial Information under our Terms of Service §16, regardless of whether it meets the statutory CCPA definition of SPI; we apply the protections described in §6 (Data Security) accordingly

You may also designate an authorized agent to make a request on your behalf. We will require verification of your identity and the agent’s authority. We do not discriminate against you for exercising privacy rights.

7.3 Other states

Several U.S. states (including Washington’s My Health MY Data Act for health-related data, and emerging laws in Colorado, Connecticut, Texas, Utah, Virginia, and others) provide privacy rights similar to California’s. We honor equivalent rights for residents of those states. To exercise rights, contact us as described above.

7.4 Children

The Service is not directed to or available for children under 18 (see §10). If you believe we have collected information from a child, contact us and we will delete it.

7.5 California “Shine the Light” (Cal. Civ. Code §1798.83)

Vantis does not share personal information with third parties for those third parties’ direct marketing purposes. As a result, no Shine the Light disclosure is required. If our practice changes, we will update this section and provide the disclosure on request.

8. Third-Party Services & Integrations

The subprocessors listed in §4.1 are integral to the Service. In addition:

8.1 Linking to your brokerage

Vantis offers an optional, read-only brokerage linking feature that lets you connect a brokerage account through SnapTrade, a third-party account-aggregation service. The feature is off by default for every account. No data flows to or from SnapTrade unless the feature is enabled for your account and you authorize a brokerage connection. CSV upload remains available as an alternative way to bring brokerage data into the Service whether or not linking is enabled for your account.

When the feature is enabled for your account and you choose to link a brokerage, the data flow is as follows:

  • You enter your brokerage credentials directly into SnapTrade, not into Vantis. Vantis never sees, receives, or stores your brokerage username, password, OAuth token, or any other authenticator. Your relationship with SnapTrade for the purpose of authenticating to your broker is governed by SnapTrade’s own privacy notice, published at snaptrade.com.
  • Vantis receives from SnapTrade: the list of accounts you have authorized (account name and trailing-4 identifier), current balances, current positions, and transaction history for those accounts. These records are stored alongside any CSV uploads you have provided and are tagged with their source so we (and you) can tell linked and uploaded data apart.
  • The connection is read-only. Vantis opens the SnapTrade connection with the connectionType="read" parameter, which prohibits trade placement, money movement, or any other write action on your brokerage account. Vantis cannot place, modify, or cancel trades on your behalf through this integration.

Inbound webhooks. SnapTrade may notify Vantis when your linked-account data has changed (for example, when a new transaction has settled). Those notifications are HMAC-signed by SnapTrade and verified by Vantis before being acted on. The notification itself contains identifiers, not account contents; Vantis fetches the actual data from SnapTrade in response and only for accounts whose users still have brokerage linking enabled.

Retention. Linked-account data follows the same retention rules as uploaded brokerage data (see §5): retained while your account is active, deleted from production systems within 30 days after account deletion.

Disconnecting. You can disconnect any linked brokerage account at any time from /portfolio or Settings → Brokerage Linking. When you disconnect, Vantis closes the connection at SnapTrade first and then marks the connection inactive in our database, so the connection cannot continue to fetch new data after the disconnect completes. Previously synced transaction history remains in your account so prior periods continue to render in the Service; if you want that history removed as well, submit a deletion request as described in §7.

8.2 Outbound links

The Service may link to external sites (e.g., your broker’s transaction-export page, the OCC Options Disclosure Document, news articles). We are not responsible for the privacy practices of those sites. Their privacy policies govern the information you provide to them.

8.3 Embedded third-party content

We do not currently embed third-party widgets, social-media share buttons, advertising tags, or analytics pixels.

9. Cookies & Tracking Technologies

We use a small number of cookies, all strictly necessary for the Service:

  • Session cookie — keeps you signed in across pages of the Service. Set by our server, signed using our server-side secret. Expires when you sign out or after a period of inactivity.
  • Stripe checkout cookies — set by Stripe during the subscription checkout flow. Stripe’s privacy policy governs these. They are scoped to the Stripe domain.
  • Geo / proxy cookies — our hosting provider (Fly.io) and content delivery network may set cookies for routing and security purposes.

We do not use cookies for behavioral advertising, cross-site tracking, or analytics. We do not currently respond to “Do Not Track” browser signals because there is no industry-standard interpretation. We honor the Global Privacy Control (GPC) signal as an opt-out request from California residents and from residents of other states whose laws recognize universal opt-out signals. Because Vantis does not sell personal information and does not share personal information for cross-context behavioral advertising (see §4), there is nothing for the signal to opt out of — this no-sale posture, not a separate opt-out workflow, is how we honor GPC. For signed-in sessions we also record that a GPC signal was received: a non-identifying privacy preference, retained under the session-data retention described in §5. We keep this record so that the signal you send is acknowledged for transparency and standards-compliance.

You can control cookies through your browser settings. Disabling our session cookie will prevent you from staying signed in.

10. Children’s Privacy

The Service is intended for adults (18 years of age or older). We do not knowingly collect personal information from anyone under 18, and we do not knowingly collect personal information from children under 13 within the meaning of the Children’s Online Privacy Protection Act (COPPA). If we learn that a person under 18 has provided personal information to us, we will delete the account and the associated personal information. To report suspected use of the Service by a minor, contact privacy@getvantis.ai.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The current version is always available at getvantis.ai/legal/privacy with the effective date and version number. For changes that materially expand how we use or share previously-collected sensitive financial information, we will give advance notice to the email address associated with your account and obtain your affirmative opt-in consent before applying the change to that data. For other changes to this Policy, we will post the updated Policy with a new effective date, and continued use of the Service after that date constitutes acceptance.

A version history is published at getvantis.ai/legal/changelog.

12. Contact Information

For privacy questions, requests, or concerns:

Vantis LLC
Attn: Privacy
Washington, USA
privacy@getvantis.ai