THESISVAULT
PRIVACY POLICY

Privacy Policy

Effective July 16, 2026 · Last updated July 16, 2026

ThesisVault (“ThesisVault”, “we”, “us”) is a personal research journal for retail investors. It helps you write and organize your own notes about companies and ideas. This policy explains what we collect, why, and your choices.

The most important thing to know: ThesisVault is a note-taking tool, not a broker. We do not connect to your brokerage, and we do not see your trades, holdings, balances, bank accounts, or any financial account. The “prices,” “targets,” and “values” in the app are numbers you type into your own notes — we do not fetch market data and there is no live financial data about you.

1. Information we collect

Account information. Your email address, used to create your account, sign you in, and send you sign-in and password-reset codes.

Your content. The research you choose to save — tickers, notes/memos, targets, stop levels, quantities and prices you type, ratings, links, and records in your Memory. This is text and numbers you enter yourself, private to your account.

Profile and settings. A display handle you may choose (for a future community feature), your theme, currency symbol, and app preferences.

Minimal technical data. Standard information needed to operate the app (e.g., authentication tokens stored on your device). We do not use advertising identifiers, and we do not run third-party ad or analytics tracking.

2. Information we do not collect

3. How we use your information

We use it only to provide the app: to authenticate you, store and sync your notes across your devices, and support you. We do not sell your information, and we do not use your research content to advertise to you.

4. Where your data is stored and how it's protected

Your data is stored with our cloud infrastructure provider, Supabase (hosted Postgres). Data is transmitted over encrypted connections (HTTPS/TLS). Access is protected by database row-level security so that, under normal operation, only your authenticated account can read or write your data.

We use Resend to deliver authentication emails (confirmation and password-reset codes). Apple/Google app stores distribute the app. No method of storage or transmission is 100% secure, and we cannot guarantee absolute security.

5. Sharing

We share your information only with the service providers above, strictly to run the app (hosting, database, transactional email, app distribution). We may disclose information if required by law. We do not otherwise share or sell it.

Future community feature. ThesisVault may later offer an optional community where you can choose to publish specific research notes under your handle. Anything you deliberately publish there will be visible to others. That feature is not currently available, and nothing you write is public unless and until you explicitly opt in and publish it.

6. Your choices and rights

7. Data retention

We keep your data for as long as your account is active. If you request deletion, we will remove your personal data within a reasonable period, except where we must retain it to comply with legal obligations.

8. Children

ThesisVault is not directed to children and is intended for adults making their own research decisions. Do not use it if you are under the age required to form a binding contract in your jurisdiction (and in any case not under 13).

9. International users

Your data may be processed in countries other than your own, including where our providers operate. By using ThesisVault you consent to this processing.

10. Changes to this policy

We may update this policy. Material changes will be reflected by updating the “Last updated” date and, where appropriate, notifying you in the app.

11. Contact

Questions about privacy? Contact info@thesis-vault.com or write to E Studios (the trading name of Eliyau Ben Baruch), Jerusalem, Israel.