Arcadia Privacy Policy

App: Arcadia | Effective date: 22 May 2026 | Last updated: 22 May 2026

This Privacy Policy describes how Vitali Smyk (“we”, “us”, or “our”), an individual developer, handles information in connection with the Arcadia mobile application (“App”) and related services available at archmage.us (the “Services”).

By using the App, you agree to this Privacy Policy. If you do not agree, please do not use the App.

Not financial advice. Arcadia provides portfolio tracking, market data, estimates, and educational analytics for informational purposes only. Nothing in the App constitutes investment, tax, or legal advice. You are solely responsible for your financial decisions.

1. Who we are

Data controller: Vitali Smyk (individual developer).
Contact: vitali.smyk@gmail.com

2. Summary

The App is designed to work without user accounts. We do not require your name, email, or phone number to use core features.
Your portfolio, watchlist, transactions, and app settings are stored only on your device.
We do not store personal data on our servers. Some features require temporary transmission and processing of data on our servers or by infrastructure providers in order to provide requested functionality.
Optional features (such as photo import or premium activation) may send limited technical data to our servers when you choose to use them.
The App may use Google advertising and analytics technologies as described below.
We do not sell personal information as traditionally understood. Advertising partners such as Google may process device identifiers for advertising and measurement purposes.

3. Information stored on your device

When you use Arcadia, the following may be stored locally on your device (for example, in app storage or preferences):

Portfolio holdings, share quantities, and transaction history you enter or import
Watchlist symbols and display preferences (theme, currency, tax country, formatting, and similar settings)
Premium activation key and related validation timestamps (if you enter an activation key)
Onboarding and usage counters used for in-app experience (for example, free-tier limits or ad display rules)

This information stays on your device unless you explicitly send it to our servers by using a network feature (see Section 4). Uninstalling the App removes locally stored data from your device subject to device backup behavior and operating system settings.

4. Information sent to our servers

To provide live quotes, charts, dividends, portfolio analytics, research summaries, and import assistance, the App communicates with backend services operated by us. Infrastructure may run on on-premises systems and Amazon Web Services (AWS). Requests are generally anonymous and are not linked to a named user account.
Do not upload highly sensitive personal, financial, or identity documents.
AI-related requests may be processed by third-party AI infrastructure providers. While we aim to minimize retention, such providers may temporarily process submitted content according to their own security and operational practices.
AWS acts as infrastructure hosting provider.

Like most online services, use of the App may automatically generate technical and operational records when communicating with our systems or third-party providers. This may include IP address, approximate geographic region derived from IP, request timestamps, device type, operating system version, app version, crash diagnostics, advertising identifiers, and security-related metadata.

We use this information for service delivery, analytics, fraud prevention, abuse detection, debugging, advertising support, and operational security. Such information is generally retained only for limited operational purposes and is not used to build a personally identified investment profile.

4.1 Market data and analytics requests

When you refresh quotes, open research, or request portfolio overview calculations, the App sends data needed to fulfill that request (for example, symbols, exchanges, holdings structure, and chart parameters). We use this only to generate the response. We do not maintain a persistent server-side profile of your portfolio tied to your identity.

We may use third-party infrastructure, analytics, advertising, AI, monitoring, and market-data providers to operate the App. These providers may process limited categories of technical, diagnostic, financial, or uploaded content data solely on our behalf or according to their own applicable privacy policies and contractual obligations.

4.2 Import (optional)

If you choose to import holdings or transactions from a photo, screenshot, or CSV file, the file is uploaded so our systems can extract structured trade or position data. Files and extracted content are processed to return results to your device and are not stored on our servers after processing. Please avoid uploading documents that contain more personal information than necessary (for example, full account numbers or government IDs).

4.3 AI-assisted features (optional)

Some features (such as import parsing, symbol research, portfolio balance commentary, or similar tools) use automated processing. We use OpenAI, DeepSeek and related infrastructure to generate responses from the inputs you submit for that request. Prompts and outputs for these features are not stored on our servers as a lasting record of you or your portfolio.

4.4 Premium activation (optional)

If you enter a premium activation key, the App may send the key and a pseudo-anonymous device identifier derived from non-sensitive device traits (such as screen size, OS version, and device model) to validate entitlement. This identifier is not your hardware serial number. We use it only to validate activation; we do not store personal data on our servers as part of this process.
This identifier is used solely for license validation and abuse prevention and is not used for advertising or cross-app tracking.

4.5 Third-party market data

We obtain market and instrument information from third-party data providers (which may include public and commercial sources). Those providers receive request parameters such as symbols and dates, not your name or contact details from us.

5. Permissions

The App may request device permissions only when needed for features you use:

Camera — to photograph brokerage statements or holdings screens for optional import
Photos / media — to select existing images or files for optional import
Network access — to reach our APIs and load market content

You can deny permissions; related features will not work until permission is granted.

6. Google advertising and analytics

The App may display Google Ads and use Google analytics or measurement technologies (for example, Google AdMob and related Google services). These partners may collect device identifiers, advertising IDs, IP address, app interactions, and diagnostic information according to their own policies. We use such data in aggregate to understand usage and to fund free-tier features.

Where required, we request consent for personalized advertising through supported consent frameworks.

You can limit ad personalization through your device settings (for example, “Opt out of Ads Personalization” on Android) and through Google’s ad settings. For more information, see Google’s Privacy Policy.

Advertising and analytics partners may collect or receive device identifiers, advertising IDs, IP address, app interaction events, diagnostics, and approximate location information according to their own privacy policies.

7. Legal bases (EEA, UK, and similar regions)

If you are in the European Economic Area, the United Kingdom, or a jurisdiction with similar requirements, we rely on:

Contract / service delivery — to provide features you request
Legitimate interests — to operate, secure, and improve the App, and to show advertising on the free tier
Consent — where required for optional permissions, advertising personalization, or similar choices you can withdraw in device or app settings

8. International transfers

We offer the App worldwide. Data may be processed in the United States and other countries where our on-premises or AWS infrastructure and service providers operate. Protections vary by location; where required, we take steps appropriate to the nature of the data processed (which is largely non-personal and transient on servers).

9. Retention

On your device: until you change or delete it, or uninstall the App.
On our servers: we do not store personal data but operational logs, caches, or security records may exist for a limited time for reliability and abuse prevention, without building a user profile from your portfolio.
Google partners: retention is governed by Google’s policies.

10. Your choices and rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing, or to data portability.

Local data: clear or edit portfolio data in the App, or uninstall the App to remove on-device storage.
Server data: because we do not store personal data on servers, there is typically nothing for us to delete server-side; contact us if you believe otherwise.
Advertising / analytics: use device and Google settings to limit tracking or personalized ads.
Complaints: you may lodge a complaint with your local data protection authority.

To exercise rights or ask questions, email vitali.smyk@gmail.com. We may need to verify your request where applicable.

11. Children

Arcadia is not directed at children. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will take appropriate steps.

12. Security

We use reasonable technical and organizational measures to protect data in transit (such as HTTPS) and to limit server-side retention. No method of transmission or storage is completely secure; use the App at your own risk for device-level security (screen lock, backups, and malware protection).
Users are responsible for maintaining appropriate device security measures such as screen locks, backups, and malware protection.
Operational security logs and temporary processing records may be retained for up to 30 days unless longer retention is required for security, fraud prevention, or legal obligations.
Requests are generally processed without directly identifying you by name.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised version at this URL with a new effective date. Continued use of the App after changes means you accept the updated policy.

14. Contact

Questions about this Privacy Policy:
Vitali Smyk
Email: vitali.smyk@gmail.com
Web: https://archmage.us