Privacy Policy

GLAZ (“GLAZ,” “we,” “us”) operates the financial-intelligence subscription service at glazmarkets.com and related properties. This policy covers personal information processed in connection with that service.

We collect three categories of information:

• Account information. Your email address and a bcrypt hash of your password. We never store your password in plain text.
• Payment information. Card details, billing address, and tax information are collected and stored by Stripe, our payment processor. We do not store card numbers on our servers. We do retain your Stripe customer ID and subscription status so we can grant access and manage renewals.
• Usage information. Server logs (IP address, user agent, timestamps, request paths), product interaction data (tickers viewed, watchlists, search queries), and standard error telemetry. We use this to operate the service, debug issues, and understand which features are useful.

• To create and maintain your account and provide the service.
• To process payments and manage your subscription, including renewal, cancellation, and refunds.
• To send transactional emails (account confirmations, billing receipts, trial-ending notices, security notifications). We do not send marketing emails unless you opt in.
• To improve and secure the service, including debugging, performance monitoring, and abuse prevention.
• To comply with legal obligations and respond to lawful requests.

We rely on a small set of vendors to operate the service. Each processes data only on our instructions and only for the purpose listed. The categories are:

• Payment processor. Stripe handles subscription billing, card storage, and fraud prevention. When you complete checkout you are interacting with Stripe directly; their privacy policy applies to that data. We receive only the customer ID and subscription status needed to grant access.
• AI model providers. Public market content (headlines, regulatory filings, press releases) is processed by third-party large language model providers to generate summaries and structured metadata. Your personal account data, email, password, billing details, and individual usage history are not shared with these providers.
• Cloud hosting and infrastructure providers. We host the web application, databases, and background workers on commercial cloud platforms. These providers process the data necessary to run the service (account records, runtime logs) under standard data-processing agreements.
• Market data providers. We integrate with third-party financial-data services to populate the earnings calendar, quote data, and similar reference information. No personal data is shared with these providers.

We do not sell or rent your personal information to third parties for marketing purposes. If a processor in any category changes materially, we will update this policy.

Account data is retained for as long as your account is active. After you delete your account, we delete personal account data within 30 days, except where we are required to retain records for legal, tax, accounting, or fraud-prevention purposes (typically 7 years for billing records).

Server logs are retained for up to 90 days for security and debugging purposes, then deleted.

We use industry-standard security practices: encryption in transit (TLS) for all traffic; encryption at rest for the database; password hashing with bcrypt; principle-of-least-privilege access controls for our team and vendors; and signed-secret verification for all payment webhooks.

No system is perfectly secure. If we discover a breach affecting your personal information, we will notify you and the appropriate authorities as required by law.

You can request the following at any time:

• Access. A copy of the personal information we hold about you.
• Correction. Update inaccurate or incomplete information.
• Deletion. Delete your account and associated personal data (subject to the legal-retention exceptions in section 5).
• Portability. Export your watchlists, account metadata, and other data you provided.
• Objection / restriction. Limit how we process your information for specific purposes.

Email hello@glazmarkets.com to exercise any of these. We respond within 30 days.

We use only the cookies strictly necessary to operate the service: a session cookie to keep you signed in, and a CSRF-protection cookie. We do not use third-party advertising or cross-site tracking cookies.

If we add analytics in the future (for example, to understand which pages users visit), we will update this policy and use privacy-respecting tooling that does not identify individual users.

GLAZ is not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a child has provided us their information, contact us and we will delete it.

GLAZ is operated from the United States. If you access the service from outside the U.S., your information will be transferred to, processed, and stored in the U.S. (and potentially other jurisdictions where our vendors operate). We rely on standard contractual safeguards with our processors where required.

We may update this policy from time to time. If we make material changes, we will notify you by email or via a notice in the product before the changes take effect. The “Effective” date at the top of this page reflects the most recent update.

Questions, requests, or complaints about this policy or your personal information: email hello@glazmarkets.com.