Last updated: July 4, 2026
Privacy Policy
Please read this Privacy Policy carefully before using the optiondata.io website or any OptionData APIs or services.
OptionData LLC (referred to here as "OptionData," the "Company," "we," "us," or "our") is committed to protecting your privacy. This Policy explains what personal information we collect, how we use and share it, and the choices you have.
"Personal information" means data that identifies or relates to a specific individual. It does not include aggregated or anonymized data that cannot reasonably be used to identify you.
Questions? Contact us at support@optiondata.io.
1. Scope
This Policy applies to the optiondata.io website, the OptionData dashboard, and the OptionData APIs (together, the "Service"). It does not cover third-party websites or services that we do not own or control, including the service providers named below; their handling of your information is governed by their own privacy policies.
2. Information We Collect
We collect the information needed to operate the Service: to sign you in, confirm your eligibility for market data, bill you, secure the APIs, and understand how the product is used.
- Account information: When you sign in, our authentication provider (Clerk) collects your email address and, if you provide it, your name. Sign-in uses one-time email codes — we never collect or store passwords. We also assign internal identifiers to your account, including a billing customer ID and an API key.
- Qualification survey responses: Before activating market-data access, we ask eligibility questions required by our upstream data agreements — currently whether you will redistribute the data and whether you are a non-professional user — together with an invitation code. We store your eligibility answers with a timestamp; the code is used only for validation and is not stored.
- Billing information: Payments are processed by Stripe on Stripe-hosted pages. We never receive or store your card number. We store your Stripe customer ID and read back your subscription status (plan, trial, and billing period) to operate your account.
- API usage data: When you call our APIs, we process your API key (or customer ID), request metadata such as timing, result size, and error details, and your IP address for rate limiting and abuse prevention. IP-based rate-limit counters are held in memory only and are not stored durably.
- Device and analytics data: On our production website we use PostHog to collect usage analytics: pages viewed, clicks and feature interactions, browser and device details, and approximate location derived from your IP address. If you are signed in, this activity is associated with your account (user ID, name, and email).
- Cookies and local storage: We use cookies and browser storage needed to run the Service: Clerk session cookies (to keep you signed in), PostHog analytics storage, Crisp cookies (our support chat widget), and local settings such as theme and language. We do not use advertising or cross-site tracking cookies. You can manage cookies in your browser, but disabling them may limit functionality such as staying signed in.
3. How We Use Your Information
We use personal information to:
- Provide, maintain, and improve the Service, including authenticating you, provisioning API access, and enforcing subscription entitlements.
- Process subscriptions and payments through Stripe and manage free trials.
- Verify your eligibility for market-data access under our upstream exchange and data-provider agreements.
- Secure the Service, including rate limiting, abuse and fraud prevention, and diagnosing errors.
- Understand product usage through analytics so we can improve features and documentation.
- Respond to your support requests and send service-related communications, such as sign-in codes and billing notices.
- Comply with legal obligations.
4. How We Share Your Information
We do not sell or rent personal information, and we do not share it for third-party advertising. We share it only with the providers that run the Service, within our own team for operations, or as required by law:
- Service providers: Clerk (authentication), Stripe (payments and billing), PostHog (product analytics), Crisp (support chat), Netlify (website hosting), Cloudflare (real-time API delivery), and our database infrastructure providers (historical data hosting). Each receives only the data needed for its function and is bound by its own contractual and legal obligations to protect it. Our website also loads fonts from Google Fonts, which receives your IP address when font files are fetched.
- Internal operations: Operational alerts about events such as sign-ins, checkouts, and errors — which may include your email address and customer ID — are delivered to private, access-restricted team channels (via Discord webhooks) so we can run and troubleshoot the Service.
- Legal and protection needs: We may share information to prevent fraud or harm, enforce our Terms of Service, or comply with subpoenas, court orders, or applicable laws.
- Aggregated or de-identified data: We may share usage statistics or trends that do not identify you.
5. Business Transfers
If OptionData is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via the Service and the email address on your account of any change in ownership that materially affects how your personal information is handled.
6. Security
We use reasonable physical, technical, and administrative safeguards to protect personal information, including encryption in transit (HTTPS), server-side-only handling of billing identifiers and secrets, and signed API keys. No method of transmission or storage is completely secure, so keep your account email and API key confidential and notify us immediately at support@optiondata.io of any suspected unauthorized use.
If we learn of a data breach affecting your personal information, we will notify you and the relevant authorities as required by applicable law.
7. Data Retention
We keep personal information for as long as your account is active and as needed to provide the Service. Billing records are retained as required by tax and accounting law, and analytics data is retained under our analytics provider’s retention settings.
If you ask us to delete your account (see Section 8), we will delete or de-identify the personal information we hold and direct our service providers to do the same, except where we must retain it to comply with legal obligations, resolve disputes, or enforce our agreements.
8. Your Rights and Choices
You can review the email address on your account in the dashboard. For anything else, email support@optiondata.io with the subject "Privacy request" and we will respond within the time required by applicable law. Depending on where you live, you may have the right to:
- Access the personal information we hold about you and receive a copy in a portable format.
- Correct inaccurate personal information.
- Delete your personal information and account.
- Restrict or object to certain processing.
- Lodge a complaint with your local data-protection authority (for users in the EEA or UK).
For users in the EEA and UK: we process personal information on the legal bases of performance of a contract (providing the Service you signed up for), our legitimate interests (securing and improving the Service), and compliance with legal obligations (such as billing and tax records).
For California residents: we do not sell personal information, and we do not share it for cross-context behavioral advertising, as those terms are defined by the CCPA/CPRA.
9. International Data Transfers
OptionData is based in the United States, and personal information is processed there and in other countries where our service providers operate. Where applicable law requires safeguards for international transfers, we rely on mechanisms such as standard contractual clauses entered into by us or our service providers.
10. Do Not Track
The Service does not display third-party advertising and does not track you across other websites. We do not currently respond to browser "Do Not Track" signals.
11. Children's Privacy
The Service is not directed to anyone under 18, and you must be at least 18 to create an account. We do not knowingly collect personal information from children under 13 (as defined by the Children’s Online Privacy Protection Act). If we learn that we have collected such information, we will delete it. Parents or guardians may contact support@optiondata.io to request removal.
12. Changes to This Policy
We may update this Policy from time to time. When we do, we will post the revised version here and update the "Last updated" date above. For material changes, we will provide additional notice, such as an email or an in-product notice. Continued use of the Service after changes take effect means you accept them.
13. Contact Us
Questions or requests about this Policy or your personal information can be sent to support@optiondata.io or submitted through the support page.