Privacy policy
Last updated: 30/04/2026
Who we are
RIBN is operated as a sole-trader business in the United Kingdom. Contact: privacy@ribn.tech. We act as data controller for the information described below.
What we collect
- Email address — for magic-link sign-in and billing receipts.
- Subscription state — Stripe customer ID, subscription status, plan, period end. We never see card numbers; Stripe processes payment.
- Watchlist and portfolio — symbols, quantities, cost basis. Stored only to render your dashboard and extension banner.
- Telemetry — aggregated counters on extension errors and chart load times. No per-user identifiers.
What we don't collect
Browsing history, the URLs of tabs you visit, the contents of any page, your IP address beyond what's needed to fulfil a request, or anything visible on websites you load. The extension does not observe page content.
Where it lives
PostgreSQL on Neon (EU region) and Redis on Upstash (EU region). Stripe processes payments under their own controller agreement. Marketaux serves news headlines; we don't share your identity with them.
Your GDPR rights
You can request access, rectification, erasure, restriction, portability and objection at any time by emailing privacy@ribn.tech. We respond within 30 days. If we can't resolve a complaint you can lodge it with the UK Information Commissioner's Office.
Retention
Account data is retained while your account is open and for 7 years after closure for UK tax purposes (HMRC requirement on billing records). Extension telemetry is aggregated and rolled up after 90 days.
Cookies
One first-party session cookie (`ribn_session`) for sign-in. No tracking cookies, no advertising pixels, no analytics third parties. Stripe sets its own cookies on its checkout origin.