Privacy Policy
Last updated: 2 July 2026
Who we are
LYFE, trading as WISPR ("we", "us"), is the controller of the personal data described in this policy. Registered at Duivenvoorde 18, 1187DJ Amstelveen, Netherlands. KVK: 80987389. VAT: NL003520561B74. Contact: hello.wispr@gmail.com. WISPR is based in the Netherlands and this policy is drafted with the EU General Data Protection Regulation (GDPR) in mind.
Data we collect
- Account data: email address, hashed password, optional name.
- Broker connection data: via SnapTrade — connected brokerage, account identifiers, holdings, positions, orders, transactions, cash movements. WISPR receives read-only data; we do not receive your broker login credentials.
- Journal & reflection content: notes and reflections you write in the app, and AI-generated summaries derived from them.
- Subscription data: Stripe customer and subscription IDs, subscription status, trial end date. Card details are handled by Stripe, not by WISPR.
- Telegram data (optional): if you connect Telegram, your chat ID and username so we can send you notifications you opt in to.
- Technical data: device/browser information and basic logs used to operate and secure the service.
How we use your data (purposes & legal bases)
- Providing the journal and reflections you requested — performance of a contract (Art. 6(1)(b) GDPR).
- Billing and subscription management — performance of a contract and legal obligation (Art. 6(1)(b), (c)).
- Security, fraud prevention, service integrity, and product improvement — legitimate interests (Art. 6(1)(f)).
- Optional Telegram notifications — consent (Art. 6(1)(a)); you can revoke at any time by disconnecting.
Sub-processors & third parties
We rely on the following processors to run the service. They only receive the data they need for their function:
- Supabase — database, authentication and backend hosting (EU region, Frankfurt).
- SnapTrade — brokerage connectivity; provides your holdings, orders and activity to WISPR.
- OpenAI — AI generation of reflections and pattern summaries. Content submitted to the API is not used to train models per OpenAI's API terms.
- Financial Modeling Prep (FMP) — market data and instrument metadata; we send tickers, not personal identifiers.
- Stripe — payment processing and subscription management.
- Telegram — delivery of optional in-chat notifications, if you opt in.
- Resend — transactional email delivery (account confirmation, password reset).
International transfers
Some processors (e.g. OpenAI, Stripe, SnapTrade, Resend) may process data outside the EEA. Where required, transfers are covered by appropriate safeguards such as the European Commission's Standard Contractual Clauses or an adequacy decision.
Retention
We keep your account and journal data for as long as your account is active. If you delete your account, we delete or anonymise personal data within a reasonable period, except where we must retain records (for example, billing records) to comply with legal obligations.
Your rights (GDPR)
You have the right to access, rectify, erase, restrict or object to processing of your personal data, and the right to data portability. Where processing is based on consent, you can withdraw consent at any time. You can exercise these rights by emailing hello.wispr@gmail.com. You also have the right to lodge a complaint with your supervisory authority (in the Netherlands, the Autoriteit Persoonsgegevens).
Security
We use industry-standard measures including encryption in transit, row-level security in our database, and least-privilege access. No system is completely secure; please use a strong, unique password.
Cookies
WISPR uses only strictly-necessary cookies/local storage for authentication and session handling. We do not use advertising cookies.
Changes
We may update this policy. If changes are material, we will notify you in-app or by email.
LYFE · KVK 80987389 · Amstelveen, Netherlands