Privacy Policy

What We Collect

When you sign up, we collect:

• Your GitHub account email and profile name (via OAuth)
• API usage counts (which endpoints you call and how many times per day)

When you use the API, we log:

• Your API key (to enforce rate limits)
• Daily request counts per key
• We do not log request bodies, query parameters, or response data

What We Don't Collect

• No tracking cookies or analytics scripts on the website
• No third-party advertising trackers
• No personal financial data (our calculators run server-side and results are not stored)
• No IP address logging

How We Use Your Data

• To authenticate your API requests
• To enforce daily rate limits based on your plan tier
• To send you service-related emails (downtime alerts, account changes)
• We will never sell your data or share it with third parties

Data Storage

Your account data and API usage records are stored in a PostgreSQL database hosted on Neon (US East region). Data is encrypted in transit via TLS. API keys are stored as plain text in the database but are only accessible via authenticated sessions.

Data Retention

• Account data: retained until you request deletion
• API usage records: retained for 90 days, then aggregated and deleted
• Economic data snapshots: retained indefinitely (these are our model outputs, not your data)

Your Rights

You can request deletion of your account and all associated data at any time by emailing support@bullrundata.com. We will delete your data within 30 days.

MCP Server Usage

When you use the BullrunData MCP server through Claude, ChatGPT, Cursor, or other AI tools, the same API key authentication and rate limiting applies. We do not have access to your conversations with these AI tools. We only see the API requests your MCP client makes to our endpoints.

Contact

For privacy questions or data deletion requests: support@bullrundata.com