1. Introduction
Finviz ("we", "us", or "our") provides the Finviz mobile application for Android (the "App") and the finviz.site website (together, the "Service"). The Service lets you track stock and cryptocurrency prices, charts, fundamentals, and financial news, and build watchlists.
This Privacy Policy explains what information we handle, how it is used, and the choices you have. We have designed Finviz to be local-first: most of your data stays on your device. Creating an account is optional — you can use the App as a guest without providing any personal information.
By accessing or using the Service, you agree to the practices described here. If you do not agree, please do not use the Service.
2. Data Safety Summary
This summary mirrors our Google Play Data safety disclosure. Details follow in the sections below.
| Data type | Collected | Shared | Purpose |
|---|---|---|---|
| Email address (only if you create an account) | Yes | No | Account creation & sign-in |
| Name / display name (optional) | Yes | No | Personalize your account |
| Advertising ID | Yes | Yes (Google AdMob) | Advertising |
| App activity (watchlists, searches, settings) | Stored on device only | No | App functionality |
| Approximate technical/device data | By AdMob | Yes (Google AdMob) | Advertising & security |
We do not sell your personal information. All network traffic is encrypted in transit (HTTPS/TLS). You can request deletion of account data at any time (see Account & data deletion).
3. Information We Collect
3.1 Information you provide
- Account data (optional): if you choose to register, we collect your email address, an optional display name, and a password. Authentication is handled by our backend provider, Appwrite. Your password is stored only by Appwrite in hashed form — we never see or store it in plain text.
- Third-party API keys (optional): the App lets advanced users enter their own market-data API keys (e.g. Finnhub). These keys are stored encrypted on your device only using the Android Keystore and are never transmitted to us.
- Support communications: if you email us or use in-app feedback, we receive the content of your message and your email address so we can respond.
3.2 Information collected automatically
- Advertising identifier: the App shows ads via Google AdMob, which may access your device advertising ID and limited technical/device information to serve and measure ads (see Advertising).
- Network information: standard request data (such as IP address) is processed by the third-party servers we contact (market-data providers, our authentication backend, and the ad network) to deliver responses. This is inherent to any internet connection.
We do not use any third-party analytics, usage-tracking, or crash-reporting SDK (see Analytics & tracking).
4. Data Stored Only on Your Device
The following data is stored locally on your device and is not transmitted to or collected by us:
- Watchlists and recent searches.
- App preferences: theme, default currency, time zone, and data-feed settings.
- Notification preference toggles (price alerts, market open/close, breaking news, earnings).
- A local cache of your sign-in state (email, display name, user ID) so you stay signed in.
- Your own third-party API keys, which are additionally encrypted with the Android Keystore.
This data is removed when you sign out, clear the App's data, or uninstall the App. You can export your watchlist at any time from the App's "Export Data" screen.
5. How We Use Information
- Create and authenticate your account and keep you signed in.
- Provide core functionality: quotes, charts, fundamentals, news, search, and watchlists.
- Display and measure advertising that supports the free App.
- Respond to your support requests.
- Maintain the security and integrity of the Service, and detect and prevent abuse.
- Comply with applicable legal obligations.
6. Third-Party Services
We rely on the following third parties (sub-processors) to operate the Service. Each processes data under its own privacy policy.
| Provider | Role | Data involved |
|---|---|---|
| Appwrite | Authentication and storage of your account and in-app notification records | Email, display name, hashed password, user ID |
| Finnhub | Stock quotes, fundamentals, company news, and symbol search | Ticker symbols and search text only |
| Yahoo Finance | Price history (charts) and batch quotes | Ticker symbols only |
| Alpha Vantage | Optional price charts | Ticker symbols only |
| CoinDesk | Cryptocurrency market data | Asset symbols only |
| Google AdMob | In-app advertising | Advertising ID and device/technical data |
| Image CDNs (Parqet, Financial Modeling Prep, CoinCap) | Company and asset logos | Ticker/asset symbols in image URLs only |
We do not sell your personal information, and we do not share account data with these market-data providers. We may also disclose information to legal authorities where required by law, and as part of a business transfer (e.g. merger or acquisition).
7. What We Send to Market-Data Providers
When you view a quote, chart, news item, or run a search, the App sends only the relevant ticker/asset symbol or your search query text (plus the applicable API key) to the data provider. We do not attach your email, name, user ID, or any account identifier to these requests.
8. Advertising & Advertising ID
The App is supported by advertising delivered through Google AdMob (banner, interstitial, native, and app-open formats). AdMob may use your device's advertising ID and limited technical data to serve, cap, and measure ads, including limited personalization. The App declares the com.google.android.gms.permission.AD_ID permission for this purpose.
You can reset or delete your advertising ID, or opt out of ad personalization, in Android Settings → Privacy → Ads. For details on how Google uses advertising data, see Google's privacy & terms and advertising policies.
9. Analytics & Tracking
We do not integrate any third-party analytics, attribution, behavioural-tracking, or crash-reporting SDK (such as Firebase Analytics, Crashlytics, or Google Analytics). We do not build advertising profiles about you, and we do not track you across other apps or websites for our own purposes. The only advertising identifier used is the one accessed by Google AdMob as described above.
10. App Permissions
The App requests only the minimum permissions required to function:
- Internet (
INTERNET) — to fetch market data, news, and ads. - Network state (
ACCESS_NETWORK_STATE) — to detect connectivity. - Advertising ID (
AD_ID) — for Google AdMob advertising.
The App does not request access to your location, camera, microphone, contacts, photos, or device storage.
11. Website Cookies
The finviz.site marketing website does not set advertising or analytics cookies and does not track visitors. It loads web fonts from Google Fonts, which may receive standard request information (such as your IP address) when fonts are served. No personal data is collected by us through the website.
12. Data Retention
Account data is retained for as long as your account exists. On-device data (watchlists, preferences, cached sign-in state, API keys) persists until you sign out, clear the App's data, or uninstall the App. When you request account deletion, we remove or anonymize your account data within a reasonable period, except where a longer retention period is required by law.
13. Account & Data Deletion
You are in control of your data:
- On-device data: sign out, clear the App's storage in Android Settings, or uninstall the App to remove all locally stored data.
- Account deletion: to delete your Finviz account and associated account data, email privacy@finviz.site from your registered address with the subject "Delete my account". We will verify the request and delete your account data within 30 days.
You may also manage active sessions, update your display name, and change your password from within the App's settings.
14. Security
We use industry-standard safeguards to protect your information, including encryption in transit (HTTPS/TLS) for all network requests and Android Keystore encryption for sensitive on-device values such as API keys. Passwords are hashed by our authentication provider. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
15. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access, correct, or delete your personal data.
- Object to or restrict certain processing.
- Request data portability.
- Withdraw consent at any time.
- Lodge a complaint with a supervisory authority.
To exercise these rights, contact privacy@finviz.site. Where the GDPR applies, we process account data to perform our contract with you, advertising data based on your consent, and security data under our legitimate interests. California residents have rights under the CCPA/CPRA, including the right to know and to opt out of the "sale" or "sharing" of personal information — note that we do not sell personal information.
16. Children's Privacy
The Service is intended for users aged 13 and older and is not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us information, contact privacy@finviz.site and we will delete it.
17. International Transfers
Your information may be processed in countries other than your own, including where our service providers operate. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses to protect data transferred internationally.
18. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version here and revise the "Last updated" date above. Material changes may be communicated by email or in-app notice.
19. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
Finviz Privacy Team
Email: privacy@finviz.site