EU & UK Privacy Notice
Valarn EU & UK Privacy Notice
Last Updated: [Insert Date]**
This EU & UK Privacy Notice supplements the Valarn Privacy Policy and applies to users located in the European Economic Area, European Union, Switzerland, and United Kingdom.
This Notice explains how Valarn collects, uses, discloses, transfers, stores, and protects personal data under applicable privacy laws, including the General Data Protection Regulation, the UK General Data Protection Regulation, and related national data protection and electronic communications laws.
This Notice should be read together with our:
- Terms of Service
- Privacy Policy
- Cookie Policy
- AI & Financial Disclaimer
- General Disclaimer
- Refund Policy
- Advertising & Affiliate Disclosure
- Community Guidelines
1. Who We Are
Valarn is an AI-powered stock research platform that provides educational and informational research tools, AI-generated reports, dashboards, watchlists, saved research history, alerts, advertising features, affiliate/referral tracking, and related services.
For purposes of applicable EU and UK data protection laws, Valarn may act as a data controller when it determines why and how personal data is processed. A controller is responsible for protecting personal data and enabling individuals to exercise their privacy rights.
Valarn is operated by:
[Insert Legal Company Name]
[Insert Business Address]
Privacy Email: [Insert Privacy Email]
Website: https://valarn.com
2. EU / UK Representative
If Valarn is not established in the EU or UK but offers services to individuals in those regions, Valarn may be required to appoint an EU and/or UK representative.
EU Representative: [Insert Name, Address, Email, if applicable]
UK Representative: [Insert Name, Address, Email, if applicable]
If Valarn is not required to appoint a representative, state:
Valarn has determined that it is not currently required to appoint an EU or UK representative. We will update this Notice if that changes.
3. Data Protection Officer
If Valarn is required to appoint a Data Protection Officer, contact details will be listed here.
Data Protection Officer: [Insert Name or Role]
DPO Email: [Insert DPO Email]
If not applicable:
Valarn has not appointed a Data Protection Officer because we have determined one is not currently required. Privacy inquiries may be sent to [Insert Privacy Email].
4. Personal Data We Collect
Valarn may collect the following categories of personal data.
4.1 Account Data
Examples:
- name;
- email address;
- username;
- account ID;
- password or authentication credentials;
- subscription plan;
- account settings;
- communication preferences;
- login history;
- security settings.
4.2 Payment and Subscription Data
Examples:
- billing name;
- billing address;
- payment method details processed by payment providers;
- subscription plan;
- transaction history;
- invoices;
- tax information;
- renewal date;
- cancellation status;
- refund history.
Valarn generally does not store full credit card numbers. Payment information is usually processed by a third-party payment processor such as [Insert Payment Processor].
4.3 Research Activity and Saved Report Data
Because Valarn provides AI-generated stock research, we may collect and store:
- stock symbols searched;
- companies viewed;
- reports generated;
- saved reports;
- report history;
- watchlists;
- report timestamps;
- report freshness metadata;
- data sources used;
- AI model selections;
- report settings;
- prompts;
- notes;
- thesis inputs;
- AI-generated bullish, bearish, or neutral stances;
- AI-generated scores;
- scenario assumptions;
- alerts;
- calendar events;
- downloaded reports;
- shared report links;
- user feedback on reports.
Even if a report concerns a public company, the fact that a specific user searched, generated, saved, viewed, or shared that report may be personal data when linked to that user’s account.
4.4 AI Prompt and Output Data
Examples:
- prompts;
- stock symbols;
- report settings;
- uploaded context;
- generated summaries;
- generated reports;
- AI-generated classifications;
- AI-generated scores;
- model response metadata;
- error logs;
- feedback ratings;
- safety flags.
4.5 Uploaded Content
If Valarn allows uploads, we may collect files or content you provide, including:
- documents;
- spreadsheets;
- images;
- screenshots;
- notes;
- research files;
- support attachments;
- financial documents, if voluntarily uploaded.
Do not upload confidential, sensitive, classified, insider, regulated, or third-party information unless you have permission and the applicable Valarn service supports that type of data.
4.6 Device, Usage, and Log Data
Examples:
- IP address;
- device type;
- browser type;
- operating system;
- pages viewed;
- features used;
- click activity;
- session duration;
- approximate location derived from IP address;
- language settings;
- time zone;
- error logs;
- performance logs;
- authentication logs;
- security logs;
- cookie identifiers;
- advertising identifiers.
4.7 Cookies, Pixels, and Similar Technologies
Valarn may use cookies, pixels, tags, scripts, local storage, session storage, device identifiers, referral links, and similar technologies.
These may be used for:
- essential site operations;
- login sessions;
- security;
- preferences;
- analytics;
- performance;
- advertising;
- affiliate attribution;
- referral tracking;
- social media measurement.
For EU and UK users, non-essential cookies generally require clear information and active consent, with an exception for strictly necessary cookies.
4.8 Advertising, Affiliate, and Marketing Data
Examples:
- ad impressions;
- ad clicks;
- affiliate link clicks;
- referral codes;
- campaign source;
- landing page;
- conversion events;
- email engagement;
- marketing preferences;
- cookie identifiers;
- advertising identifiers;
- approximate location;
- device information.
4.9 Communications and Support Data
Examples:
- emails;
- chat messages;
- support tickets;
- feedback;
- survey responses;
- bug reports;
- customer support notes;
- records of our responses.
5. Why We Use Personal Data and Legal Bases
Under GDPR and UK GDPR, Valarn must have a legal basis for processing personal data. GDPR Article 6 lists lawful bases such as consent, contract, legal obligation, vital interests, public task, and legitimate interests.
The table below describes Valarn’s primary processing purposes and legal bases.
| Purpose | Examples | Legal Basis |
|---|---|---|
| Provide Valarn services | Account creation, login, report generation, saved reports, watchlists, alerts | Contract |
| Manage subscriptions and payments | Billing, renewals, invoices, refunds, tax records | Contract; Legal obligation |
| Generate AI reports | Process stock symbols, prompts, report settings, model choices | Contract; Legitimate interests |
| Store saved reports and history | Save generated reports, watchlists, notes, report metadata | Contract; Legitimate interests |
| Provide customer support | Respond to messages, troubleshoot issues, process requests | Contract; Legitimate interests |
| Platform security | Fraud prevention, account protection, abuse detection, logs | Legitimate interests; Legal obligation |
| Improve Valarn | Debugging, product analytics, report workflow improvement | Legitimate interests |
| Send service messages | Account, billing, security, legal, product notices | Contract; Legal obligation; Legitimate interests |
| Send marketing emails | Newsletters, promotions, product updates | Consent or legitimate interests, depending on law |
| Use analytics cookies | Product analytics, performance measurement | Consent where required |
| Use advertising cookies | Retargeting, ad measurement, personalized advertising | Consent where required |
| Affiliate/referral tracking | Attribute referrals, prevent referral fraud | Consent where required; Legitimate interests where permitted |
| Comply with law | Tax, accounting, legal claims, regulatory obligations | Legal obligation |
| Enforce Terms | Investigate abuse, misuse, fraud, policy violations | Legitimate interests |
6. Legitimate Interests
Where Valarn relies on legitimate interests, we balance our interests against your rights and freedoms.
Valarn’s legitimate interests may include:
- providing and improving the platform;
- securing accounts and systems;
- preventing fraud and abuse;
- debugging technical issues;
- enforcing usage limits;
- improving AI report quality and reliability;
- maintaining audit trails;
- supporting customer service;
- protecting legal rights;
- measuring platform performance;
- preventing market manipulation or misuse of Valarn content.
You may have the right to object to processing based on legitimate interests.
7. Consent
Valarn may rely on consent for certain activities, including:
- non-essential cookies;
- analytics cookies where required;
- advertising cookies;
- retargeting;
- certain affiliate tracking;
- marketing emails where required;
- optional integrations;
- certain optional uploads or features;
- processing sensitive personal data, if ever required.
You may withdraw consent at any time. Withdrawal does not affect processing that occurred before consent was withdrawn.
8. AI Processing
Valarn uses AI systems to generate reports, summaries, classifications, ratings, stances, scores, and educational research outputs.
Valarn may process:
- stock symbols;
- prompts;
- report settings;
- saved report context;
- watchlist data;
- uploaded content;
- user feedback;
- AI output metadata.
AI processing is used to provide requested features, improve product reliability, troubleshoot failures, detect abuse, and support report quality.
Valarn does not use AI outputs to make automated decisions that produce legal, financial, or similarly significant effects for users. Valarn does not execute trades, manage assets, or provide personalized investment advice.
9. Automated Decision-Making and Profiling
Valarn may use automated systems to:
- generate AI research reports;
- classify research stances as bullish, bearish, neutral, or similar;
- score report factors;
- recommend educational content;
- enforce usage limits;
- detect abuse;
- personalize dashboards;
- measure advertising or product usage.
Valarn does not use automated decision-making to make legally binding decisions about users or decisions that similarly significantly affect users.
AI-generated research stances are educational outputs only and are not financial advice, trade instructions, or investment recommendations.
10. Special Category Data
Valarn does not intentionally require special category data, such as health information, religious beliefs, political opinions, trade union membership, biometric data, or sexual orientation, for ordinary use of the platform.
Please do not upload or submit special category data unless necessary and authorized.
If Valarn ever needs to process special category data, we will identify an appropriate legal basis and additional condition under applicable law.
11. How We Share Personal Data
Valarn may share personal data with the following categories of recipients.
11.1 Service Providers and Processors
We may share data with providers that help operate Valarn, including:
- cloud hosting providers;
- database providers;
- payment processors;
- AI model providers;
- market data providers;
- analytics providers;
- customer support tools;
- email providers;
- security tools;
- error monitoring tools;
- advertising technology providers;
- affiliate tracking providers;
- authentication providers.
Processors acting on our behalf are generally required to process personal data only according to our instructions and appropriate contractual terms.
11.2 AI Model Providers
Some AI features may require us to send prompts, stock symbols, report settings, uploaded content, saved report context, or related information to third-party AI model providers.
Valarn does not permit third-party AI providers to train their general models on private user reports, saved watchlists, user notes, or account-specific research history unless disclosed separately or authorized by the user.
Only publish that sentence if it matches your actual provider settings and contracts.
11.3 Payment Providers
Payment providers may process payment and billing data according to their own privacy notices and legal obligations.
11.4 Advertising and Affiliate Partners
With consent where required, Valarn may use advertising, affiliate, referral, retargeting, or analytics tools that collect or receive:
- IP address;
- cookie identifiers;
- advertising identifiers;
- page interactions;
- referral source;
- campaign data;
- conversion events;
- approximate location;
- device information.
11.5 Legal and Compliance
We may disclose personal data where necessary to:
- comply with law;
- respond to legal process;
- protect rights, safety, or property;
- prevent fraud;
- investigate abuse;
- enforce our Terms;
- protect users;
- detect security incidents;
- comply with tax, accounting, regulatory, or legal obligations.
11.6 Business Transfers
If Valarn is involved in a merger, acquisition, financing, reorganization, bankruptcy, sale of assets, or similar transaction, personal data may be transferred as part of that transaction.
12. International Data Transfers
Valarn may process and store personal data in the United States and other countries where Valarn or its service providers operate.
If personal data is transferred outside the EEA, UK, or Switzerland, Valarn will use appropriate safeguards where required, such as adequacy decisions, standard contractual clauses, UK international data transfer agreements, or other legally recognized transfer mechanisms.
The European Commission has issued standard contractual clauses for GDPR transfers from controllers or processors to recipients outside the EU/EEA.
13. Data Retention
Valarn retains personal data only as long as reasonably necessary for the purposes described in this Notice and our Privacy Policy.
Retention periods may depend on:
- account status;
- subscription plan;
- saved report settings;
- legal requirements;
- tax and accounting obligations;
- fraud prevention needs;
- security needs;
- support history;
- dispute resolution;
- backup systems;
- business operations.
Examples:
| Data Type | Example Retention Approach |
|---|---|
| Account data | While account is active and for a reasonable period after closure |
| Saved reports | While account is active or according to plan limits and retention settings |
| Stock searches/report history | As needed for product features, support, audit trails, and retention settings |
| Billing records | As required for tax, accounting, legal, and payment purposes |
| Security logs | As needed for fraud prevention, security, and abuse detection |
| Support messages | As needed for support, dispute resolution, and legal purposes |
| Cookie data | According to cookie settings and provider retention periods |
| Uploaded files | As needed to provide requested features or until deleted under applicable settings |
Valarn may delete inactive accounts, expired trial accounts, canceled accounts, abandoned accounts, or stored reports according to its retention policies.
14. Your EU / UK Privacy Rights
Subject to applicable law and exceptions, you may have the right to:
- access your personal data;
- correct inaccurate personal data;
- delete personal data;
- restrict processing;
- object to processing;
- receive a copy of your data in a portable format;
- withdraw consent;
- object to direct marketing;
- challenge certain automated decisions, if applicable;
- lodge a complaint with a supervisory authority.
The UK ICO explains that individuals have the right to be informed about the collection and use of their personal data, which is a key transparency requirement under UK GDPR.
15. How to Exercise Your Rights
To exercise your rights, contact:
Privacy Email: [Insert Privacy Email]
Privacy Request Form: [Insert Privacy Request Form URL]
Please include:
- your name;
- account email;
- country or region;
- the right you want to exercise;
- enough information for us to verify your identity;
- any details needed to locate the relevant data.
We may ask for additional information to verify your identity. We will only use verification information to process your request.
16. Response Timing
Valarn will respond to privacy rights requests within the time required by applicable law.
For GDPR/UK GDPR requests, this is generally one month, though it may be extended where permitted for complex or numerous requests.
17. Right to Object to Marketing
You may opt out of marketing communications at any time by:
- clicking the unsubscribe link in marketing emails;
- updating your account preferences;
- contacting [Insert Privacy Email].
Even if you opt out of marketing, we may still send service-related messages such as billing, security, account, legal, or transactional notices.
18. Cookie Consent and Choices
Valarn may use cookies and similar technologies.
For EU and UK users, Valarn will request consent for non-essential cookies where required.
You may manage cookie choices through:
Cookie Settings: [Insert Cookie Settings Link]
Non-essential cookie categories may include:
- analytics cookies;
- advertising cookies;
- affiliate/referral tracking cookies;
- social media cookies;
- personalization cookies where required.
Strictly necessary cookies may be used without consent where required to provide the service you requested, such as login, account security, fraud prevention, or payment flow.
19. Advertising and Retargeting Choices
Valarn may use advertising, retargeting, affiliate tracking, and ad measurement technologies.
For EU and UK users, these technologies will generally rely on consent where required.
You can withdraw or change consent through:
Cookie Settings: [Insert Cookie Settings Link]
You may also have advertising choices through your browser, device settings, and third-party advertising platforms.
20. Children
Valarn is not intended for users under 18.
We do not knowingly collect personal data from children under 18.
If you believe a child has provided personal data to Valarn, contact [Insert Privacy Email].
21. Security
Valarn uses reasonable administrative, technical, and organizational measures designed to protect personal data.
These measures may include encryption, access controls, authentication, monitoring, logging, backups, vulnerability management, and vendor security reviews.
No system is completely secure. You are responsible for using strong passwords, protecting your account, and keeping your devices secure.
22. Complaints to Supervisory Authorities
You may have the right to lodge a complaint with a data protection supervisory authority.
For UK users, the supervisory authority is the Information Commissioner’s Office.
For EEA users, you may contact the data protection authority in your country of residence, place of work, or where you believe an infringement occurred.
We encourage you to contact us first at [Insert Privacy Email] so we can try to resolve your concern.
23. Changes to This Notice
Valarn may update this EU & UK Privacy Notice from time to time.
If we make material changes, we may notify users through the website, account notice, email, privacy page, or other reasonable method.
Your continued use of Valarn after changes become effective means you acknowledge the updated Notice.
24. Contact
For questions about this EU & UK Privacy Notice or your privacy rights, contact:
Valarn
[Insert Legal Company Name]
[Insert Business Address]
Privacy Email: [Insert Privacy Email]
Website: https://valarn.com