Private by architecture, not by promise
Most privacy policies describe what a company does with your data. Ours is shorter, because the app is built so we never have it.
- What stays on your device
- Everything you enter: portfolios, orders, dividends, corporate actions, cash entries, watchlists, alerts and settings. It’s stored in a local SQLite database on your phone. There is no account and no server-side copy.
- What the app sends
- Requests for market data — quotes, charts, announcements, payout schedules — to the PSXfolio market-data feed. These requests don’t include your holdings, watchlists or any identity; there’s no login token because there are no logins.
- What we can see
- Standard server logs on the market-data feed (IP address, request time) used for rate limiting and abuse prevention. Not your portfolio — the feed doesn’t know it exists.
- What we don’t do
- No ads, no analytics profile of your investments, no selling of data, no third-party trackers in the app.
- Backups
- Backups are files you create and keep — on your phone, your drive, wherever you put them. We never receive them. Treat a backup like the financial record it is.
- Deleting your data
- Delete entries in the app, or uninstall it — the local database goes with it. There’s nothing to request from us, because we hold nothing.
Questions about any of this: info@histone.com.pk.