Axiom Privacy Policy

Effective date: May 13, 2026

Axiom ("we", "our", or "us") is a social paper-trading app for students. This Privacy Policy describes what information we collect, how we use it, and the choices you have. By using Axiom you agree to this policy.

1. Information We Collect

• Account data: email address, username, display name, and password (stored as a bcrypt hash — we never store your plaintext password).
• Profile data: bio, avatar image, banner image, and any optional display name you choose to set.
• Trading activity: paper trades (buy/sell orders), portfolio positions, cash balance, and trade history. All trading uses virtual money — no real funds are involved.
• Posts and comments: text content, attached images or videos, likes, reposts, and comments you create on the platform.
• Direct messages: messages sent between users, including any media attachments.
• Competition data: competition entries, standings, holdings, and trade history within competitions.
• Usage data: in-app events we log to understand feature usage (e.g., which screens are visited). These are associated with your account.
• Push notification tokens: a device token provided by Apple (APNs) used solely to deliver push notifications to your device.
• Media files: photos and videos you upload to posts, messages, or your profile.

2. How We Use Your Information

• To operate the app — authenticate your account, display your profile, show your portfolio, and deliver messages.
• To power the social feed — showing posts, likes, comments, and reposts from accounts you follow.
• To run leaderboards and competitions — computing rankings from portfolio performance and displaying them to other participants.
• To send push notifications — notifying you of likes, comments, new followers, and direct messages. You can disable these in your device settings at any time.
• To verify your eligibility — your Stanford email address is used to confirm you qualify for the Stanford closed beta and competition entry. It is not shared with other users.
• To send verification emails — we send a one-time code to your email address during signup to confirm ownership.
• To improve the product — anonymous aggregate usage data helps us understand which features are working well.

3. What We Do Not Do

• We do not sell your personal data to any third party.
• We do not share your email address with other users or with advertisers.
• We do not use your data to serve advertising.
• We do not involve real money — all trades are simulated with a virtual $10,000 paper account.

4. Data Sharing

We share data only with the service providers necessary to operate Axiom:

• Cloudflare R2 — media files (profile photos, banner images, post images and videos, message attachments) are stored in Cloudflare R2 object storage. Files are served via a public CDN URL. Cloudflare's privacy policy applies to this storage.
• Finnhub — stock price quotes and company data are fetched from the Finnhub API. Your identity is not sent to Finnhub; only stock symbols are queried.
• Apple Push Notification service (APNs) — your device push token is sent to Apple's infrastructure to deliver notifications.
• Sentry — if configured, crash reports and error traces may be sent to Sentry for debugging. These may include device type and OS version but not account credentials.

We do not share your data with any other third parties unless required by law.

5. Your Portfolio and Trading Data Is Public

Axiom is designed around transparent investing. Your portfolio holdings, trade history, and portfolio return percentage are visible to other users on your profile and on leaderboards. This is a core feature of the app. If you do not want your trading activity visible, do not post trades or join competitions.

Your posts, comments, and reposts are also public to all Axiom users.

6. Direct Messages

Direct messages are visible only to the participants in a conversation. We do not read your messages except as required to investigate reported violations of our terms of service.

7. Data Retention

We retain your account data for as long as your account is active. If you request account deletion, we will delete your profile, posts, trading history, and messages within 30 days, except where retention is required by law.

8. Children's Privacy

Axiom is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will delete it.

9. Security

Passwords are stored using bcrypt hashing. Authentication tokens are stored in your device's secure enclave via Expo SecureStore. Data in transit is encrypted using TLS. Media files are served over HTTPS via Cloudflare's CDN.

10. Your Rights

You may contact us at any time to:

• Request access to the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your account and associated data.

11. Changes to This Policy

We may update this policy from time to time. When we do, we will update the effective date at the top of this page. Continued use of Axiom after changes are posted constitutes acceptance of the updated policy.

Contact: hello@axiom.fyi

© 2026 Axiom. All rights reserved.