Skip to content

Privacy Policy

Last updated: April 9, 2026

The short version

Otta Charts does not store your chart screenshots or scan results. Charts are processed transiently and discarded. We collect only what is necessary to run the service: your account, subscription state, and — if you choose — encrypted API keys you provide.

What we collect and why

Account information

When you sign up we store your email address and a hashed authentication credential. This is required to provide the service.

Subscription and billing

We store your plan status and subscription period. Payment processing is handled by Stripe — we do not store credit card numbers. Stripe's privacy policy governs payment data.

API keys (optional, BYOK)

If you choose to store a third-party API key (OpenAI, Anthropic, Gemini, or OpenRouter) in your account, it is encrypted with AES-256-GCM before storage and is never logged or transmitted in plaintext. You can remove stored keys at any time from your dashboard.

Rulesets (optional)

If you create or save rulesets, we store the name, description, and prompt text you write. This is a sync feature you explicitly use — it is not collected automatically.

Usage counters

We track aggregate scan counts per user for rate limiting and quota enforcement. These are minimal counters (e.g., scans this minute, scans today) and are not tied to which charts you viewed.

What we do NOT collect

  • Chart screenshots — images are processed in memory and immediately discarded.
  • Scan results — AI analysis is returned to you and not stored on our servers.
  • Browsing history — we do not log which pages or charts you visit.
  • Ticker symbols — the ticker detected from a page is used for the scan and not recorded.
  • Chat messages — chart chat conversations are not stored.
  • Page URLs or titles — not logged or retained.

How chart data is handled

When you run a scan using your own API key (BYOK mode), your chart image is sent directly from the extension to the AI provider you chose (OpenAI, Anthropic, etc.). Otta Charts does not see or touch the image.

When you run a scan using Otta Charts' server key (Pro server scan mode), your chart image is transmitted over HTTPS to our server, forwarded to the AI provider, and the result is returned to you. The image is not logged, stored, or retained after the request completes.

Chart chat (Pro) uses your own API key. Chat requests are sent from the extension directly to the AI provider you configured using your locally stored key. Otta Charts' server is not in the path for BYOK chat, and Otta Charts' own AI key is never used for chat.

Local extension data

The Otta Charts Chrome extension stores some data locally on your device using Chrome's storage APIs:

  • Your session token (for authenticating API requests)
  • Your extension settings (provider preference, auto-scan interval, ruleset selection)
  • Aggregate usage counters for your own reference (scans started, completed)

This data stays on your device. It is not transmitted to Otta Charts servers except as part of normal API authentication.

Third-party AI providers

When you use BYOK mode, your chart data is sent to the AI provider you configured. Their privacy policies govern that data:

  • OpenAI — openai.com/policies/privacy-policy
  • Anthropic — anthropic.com/privacy
  • Google Gemini — policies.google.com/privacy
  • OpenRouter — openrouter.ai/privacy

When you use Pro server scan, Otta Charts forwards your chart to the provider configured on our backend (currently OpenAI or Anthropic). The same providers' policies apply.

Data retention

Account and subscription data is retained while your account is active. If you delete your account, your profile, stored API keys, and rulesets are deleted.

Rate-limiting counters expire automatically within 24 hours.

Security

All communication between the extension and Otta Charts servers uses HTTPS. Stored API keys are encrypted at rest with AES-256-GCM. Session tokens are short-lived and refreshed automatically.

Your rights

You can delete your stored API keys from the dashboard at any time. To request deletion of your account and associated data, contact us at the address below.

Not financial advice

Otta Charts is an analytical tool. Nothing produced by Otta Charts, including AI-generated chart analysis, constitutes financial advice, investment advice, or a recommendation to buy, sell, or hold any security. Always make your own investment decisions.

Contact

Questions about this policy or data deletion requests: hello@ottacharts.com