Privacy Policy

Privacy Policy

Last updated: 01 January 2025

1. Introduction

This Privacy Policy explains how Foqus (“we”, “us”, “our”) collects, uses, and protects information when you use the Foqus mobile application and related services (collectively, the “App”).

The App is designed as an AI-powered trading journal. It focuses on trading performance and behaviour, not on identity. However, certain personal data is processed in order to provide the service, synchronise your data across devices, and generate insights.

By using the App, you acknowledge that you have read this Privacy Policy.

2. Controller and contact

For the purposes of applicable data protection laws (including the EU General Data Protection Regulation, “GDPR”), the data controller is:

Foqus
Contact email: contacts@foqus.pro

If you have any questions about this Privacy Policy or our data practices, you can contact us at the email address above.

3. Scope of this Policy

This Policy applies to:

  • your use of the Foqus mobile application (iOS / Android);
  • any in-app services and features; and
  • our communication channels related to the App (including email and optional Telegram support).

It does not apply to third-party services that you access independently (for example, your exchange, broker, wallet provider, or Telegram itself). Those services are governed by their own privacy policies.

4. Categories of data we collect

We only collect data that is necessary to provide the App, improve it, and keep it secure. Depending on how you use Foqus, we may process the following categories of data.

4.1 Account and identification data

  • Email address (used for account creation, login, and communication).
  • Authentication data (hashed credentials, tokens, and similar technical identifiers).
  • Optional profile information you choose to add (for example, a display name or avatar, if such features are available).

We do not require you to provide your full first and last name.

4.2 Trading journal data

Data that you manually enter or that is imported to build your trading journal, such as:

  • Instrument / trading pair / symbol.
  • Direction (e.g. long/short, buy/sell).
  • Position size or risk per trade (including R-multiple or similar metrics).
  • Entry and exit prices.
  • Profit and loss (PnL), R-multiples, and other performance metrics.
  • Timestamps for trade opening and closing, and session labels.
  • Strategy tags and setup labels.
  • Checklists and flags (e.g. whether you followed your plan or broke rules).
  • Session-level summaries and notes.
  • Free-form notes and comments you choose to store in the App (for example, thoughts, observations, or emotional labels related to trades or sessions).

Because free-form notes are under your control, you should avoid including sensitive personal information (such as health data, political opinions, or information about other individuals).

4.3 Exchange connection data (read-only)

If you choose to connect Foqus to an exchange or other trading platform, we may process:

  • Read-only API keys or public keys that you provide for importing trade history or other trading data.
  • Data retrieved via such keys, such as trade history, order history, and balances, depending on your configuration.

We strongly recommend using read-only keys and restricting permissions so that they do not allow trading, withdrawals, or account changes. We do not request or require keys with withdrawal rights.

4.4 Technical and usage data

To operate the App, secure it, and understand how it is used, we may process:

  • Device information (device model, operating system and version).
  • App version and configuration.
  • IP address and basic connection metadata (used for security, diagnostics, and approximate localisation, where relevant).
  • Log data (timestamps of requests, error logs).
  • Aggregated or anonymised usage events (e.g. which screens are used most, how frequently the App is opened).

This data is typically processed in an aggregated or pseudonymised form and is not used to build marketing profiles.

4.5 Communication data

When you contact us, we may process:

  • Email content and metadata (for example, replies to contacts@foqus.pro).
  • Messages sent via optional support channels (such as Telegram), including your Telegram handle and any information you choose to share.

This data is used solely to respond to your request and maintain a record of support interactions.

5. Purposes and legal bases (GDPR)

We process personal data only where we have a valid legal basis under GDPR. Depending on your use of the App, we rely on the following bases:

5.1 Providing and maintaining the service

Legal basis: performance of a contract (Art. 6(1)(b) GDPR).

We process your data to:

  • create and manage your account;
  • synchronise your trading journal between devices;
  • store and display your trades, notes, and performance metrics;
  • provide AI-generated summaries and insights related to your trading behaviour;
  • ensure the App’s core features function as expected.

Without this processing, we would not be able to provide the App to you.

5.2 Improving the App and ensuring security

Legal basis: legitimate interests (Art. 6(1)(f) GDPR).

We have a legitimate interest in ensuring that the App is stable, secure, and useful. For this purpose we may:

  • analyse aggregated or pseudonymised usage data;
  • monitor performance and diagnose errors;
  • prevent abuse, fraud, or misuse of the App;
  • develop and test new features.

Where possible, we use aggregated or pseudonymised data for these purposes.

5.3 AI-based analysis and insights

Legal basis: performance of a contract and/or consent, depending on configuration.

A core part of Foqus is to provide AI-driven summaries and insights about your trading behaviour. For this we may:

  • process your trades, notes, and checklists internally; and
  • where necessary, send selected data to external AI providers (see section 6).

We design these processes to use only the minimum data necessary and avoid including direct identifiers such as exchange API keys with trading or withdrawal rights or payment data.

If certain experimental or optional AI features go beyond what is strictly necessary to provide the service, we will only enable them with your explicit opt-in or consent, which you can withdraw at any time.

5.4 Communication, notifications, and updates

Legal basis: legitimate interests and/or consent (Art. 6(1)(f) and 6(1)(a) GDPR).

We may use your email address and in-app notification channels to:

  • send important service messages (for example, security alerts, changes to terms, or critical issues);
  • send optional product updates, feature announcements, and in-app insights.

We do not share your data with third parties for their own marketing, nor do we run third-party advertising in the App.

Where required by law, or where we choose to rely on consent, you will be able to opt in (or out) to certain categories of email or push notifications via the App settings or an unsubscribe link.

5.5 Compliance with legal obligations

Legal basis: legal obligation (Art. 6(1)(c) GDPR).

In rare cases, we may be required to process or retain certain information to comply with legal obligations, for example in response to a lawful request from authorities or to comply with applicable retention requirements.

6. Third-party services and international transfers

To operate the App, we rely on carefully selected third-party service providers acting as data processors. These providers are only allowed to process your data on our instructions and for the purposes described below.

6.1 Cloud infrastructure and hosting

We use cloud providers to host our backend, databases, and related infrastructure. This may involve processing of:

  • account data (e.g. email, authentication records);
  • trading journal data;
  • technical logs.

Servers may be located in the EU/EEA and in other jurisdictions (“mixed” infrastructure). Where data is transferred outside the EU/EEA, we implement appropriate safeguards, such as the European Commission’s Standard Contractual Clauses (SCCs), or ensure that the destination country has an adequacy decision.

6.2 Analytics and crash reporting

We may use services such as Firebase or similar tools to collect:

  • crash reports and error diagnostics;
  • aggregated usage statistics;
  • basic device and app information.

This helps us understand how the App performs and where improvements are needed. We do not use such tools to build advertising profiles, and we do not share your data with third parties for their own marketing.

6.3 External AI providers

For certain AI-based features, we may use third-party AI APIs. In that case:

  • we send only the minimum data necessary (for example, trade metrics and selectively anonymised or pseudonymised text notes);
  • we do not send your credentials, API keys with trading or withdrawal rights, or payment details to AI providers;
  • providers act as processors and are contractually bound to protect the data and use it only to provide the requested AI output.

Details of specific providers may change over time; we will update this Policy or in-app information as necessary.

6.4 Communication channels (Telegram and email)

If you choose to contact us via Telegram or other third-party messaging apps, your data will also be processed by those platforms under their own terms and privacy policies. We do not control how those platforms handle your data.

We also process email communications sent to contacts@foqus.pro solely to handle your requests and maintain a support history.

7. Data retention

We retain personal data only for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law.

In general:

  • Account and trading data: kept for as long as your account is active and you use the App.
  • When you delete your account or use an in-app “Delete account / Delete all data” feature: we will delete or irreversibly anonymise your personal data from our active systems without undue delay, subject to limited technical and security logs.
  • Backups: copies of data may temporarily remain in encrypted backups which are rotated and overwritten in the ordinary course of our backup processes.

We may retain a minimal subset of information where necessary to comply with legal obligations or to demonstrate that we have honoured your requests (for example, keeping a record that your account was deleted).

8. Your rights under GDPR

If you are located in the EU/EEA or in another jurisdiction with similar rights, you have the following rights regarding your personal data, subject to legal conditions and limitations:

  • Right of access: to obtain confirmation whether we process your personal data and receive a copy of it.
  • Right to rectification: to correct inaccurate or incomplete personal data.
  • Right to erasure (“right to be forgotten”): to request deletion of your personal data in certain circumstances (for example, when it is no longer needed or if you withdraw consent where consent was the legal basis).
  • Right to restriction of processing: to request that we restrict processing in certain cases.
  • Right to data portability: to receive certain personal data in a structured, commonly used, machine-readable format and to transmit it to another controller where technically feasible.
  • Right to object:
    • to processing based on our legitimate interests, on grounds relating to your particular situation; and
    • to receiving certain types of communications, at any time.
  • Right to withdraw consent: where processing is based on your consent, you can withdraw it at any time. This does not affect the lawfulness of processing based on consent before withdrawal.

You can exercise many of these rights directly in the App (for example, by editing or deleting data, or using the “Delete account” function). For any other requests, you can contact us at contacts@foqus.pro.

You also have the right to lodge a complaint with a data protection supervisory authority, in particular in the EU/EEA member state where you live, work, or where you believe a violation has occurred.

9. Security

We take appropriate technical and organisational measures to protect your data against unauthorised access, loss, misuse, or alteration, including:

  • encryption in transit (for example, HTTPS/TLS);
  • access controls and authentication mechanisms;
  • minimising the data we send to third-party processors;
  • regular updates and monitoring of our infrastructure.

However, no system can be guaranteed to be perfectly secure. You are responsible for keeping your device secure and for managing any exchange API keys or credentials you use with Foqus. We strongly recommend using read-only keys with minimal permissions.

10. Children and age limitation

The App is not intended for individuals under 18 years of age.

We do not knowingly collect personal data from persons under 18. If we become aware that we have collected personal data from someone under 18, we will delete that data without undue delay.

If you believe that a person under 18 has provided us with personal data, please contact us at contacts@foqus.pro.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect changes in the App, our data practices, or applicable laws.

When we make material changes, we will:

  • update the “Last updated” date at the top of this document; and
  • where appropriate, notify you via the App or by email.

We encourage you to review this Policy periodically to stay informed about how we process your data.

12. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you can reach us at:

Email: contacts@foqus.pro

We will do our best to respond within a reasonable time and in accordance with applicable data protection laws.