Privacy Policy

Shark Finance

1. Controller

• Marc Tüchler
  Koßgasse 16, 8010 Graz, Austria
  Email: contact@shark-finance.com

2. Overview of Data Processing

• Shark Finance can be used without registration with limited features. In this case, only minimal data is processed (cookies, server logs, anonymized page views).
• When creating a Pro account, additional personal data is collected and processed as described in this policy.
• We process personal data only to the extent necessary to provide the Service, fulfill legal obligations, or based on our legitimate interests.

3. Data Collected During Registration

• When creating a Pro account, we collect and store the following data:
• Name
• Email address
• Password (stored only in hashed form; we never have access to your plain-text password)
• Withdrawal consent timestamp (date and time you accepted the Terms & Conditions and waived your right of withdrawal)
• Account creation date


• Purpose: Account creation, authentication, service provision, and legal compliance (documenting consent for withdrawal waiver)
• Legal basis: Performance of contract (Art. 6(1)(b) GDPR) and legal obligation (Art. 6(1)(c) GDPR)
• Storage period: For the duration of the Pro subscription. Upon cancellation, account data is deleted after the remaining access period expires (see Section 11).

4. Payment Processing

• All payment processing is handled by Stripe, Inc. (stripe.com), a certified PCI DSS Level 1 payment processor.
• During checkout, you are redirected to the Stripe-hosted payment page, where you enter your payment details directly on Stripe's platform.
• Data shared with Stripe:
• Email address (to create a Stripe customer profile)
• Withdrawal consent timestamp and version (stored in Stripe customer metadata for legal documentation purposes)


• Data processed by Stripe:
• Payment method details (e.g., credit card number, expiration date)
• Billing address
• Transaction history and invoices


• Shark Finance does not store or have access to your full payment details. We only receive confirmation of payment status and subscription status from Stripe.
• Invoices are generated and sent directly by Stripe.
• Stripe's Privacy Policy: https://stripe.com/privacy
• Legal basis: Performance of contract (Art. 6(1)(b) GDPR)

5. Cookies

• We use only technically necessary cookies. No consent banner is required as we do not use any tracking or marketing cookies.


• Cookies set by Shark Finance:
• Session cookie: Keeps you logged in to your Pro account. Duration: 90 days.
• Disclaimer acknowledgment: Remembers that you have acknowledged the investment disclaimer. Duration: 180 days.
• Terms acceptance: Records acceptance of Terms & Conditions. Duration: 180 days.


• Cookies set by Stripe: When you are redirected to the Stripe checkout page, Stripe may set its own cookies for payment processing and fraud prevention. These cookies are governed by Stripe's privacy policy.


• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) for technically necessary cookies; performance of contract (Art. 6(1)(b) GDPR) for session cookies.

6. Server Logs

• Our hosting provider (IONOS SE, Germany) automatically logs the following data when you access our website:
• IP address
• Date and time of access
• Pages accessed
• Browser type and operating system
• Referrer URL


• This data is processed by IONOS for system security and stability purposes and is automatically deleted after a short period.
• Shark Finance does not store IP addresses in its own database.


• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) in system security

7. Page View Statistics

• We collect anonymized, aggregated page view statistics in our own database for internal analytics.
• Data stored:
• Page URL
• Number of views (counter)
• Timestamp


• No personal data: We do not store IP addresses, user identifiers, or any information that could identify individual users.
• We do not use third-party analytics tools such as Google Analytics, Facebook Pixel, or similar services.
• Purpose: Understanding which pages are most visited to improve our Service
• Storage period: Indefinitely (aggregated, non-personal statistics only)
• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR) in service improvement

8. Email Communication

• We send transactional emails related to your Pro account, including:
• Welcome and registration confirmation email
• Password reset emails
• Subscription-related notifications (e.g., cancellation confirmation, price changes)


• Emails are sent via IONOS SMTP (smtp.ionos.de) using our domain email address. IONOS processes your email address for the purpose of delivering these emails.
• We do not send marketing emails or newsletters.


• When contacting us via email at contact@shark-finance.com, we process your email address and message content solely to respond to your inquiry. This data is deleted once the purpose is fulfilled.


• Legal basis: Performance of contract (Art. 6(1)(b) GDPR) for transactional emails; legitimate interest (Art. 6(1)(f) GDPR) for responding to inquiries.

9. Third-Party Processors

• We use the following third-party service providers who process personal data on our behalf:


• Stripe, Inc.
• Purpose: Payment processing, subscription management, invoicing
• Data processed: Email address, payment details, transaction data, consent metadata
• Location: USA (with EU data processing safeguards under EU-US Data Privacy Framework)
• Privacy Policy: https://stripe.com/privacy


• IONOS SE
• Purpose: Web hosting (VPS) and email delivery (SMTP)
• Data processed: Server logs (IP addresses, access data), email addresses for transactional email delivery
• Location: Germany
• Privacy Policy: https://www.ionos.de/terms-gtc/datenschutzerklaerung/


• We do not sell, share, or transfer personal data to any other third parties.

10. Data Transfers Outside the EU

• Stripe, Inc. is headquartered in the United States. Data transfers to the US are safeguarded under the EU-US Data Privacy Framework, to which Stripe is certified.
• All other data processing (hosting, email) takes place within the European Union (IONOS SE, Germany).

11. Data Retention and Deletion

• Active Pro account: All account data is stored for the duration of the subscription.
• After cancellation: Account data (name, password hash, usage data) is deleted automatically after the remaining Pro access period expires.
• Email retention after deletion: Your email address is retained in hashed form indefinitely for the sole purpose of preventing repeated use of the free trial. This is based on our legitimate interest in preventing abuse (Art. 6(1)(f) GDPR). You may request deletion of this hashed email at any time by contacting contact@shark-finance.com.
• Consent documentation: Records of your withdrawal consent (timestamp, version) may be retained for up to 3 years after account deletion for legal compliance purposes (Art. 6(1)(c) GDPR), as we are required to demonstrate that valid consent was obtained for the waiver of the right of withdrawal.
• Stripe data: Stripe retains transaction and customer data in accordance with its own privacy policy and applicable financial regulations.
• Server logs: Automatically deleted by IONOS after a short period.
• Contact emails: Deleted once the inquiry has been resolved.

12. Data Security

• We implement appropriate technical and organizational measures to protect your personal data, including:
• Encryption: All data transmission is encrypted using SSL/TLS (HTTPS)
• Password security: Passwords are stored exclusively in hashed form using industry-standard algorithms
• Payment security: Payment data is handled entirely by Stripe (PCI DSS Level 1 certified) and never touches our servers
• Access control: Access to personal data is limited to the service operator

13. Your Rights (GDPR)

• As a data subject, you have the following rights under the GDPR:


• Right of access (Art. 15 GDPR): You may request information about what personal data we hold about you.
• Right to rectification (Art. 16 GDPR): You may request correction of inaccurate personal data.
• Right to erasure (Art. 17 GDPR): You may request deletion of your personal data, subject to legal retention obligations.
• Right to restriction of processing (Art. 18 GDPR): You may request that we limit the processing of your data under certain circumstances.
• Right to data portability (Art. 20 GDPR): You may request your personal data in a structured, commonly used, machine-readable format.
• Right to object (Art. 21 GDPR): You may object to processing based on legitimate interest at any time.


• To exercise any of these rights, please contact: contact@shark-finance.com
• We will respond to your request within 30 days.

14. Right to Lodge a Complaint

• If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority.


• Supervisory authority in Austria:
  Österreichische Datenschutzbehörde
  Barichgasse 40-42, 1030 Vienna, Austria
  www.dsb.gv.at
  Email: dsb@dsb.gv.at

15. Changes to This Privacy Policy

• We may update this Privacy Policy from time to time to reflect changes in our data processing practices or legal requirements.
• Material changes will be communicated to registered users via email. The current version is always available on our website.

Last updated: February 2026