Privacy Policy
Effective date: 7 June 2026
This Privacy Policy explains how Fluxargo ("Fluxargo", "we", "us", "our") collects, uses, stores and protects personal data when you visit our website or create an account on and use the Fluxargo commodity-data terminal (the "Platform"). It applies to our website and Platform only — not to third-party websites that may be linked from them.
We process personal data in accordance with applicable data-protection law, including the EU General Data Protection Regulation ("GDPR") and the Swiss Federal Act on Data Protection ("FADP"). For the personal data described in this Policy, Fluxargo acts as the data controller. Questions and requests can be sent to support@fluxargo.com.
1. Personal Data We Collect
We collect only the data needed to provide and secure the Platform:
- Account data — when you register or manage your account: first name, surname, e-mail address and a password (stored only as a cryptographic hash — we never store or see your plain-text password). You may optionally provide a phone number, company name, VAT ID and billing address (street, city, postal code, country).
- Account-security data — e-mail verification status and short-lived, single-use tokens used to verify your e-mail address or reset your password, together with their expiry times.
- Usage data you create in the Platform — your personal watchlists, alert and notification settings, and similar preferences saved to your account so they are available when you sign in.
- Technical data — standard web-server logs generated automatically when you access the website or Platform: IP address, requested URL, timestamp, response status and timing, and browser user-agent string. These logs are used for security, abuse prevention and performance diagnostics, and are rotated and deleted on a short cycle.
- Correspondence — if you contact us (for example by e-mail), we keep the correspondence for as long as needed to handle your request.
We do not collect payment-card numbers or other payment credentials through the Platform, and we do not knowingly collect personal data of children. The Platform is a professional tool intended for business users.
2. Cookies and Local Storage
We use a single, strictly necessary session cookie (fluxargo_session) to keep you signed in. It contains a signed session token, is required for the Platform to function, and is deleted when the session ends or you sign out. Because it is strictly necessary, no consent banner is required for it.
The Platform also uses your browser's local/session storage to cache recently displayed market data on your own device so pages render faster. This cache contains market data — not personal data — and never leaves your browser.
We do not use third-party analytics, advertising cookies, tracking pixels, social-media plugins or any cross-site tracking.
3. Purposes and Legal Bases
We use personal data for the following purposes:
- Providing the Service — creating and operating your account, authenticating you, saving your watchlists and alerts, and providing support (legal basis: performance of a contract).
- Transactional communications — sending e-mail verification, password-reset and similar service messages necessary to operate your account (performance of a contract).
- Security and abuse prevention — server logs, rate limiting, and investigating unauthorised access (legitimate interest in keeping the Platform secure).
- Service improvement and diagnostics — aggregate, non-identifying performance measurements (legitimate interest).
- Legal compliance — retaining records and responding to lawful requests where required (legal obligation).
We do not use personal data for automated decision-making producing legal effects, we do not profile users, and we never sell personal data.
4. Who We Share Data With
We share personal data only with service providers who process it on our behalf and under our instructions, strictly to the extent needed to run the Platform:
- Hosting — our servers and database are operated on infrastructure of a European hosting provider, located in the European Union.
- Transactional e-mail — a specialised e-mail delivery service processes your e-mail address and the content of service messages (verification, password reset) in order to deliver them.
We may also disclose personal data where required by law or to protect our legal rights. If Fluxargo is involved in a merger, acquisition or asset sale, personal data may be transferred as part of that transaction under equivalent protections.
Where a provider processes personal data outside the EU/EEA or Switzerland, we ensure an adequate level of protection through recognised safeguards such as the European Commission's Standard Contractual Clauses.
5. Data Retention
- Account data is kept for as long as your account exists. When your account is deleted, account data is removed from the live database; residual copies may persist in encrypted backups for a limited period before being overwritten on the backup rotation cycle.
- Verification and reset tokens expire automatically within hours and become unusable after first use.
- Server logs are rotated and deleted on a short cycle (days to a few weeks) unless needed for an ongoing security investigation.
- Correspondence is kept for as long as necessary to handle the matter and for a reasonable period afterwards.
6. Security
We apply technical and organisational measures appropriate to the risk: all traffic is encrypted in transit (TLS), passwords are stored only as salted cryptographic hashes, session tokens are cryptographically signed and short-lived, access to production systems is restricted and key-authenticated, and the database is not exposed to the public internet. No system can be guaranteed 100% secure; if we become aware of a personal-data breach affecting you, we will notify you and the competent authority where required by law.
7. Your Rights
Subject to the conditions of the GDPR and FADP, you have the right to: access the personal data we hold about you; have inaccurate data corrected; have your data erased; restrict or object to certain processing; receive your data in a portable format; and withdraw consent at any time where processing is based on consent (this does not affect processing already carried out). You can review and update most account data directly in your account settings.
To exercise any of these rights, contact support@fluxargo.com. We will respond within the statutory time limit. You also have the right to lodge a complaint with your local data-protection supervisory authority.
8. Vessel and Market Data Shown on the Platform
The Platform displays operational data about commercial ships and markets — vessel identifiers, positions, courses, port calls, prices, flows and similar technical information derived from AIS transmissions, satellite sources and public datasets. This information relates to vessels and markets, not to identified individuals, and is processed for the legitimate purpose of providing commodity-market analytics. It is not used to identify, locate or profile natural persons.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be announced by e-mail or an in-Platform notice before they take effect, and the "Effective date" above will be revised. Continued use of the Platform after changes take effect constitutes acknowledgement of the updated Policy.
10. Contact
Privacy questions, requests and complaints: support@fluxargo.com.