Privacy Policy
Last Updated: April 16, 2026
Andgenie Co., Ltd. (“Company,” “we,” “us,” or “our”) sets forth this Privacy Policy (“Policy”) regarding the handling of personal information in our software “QuanTest” (“Software”).
The Japanese version of this Policy is the authoritative text. In the event of any discrepancy between the Japanese version and any translation, the Japanese version shall prevail.
1. Our Approach
The Software is designed with a local-first architecture. All stock price data you import, backtesting results, and strategy settings are processed and stored exclusively on your device and are never transmitted to our servers.
The information we handle in the cloud is limited to the minimum necessary for license authentication and error reporting.
2. Information We Collect
2.1 License Authentication
| Information | Purpose |
|---|---|
| Email address | Account creation, one-time password (OTP) authentication |
| Authentication tokens | Maintaining login state, token refresh |
| Internal identifier (a unique ID automatically generated by the system upon authentication) | License and entitlement management |
| Device identification (device ID, device name, platform, distribution channel) | Device limit management (up to 3 devices), fraud prevention |
2.2 Error Reports (Consent-Based)
We may collect error reports to improve the quality of the Software. Error reporting is based on your consent and can be disabled at any time in the Settings page.
Information sent:
- Error details and stack traces
- Application version and operating environment
Information removed before transmission:
- Stock price data (open, high, low, close, volume)
- Stock instrument information
- API keys, passwords, and authentication tokens
- File paths and database file references
2.3 Payment Information
When purchasing the Pro Plan, payment processing is handled by external payment services or app distribution platforms. Credit card numbers and other payment details are not stored on our servers.
2.4 Information We Do Not Collect
The following information is never transmitted to our servers:
- Stock price data (imported via CSV or API)
- Backtesting results (including summaries)
- Strategy settings, display preferences, favorites, and other application settings
- Analytics or behavioral tracking data (the Software includes no analytics functionality. For Google Analytics usage on our website, see Section 7)
3. Purpose of Use and Legal Basis
We use the personal information we collect for the following purposes and legal bases:
| Purpose | Legal Basis |
|---|---|
| License authentication and entitlement management | Performance of contract |
| Device limit management and fraud prevention | Legitimate interest |
| Sending one-time passwords | Performance of contract |
| Detecting and fixing software defects (error reports) | Your consent |
| Sending important notices such as changes to the Terms of Service | Legitimate interest |
| Responding to inquiries from users | Performance of contract |
If we need to use personal information for purposes other than those listed above, we will obtain your consent in advance.
4. Disclosure to Third Parties
4.1 Third-Party Disclosure
We will not disclose your personal information to third parties except in the following cases:
- With your consent
- When required by law
- When necessary for the protection of life, body, or property and obtaining your consent is difficult
4.2 Service Providers
We share your information with the following external services to the extent necessary to achieve the purposes of use described above:
| Service | Location | Purpose | Information Shared |
|---|---|---|---|
| Supabase | United States | Authentication, license management | Email address, authentication tokens, device information |
| Sentry | United States | Error reporting | Error information (personally identifiable information is removed) |
| Lemon Squeezy | United States | Payment processing (direct purchases) | Internal identifier, email address |
| Google LLC | United States | Website analytics | Cookies, anonymized IP address, browsing information |
Each service handles information in accordance with its own privacy policy.
4.3 International Data Transfers
The service providers listed above are located in the United States, and your information may be processed on servers in the United States. In accordance with Article 28 of the Act on the Protection of Personal Information (Japan), we have confirmed that our service providers maintain appropriate systems for the protection of personal information and have contractual safeguards in place to ensure appropriate security measures.
5. Data Storage and Security
5.1 Storage Locations
- Local data: Stored in a local database (SQLite) on your device. We cannot access this data.
- Authentication tokens: Stored in your operating system’s secure storage (macOS Keychain, Windows Credential Manager).
- Cloud data: Stored on Supabase servers (United States).
5.2 Retention Period
Personal information is retained only for as long as necessary to fulfill the purposes of use, and is deleted within a reasonable period once it is no longer needed.
- Authentication data: Retained for the duration of your account. Deleted within a reasonable period after account deletion.
- Device information: Retained for the duration of your account. Devices are deactivated upon logout.
- Error reports: Automatically deleted after 90 days in accordance with Sentry’s retention policies.
5.3 Security Measures
We implement the following measures to prevent leakage, loss, and damage of personal information:
- Encryption of communications (TLS)
- Storage of access tokens in OS-level secure storage
- Row-Level Security (RLS) authorization on Supabase
- Removal of sensitive data before transmitting error reports
6. Your Rights
Under applicable law, you have the following rights:
- Right of access: You may request disclosure of the personal information we hold about you.
- Right of correction: If your personal information is inaccurate, you may request correction, addition, or deletion.
- Right to restrict processing: If your personal information is being used beyond the stated purposes, you may request suspension of use or deletion.
- Account deletion: You may request deletion of your account at any time through the method designated by the Company. Upon account deletion, your data stored on our servers will be deleted within a reasonable period.
To exercise these rights, please contact us using the information at the end of this Policy. We will respond within a reasonable period after verifying your identity.
7. Cookies and Tracking
The Software (Desktop App)
The Software does not use cookies, web beacons, or analytics tools.
Our Website
Our website (quantest.andgenie.jp) uses Google Analytics to improve our services. Google Analytics uses cookies to collect access information (page views, session duration, referral sources, etc.). This information is collected anonymously and does not identify individuals.
- Information collected: IP address (anonymized), browser type, pages viewed, referral URL, access date and time
- Cookie duration: Up to 2 years (Google Analytics default)
- Opt-out: You may disable cookies in your browser settings or use the Google Analytics Opt-out Browser Add-on
- Google’s Privacy Policy: https://policies.google.com/privacy
When you visit our website, a banner will be displayed allowing you to choose whether to accept cookies. If you do not consent, Google Analytics will not collect your information.
8. Children’s Privacy
The Software is intended for users aged 18 or older. Users under 18 must obtain consent from a legal guardian before use. If we become aware that we have inadvertently collected personal information from a person under 18, we will promptly delete such information.
9. Changes to This Policy
We may revise this Policy in response to changes in applicable laws or our services. For significant changes, we will provide advance notice through the Software or by email. The revised Policy shall take effect upon publication on our website.
10. Contact Information
For inquiries regarding the handling of personal information or to exercise your rights, please contact us at:
- Company: Andgenie Co., Ltd.
- Data Protection Officer: Representative Director
- Contact Form