A
APEX
How it Works Why APEX FAQ
Get Started
Legal

Privacy Policy

Effective Date: July 4, 2026  |  Last Updated: July 4, 2026

1. Who We Are

APEX is a business health scanning and investor due diligence tool available at apexledge.com. We help founders, investors, and analysts evaluate business health using publicly available financial data.

2. What Information We Collect

Information you provide directly:

  • Account information: email address and password when you create an account
  • Business information: company names, tickers, and financial figures you enter when running scans
  • Profile data: any preferences or settings you configure in your account

Information collected automatically:

  • Usage data: which features you use, how many scans you run, and when you use the product
  • Technical data: browser type, device type, and general location (country/region level only)
  • Log data: errors, performance data, and API request logs for debugging and security purposes

Information from third parties:

  • Financial data: we retrieve publicly available financial data from Finnhub for companies you scan. We do not store this data long-term — it is fetched on demand and returned to you.

3. How We Use Your Information

We use your information to:

  • Provide and operate the APEX service
  • Save your scan history so you can reference it later
  • Send you transactional emails (account confirmation, scan reports) via Resend
  • Monitor for abuse, enforce rate limits, and maintain security
  • Improve the product based on aggregated, anonymized usage patterns

We do NOT sell your data to third parties, use your data for advertising, or share your individual scan data with other users.

4. How We Store Your Information

Your data is stored in Supabase, a managed database platform with industry-standard encryption at rest and in transit. We use Row Level Security (RLS) policies to ensure users can only access their own data. API keys are stored as cryptographic hashes — we never store your raw API key after it is generated.

5. Data Retention

  • Account data: retained as long as your account is active
  • Scan history: retained as long as your account is active; you can delete individual scans from your dashboard
  • API logs: retained for up to 90 days for security and debugging purposes
  • Deleted accounts: we delete your personal data within 30 days of account deletion

6. Third-Party Services

ServicePurpose
SupabaseDatabase and authentication
VercelHosting and serverless functions
FinnhubFinancial data
GroqAI analysis (scan reports)
ResendTransactional email

When you run a scan, company identifiers (ticker symbols or business names) are sent to Finnhub to retrieve financial data and to Groq to generate the AI analysis. We do not send your personal account information to these services.

7. Your Rights

You have the right to access the data we hold about you, delete your account and associated data, export your scan history, and correct inaccurate information in your profile. To exercise any of these rights, contact us at privacy@apexledge.com.

8. Security

We take reasonable technical measures to protect your data, including encrypted connections (HTTPS), Row Level Security on all database tables, hashed storage of API keys, and rate limiting on all API endpoints. If you discover a security vulnerability, please contact us responsibly at privacy@apexledge.com.

9. Children's Privacy

APEX is not directed at children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify registered users of material changes via email. Continued use of APEX after changes are posted constitutes acceptance of the updated policy.

11. Contact

Email: privacy@apexledge.com
Website: apexledge.com

A
APEX
How it Works Why APEX FAQ Privacy Policy
© 2026 APEX. All rights reserved.