How We Protect Your Data

Black Swan Lab is built for investors who take risk seriously — including the risk of trusting a platform with sensitive financial information. Here is exactly how we handle your data.

🛡️

No Portfolio Data Stored

Your portfolio calculations run entirely in your browser. We never store your asset allocations, positions, or stress test inputs on our servers. When you close the tab, the data is gone — because it was never sent to us in the first place.

🔒

Encryption

All data transmitted between your browser and our servers is encrypted with TLS 1.3 — the same standard used by banks and financial institutions. Account data stored on our infrastructure is encrypted at rest.

👤

Authentication

User authentication is handled by Clerk, an enterprise-grade identity provider with SOC 2 Type II certification. We never store or manage passwords directly — all credential handling is delegated to Clerk's infrastructure.

🌍

GDPR Compliance

We comply with the EU General Data Protection Regulation (GDPR). You can request deletion of your account and all associated data at any time. We do not sell, share, or monetise your personal information. Cookie usage is limited to essential authentication and session management.

For IT & Compliance Teams

  • Hosting: Vercel (SOC 2 Type II, ISO 27001)
  • Authentication: Clerk (SOC 2 Type II)
  • Payments: Stripe (PCI DSS Level 1)
  • Email: Resend (SOC 2 Type II)
  • Portfolio data: client-side only, never transmitted to backend
  • No third-party analytics trackers
  • No data sold to third parties
Privacy PolicyTerms of ServiceDisclaimer