Skip to main content
TickerPosts

Privacy Policy

Last updated May 23, 2026

What This Page Covers

This page explains what TickerPosts collects about you, why, how long it is kept, who can see it, and what choices you have. It is written for the person using the site, not for a lawyer. Where a section makes a promise about a feature that has not shipped yet, it says so plainly.

Privacy At A Glance

You can read every public page on TickerPosts without creating an account and without telling us who you are. The site does not load Google Analytics, Facebook Pixel, advertising networks, social-sharing trackers, or any other third-party script that profiles your visit. The only data that leaves your browser without you doing anything is whatever is needed to deliver the page itself.

Creating an account adds an email address, a username, a password (stored only as a one-way hash, not as the plain password), and any posts or replies you choose to publish. Saving a watchlist while signed out stores the symbols in your own browser; the site never sees that list unless you sign in and choose to sync it.

What We Collect When You Visit

Each time your browser asks our hosting provider for a page, the request includes information your browser sends to every website: your IP address, the URL you asked for, the time of the request, your browser user-agent string, and the referring URL if one was sent. Our hosting provider (described under Hosting And Infrastructure below) uses this information to deliver the page, to defend against denial-of-service attacks and abuse, and to keep basic operational logs. TickerPosts does not maintain a separate analytics database of these requests and does not sell or rent them.

What We Store On Your Device

TickerPosts uses a small number of cookies and browser-local storage keys to remember settings and to keep you signed in. We do not use any of them for advertising or for cross-site tracking.

  • tickerposts_theme · cookie · remembers whether you chose the light, dark, or system theme. Lasts up to one year.
  • tickerposts_session · cookie · only set after you sign in. Identifies your session so you do not have to log in on every page load. HttpOnly and Secure; expires when the session ends.
  • tickerposts_csrf · cookie · only set when you have a session. Used to verify that actions like posting a comment or saving a watchlist came from you and not from a malicious other site.
  • tickerposts_watchlist · browser local storage · the symbols you have saved to your watchlist while signed out. Stored only in your browser. Cleared when you sign in and choose to sync, or when you remove every ticker.
  • tickerposts_watchlist_sort · browser local storage · the sort order you chose for your watchlist.
  • tickerposts_recent_searches · browser local storage · the last few tickers you searched, so the search box can suggest them again.
  • tickerposts_remembered_email · browser local storage · the email you typed into the login form, if you ticked the “remember me” box. Cleared when you untick the box.

You can clear any of these at any time from your browser's privacy settings. Clearing the session cookie signs you out. Clearing the watchlist key while signed out empties your saved tickers.

What We Collect If You Create An Account

Creating an account stores three things about you: the email address you sign up with, the username you choose, and a one-way hash of your password. We never store the password itself, and the hash cannot be reversed into the original password. We also record the timestamp when the account was created and the timestamp of your most recent sign-in, so the site can show signals like the small “New” badge on accounts that are only a few days old.

Your username is public. Every comment, reply, vote, and watchlist sync associated with your account is linked to that username. Your email address is private and is used for authentication, password reset, and (if you ever opt in) account-related notifications. It is never shown next to your posts.

What We Store From Your Activity On The Site

When you post a comment or reply, the text you wrote, the ticker page it belongs to, your username, and the time of the post are stored and shown publicly. When you upvote or downvote a comment, the vote and your account ID are stored so the score reflects your input and so you cannot vote twice. When you report a post, the report category, any optional details you typed, the post you reported, and your account ID are stored for the moderation team. Reports are not shown publicly.

When you sign in and save a watchlist, the list of symbols is stored against your account so it follows you across devices. If you sign out, the synced list stays on the server until you sign back in and remove it.

How We Use The Data

We use the information above only to operate the site: to render the pages you ask for, to keep you signed in, to show your posts and watchlist back to you and to other readers in the way you intended, to run the moderation queue, to defend against spam and abuse, and to fix bugs when something breaks. We do not build advertising profiles, we do not sell, rent, or trade the data, and we do not share it with data brokers.

Hosting And Infrastructure

TickerPosts is served from Cloudflare's global edge network and stores account, comment, vote, report, and watchlist data in a Cloudflare database. Cloudflare receives the request information described under What We Collect When You Visit as part of delivering the site and protecting it from attacks. Cloudflare's own handling of that data is covered by its privacy notice at cloudflare.com/privacypolicy.

The site does not currently use any other third-party service that receives data about you. There are no ad networks, no analytics providers, no email marketing platforms, and no social-media embeds that would phone home from your browser. The price chart on each ticker page is rendered locally by an open-source charting library that does not transmit anything back to its publisher. The data sources for tickers, prices, and charts are listed on the data sources page.

If we ever add a service that would change this (for example, analytics, email delivery, or advertising), this page will be updated first, the change will be listed in the changelog, and any required consent prompts will be added at the same time.

Children

TickerPosts is intended for an adult audience interested in publicly traded stocks. The site does not knowingly collect personal information from children under 13. If you believe a child has created an account, ask them to delete it through the account controls (or report the account through the in-product report tools) and the account will be removed.

Your Choices And Controls

You can browse the site, read every public page, and use search and watchlist features without an account. You can sign out at any time from the account menu, which clears the session cookie. You can edit or delete any comment you wrote from the post itself. You can clear any of the cookies and browser storage keys listed above from your browser settings.

Account-level data export and one-click account deletion are on the short-term roadmap and will be added to the account settings page when they ship. In the meantime, signed-in users who want their account fully removed can email tickerposts@fastmail.com from the address on their account and the team will handle it by hand. This page will be updated when the self-serve flow ships, and the date will be noted in the changelog.

Data Retention

Comments, replies, votes, and synced watchlists are kept while your account is active so they continue to render on the site. When you delete a comment, the body is removed from the public view and only the moderation metadata needed to handle later disputes is retained. Reports are kept as long as the moderation team needs them to review patterns of abuse. Session cookies expire when the session ends. CSRF tokens expire shortly after they are issued. Closed-account deletion and anonymization rules will be documented here once the self-serve flow above ships.

Security

Passwords are stored as one-way hashes, not as readable text. The site is served only over HTTPS and the session cookie is marked HttpOnly and Secure so it is not exposed to client-side scripts and is not sent over plain HTTP. The team takes reasonable steps to protect the data on the server side, but no online service can promise absolute security. If you believe an account or a piece of data may have been exposed, please email tickerposts@fastmail.com so it can be reviewed quickly.

International Users

TickerPosts is operated from the United States and the data it stores is held by a US-based hosting provider with a global edge network. If you are visiting from outside the United States, you understand that your information will be processed in the United States, where data protection rules may differ from those in your country.

Changes To This Page

We will update this page when the way we handle data changes (for example, when account export and deletion ship, or if a third-party service is ever added). Material changes will be listed in the changelog with the date of the change so you can see what is new since you last read this page.

Reaching Us

To raise a privacy concern, ask a question about your data, or report misuse, email tickerposts@fastmail.com. You can also use the report control on any post; the moderation team monitors that queue. For the kinds of issues that belong with regulators rather than with us, US visitors can review the consumer-finance materials at investor.gov.