Security & privacy

Your reasons
stay your reasons.

We've built penKeep around one promise: we know what you own, but we never act on it. Below is what that means in practice.

Read-only by design
Broker links can read positions, never place trades.
Notes stay scoped
Your thesis notes are kept to your account and not sold.
Human response
Security and privacy requests go to real people, not a black hole.
✓ What we store
Your thesis notes
Encrypted at rest. Scoped to your account. Never read for ads or training without your explicit opt-in.
Your tickers and rough sizing
Used to decide which signals are relevant to you.
Your alert preferences
Tone, delivery, quiet hours.
Email + sign-in
Standard email and password auth with JWT sessions.
✕ What we don't
Your trade history
We don't ingest it. You don't need to share it. The broker connection only reads positions, not transactions.
Payment / banking info
We never see it. Billing for any future premium tier will be handled by a third-party processor.
Your real-time positions for trading
We poll positions on a schedule. We don't subscribe to a tick stream, because we don't need one.
Sharing with third parties
We don't sell or share your thesis notes. Period.
How we think about trust

The security model follows the product model.

Product design
We do not need your trade history to do the job.
penKeep is built around why you own something now, not around storing every historical transaction you ever made.
Incentives
We never act on the positions we can see.
The product exists to help you think more clearly, not to turn your account into an execution surface.
Failure mode
If we make a mistake, we tell you plainly.
Security trust is not just prevention. It is also how directly and quickly a team responds when something goes wrong.
The details

What's under the hood.

This is the practical layer: how credentials, hosting, access, and disclosure are handled around the core product.

Encryption
Broker API keys encrypted at rest (Fernet AES). TLS in transit.
Hosting
Railway cloud hosting. Database backups managed by the platform.
Access controls
We keep engineer access to production data minimal.
Vulnerability program
Responsible disclosure at security@penkeep.io.
Dependencies
Minimal dependency surface area.
Your rights

Export everything. Delete anything. It's yours.

Export
We're building export to Markdown and JSON. Contact us if you need your data before that ships.
Delete
Email privacy@penkeep.io to delete your account and data. We'll confirm within 7 days.
Subject-access requests
Email privacy@penkeep.io and we reply within 14 days, free.
Incident posture

We are a small team. We will make mistakes. When we do, we will tell you, fix them, and write publicly about what we learned. That's the deal.

Security questions → security@penkeep.io