Privacy Policy
FM Alerts is a personal market-monitoring iOS app. This policy explains what data the app handles, how it is used, and which third-party services are involved in operating the product.
What information FM Alerts handles
FM Alerts handles the following categories of data to operate core functionality:
Account information. Email address and role used for authentication. Access codes are validated securely server-side. No passwords are stored.
Authentication tokens. An authentication token is stored locally on your device after sign-in to keep you signed in. It is cleared when you sign out.
Alert rules and event history. Rules you create (ticker, threshold, cooldown, channels) are stored in the backend database. Alert events generated when rules fire are also stored, including status, message, timestamp, and delivery metadata.
Device push token. When you grant notification permission, the app registers an APNs device token with the backend. This token is stored and used only to deliver push notifications via AWS SNS to your device.
App preferences. Sound settings are stored locally on your device. They are not transmitted to the backend.
Market data. The app fetches and displays market data (prices, moves, news sentiment) from third-party services. This data is not stored against your account — it is fetched fresh on each session.
What FM Alerts does not do
Third-party services
FM Alerts relies on the following third-party services to operate. Each is used solely for product functionality, not advertising.
| Service | Purpose | Data involved |
|---|---|---|
| AWS EC2 / RDS Amazon Web Services |
Hosts the backend API and PostgreSQL database in us-west-2. | All server-side data: rules, events, device tokens, user accounts. |
| AWS SES Amazon Simple Email Service |
Delivers email alert notifications when a rule fires with email channel enabled. | Alert content (ticker, move%, rule name) and recipient email address. |
| AWS SNS → APNs Amazon SNS + Apple Push |
Delivers push notifications to your iPhone via Apple Push Notification service. | APNs device token and alert content (ticker, rule name, message). |
| Alpaca Markets | Provides real-time equities snapshot data (price, volume, intraday moves) for the watchlist and alert rules. | No user data is sent to Alpaca. Only market data is fetched. |
| Databento | Provides CME Globex live streaming data (GLBX.MDP3) for futures signals. | No user data is sent to Databento. Only market data is streamed. |
| Benzinga | Provides news article titles and teasers used for news sentiment scoring in equities pressure. | Ticker symbols are sent in API requests. No user data is transmitted. |
| AWS CloudWatch | Infrastructure monitoring and alarms for EC2, EBS, and API health. | Server-side performance metrics only. No user data. |
| AWS Route 53 | DNS routing for fm-alerts.com. | No user data. DNS resolution only. |
Data retention
Alert events. Events are retained in the database indefinitely unless manually deleted via the app's delete test rules function or by contacting support. Stale events older than 6 hours that failed delivery are automatically dropped from the retry queue.
Device tokens. Your APNs device token registration persists until you sign out and sign back in (which refreshes the token) or until you contact support to remove it.
Local preferences. Sound settings persist on your device until you delete the app or clear app data.
Authentication tokens. Authentication tokens are stored locally and cleared when you sign out.
Security
All communication between the app and backend uses HTTPS (TLS). Authentication credentials are validated securely server-side. The backend runs on AWS infrastructure with appropriate access controls.
No sensitive credentials (API keys, secrets) are stored in the iOS app binary or transmitted to the client.
Contact
For privacy questions, data removal requests, or any concerns about how FM Alerts handles your information, contact:
Include "Privacy" in the subject line. Requests are handled directly — no third-party privacy intermediary is involved.