Privacy Policy

Last Updated: July 4, 2026


1. Introduction

MacroPulse ("we", "us", or "our") operates the MacroPulse website, application, API, and related services (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Services.

This Privacy Policy is published in accordance with the Personal Information Protection Act of the Republic of Korea (개인정보 보호법, "PIPA"), the European Union General Data Protection Regulation ("GDPR"), and the California Consumer Privacy Act ("CCPA"), where applicable to our operations.

By creating an account or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, you must not use the Services.

2. Information We Collect

2.1 Account Information. When you register, we collect:

If you register via Google Single Sign-On, we also receive from Google:

2.2 Usage and Activity Data. When you interact with the Services, we log:

2.3 Email Communication Data. We retain records of emails sent to and from you:

2.4 Payment Information. For paid subscriptions, we store:

We do NOT collect, store, or process credit card numbers, CVVs, or bank account details. All payment instrument storage is handled by PayPal, our payment processor. We never receive or store your full card information.

2.5 Economic and Market Data. The Services collect, process, and display publicly available economic and financial data from third-party sources (Federal Reserve, Bank of Korea, ECB, and others). This data is not personal information and is not linked to your identity.

3. How We Use Your Information

We use your personal information for the following purposes:

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your personal data under the following legal bases:

5. Cookies and Local Storage

5.1 Authentication Cookie. The Services use a single first-party cookie, mmti_refresh_token, to maintain your login session. This cookie contains only a JWT refresh token (not your access token or password). The cookie expires after 7 days, or 30 days if you select "Remember me" at login.

5.2 Session State. Your access token and user profile are stored in server-side session memory (Streamlit session state) that is cleared when you close your browser tab. This data is not persisted in cookies or local storage.

5.3 No Tracking Cookies. We do not use Google Analytics, advertising cookies, tracking pixels, or third-party tracking scripts. The only cookie we set is the authentication cookie described above.

6. Third-Party Service Providers

Your data is processed by the following third-party providers:

We do not sell, rent, or share your personal information with any other third parties for marketing or advertising purposes.

7. Data Security

We implement the following security measures to protect your personal information:

Despite these measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

8. Data Retention

9. Your Privacy Rights

9.1 Under PIPA (Korea). You have the right to:

9.2 Under GDPR (EU). You have the right to:

9.3 Under CCPA (California). You have the right to:

9.4 Exercising Your Rights. To exercise any of these rights, contact us at support@app.macropulses.com. We will respond to your request within 30 days. If we refuse to act on your request, we will inform you of the reasons and your right to lodge a complaint with the relevant supervisory authority.

10. Children's Privacy

The Services are not directed to children under the age of 13 (under COPPA, US) or 16 (under GDPR, EU). We do not knowingly collect personal information from children. If you believe we have inadvertently collected personal information from a child, please contact us at support@app.macropulses.com and we will promptly delete such information.

11. International Data Transfers

Your personal information is hosted on DigitalOcean infrastructure in New York City, USA (NYC2 region). If you access the Services from the Republic of Korea, the European Union, or other jurisdictions outside the United States, your data will be transferred to and processed in the United States.

For users in the Republic of Korea, this Privacy Policy is published in accordance with PIPA, and MacroPulse complies with cross-border data transfer requirements under PIPA Article 28. For users in the European Union, we rely on Standard Contractual Clauses or other lawful transfer mechanisms as appropriate.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and, where appropriate, sending a notification to your registered email address. The "Last Updated" date at the top of this page indicates when the policy was last revised. Your continued use of the Services after any change constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

We are committed to resolving any privacy-related concerns promptly and transparently.