Last updated 15 June 2026

Privacy & Cookie Policy

This policy explains how CFGI.io collects and uses personal data when you visit the site, create an account, subscribe to CFGI Advanced, buy developer credits, use alerts, generate API keys, embed widgets or contact us.

Short version

We use account, billing, security, API, alert and usage data to operate CFGI. We do not sell your personal data. Payment details are handled by Stripe. Optional delivery channels, such as Telegram, are used only when you connect them.

Who we are

CFGI.io is the controller for personal data collected through the CFGI website and account services, unless a separate notice says otherwise. You can contact us about privacy matters at [email protected].

If a third-party service processes your data for its own purposes, such as a payment provider or messaging platform, its own privacy terms may also apply.

Data we collect

  • Account data, such as name, email address, password hash, verification status, plan status and account settings.
  • Authentication and security data, such as session cookies, refresh tokens, IP-derived security signals, Turnstile verification results and basic request logs.
  • Billing data, such as plan, checkout, invoice and subscription status. Full card details are handled by Stripe and are not stored by CFGI.
  • Developer data, such as API key status, credit purchases, credit balance, endpoint usage, rate-limit data and technical logs.
  • Alert and notification data, such as saved alert rules, token/timeframe choices, delivery channels, recent alert activity and Telegram connection status where you enable it.
  • Preference data, such as theme, interface state, notification preferences and consent choices.
  • Usage data, such as pages visited, device/browser information, approximate location from IP address, referrers and interactions with the site.
  • Support data, such as messages you send to us and information needed to respond.

How we use data

  • To create, secure and manage your account.
  • To provide CFGI indices, dashboards, alerts, widgets, API access, developer credits and paid features.
  • To process payments, subscriptions, trials, invoices, refunds and billing support.
  • To send service emails, including verification, password reset, billing, security and important account notices.
  • To deliver alerts through enabled channels such as email, browser notifications or Telegram.
  • To prevent abuse, spam, fraud, scraping, credential stuffing and security incidents.
  • To remember preferences, consent choices and account settings.
  • To measure and improve site performance, product reliability, content quality and user experience.
  • To send product or marketing updates where permitted by law and your preferences.
  • To comply with legal obligations and enforce our Terms of Service.

Legal bases

Where UK GDPR, EU GDPR or similar data protection laws apply, we rely on the following legal bases as appropriate:

  • Contract, to provide the account, subscription, alert, widget, API and billing services you request.
  • Legitimate interests, to secure the platform, prevent abuse, improve the service and understand usage.
  • Consent, where required for optional cookies, marketing communications or optional notification channels.
  • Legal obligation, where we must keep records, respond to lawful requests or comply with applicable rules.

Where we rely on legitimate interests, we balance those interests against your rights and expectations. Where we rely on consent, you can withdraw that consent without affecting processing that already took place.

Who we share data with

We share personal data only where needed to run CFGI, protect the service or comply with the law.

  • Hosting, infrastructure, database, logging and security providers.
  • Stripe for checkout, subscriptions, invoices, billing portal access and developer credit purchases.
  • Cloudflare Turnstile and related security services for bot and abuse protection.
  • Email delivery providers for account verification, password reset, service notices and alerts.
  • Analytics providers if analytics are enabled, to understand aggregate product usage.
  • Telegram, only if you choose to connect Telegram alert delivery.
  • Professional advisers, regulators, law enforcement or courts where required or reasonably necessary.

We do not sell your personal data.

If CFGI is involved in a merger, acquisition, restructuring, financing or sale of assets, personal data may be transferred as part of that transaction, subject to appropriate protections.

Cookies and similar technologies

CFGI uses cookies and similar storage to keep you signed in, remember display preferences, protect forms from abuse, support billing flows and understand how the site performs.

  • Essential cookies are required for login, session security, CSRF/security checks, account display state and core site functions.
  • Preference cookies may remember theme, display or interface choices.
  • Analytics cookies may help us understand usage if analytics are enabled.
  • Third-party cookies or redirects may be used by providers such as Stripe, Cloudflare or Telegram when you interact with those services.

You can control cookies through your browser settings. Blocking essential cookies may prevent account, checkout, alert or API dashboard features from working correctly.

Retention

We keep personal data only for as long as reasonably needed for the purposes described in this policy, unless a longer period is required by law, tax, accounting, security or dispute-resolution needs.

  • Account records are kept while your account is active and for a reasonable period after closure.
  • Billing and transaction records may be kept for tax, accounting and fraud-prevention requirements.
  • Security logs are kept for a limited period unless needed to investigate abuse or protect the service.
  • API usage and credit records are kept as needed to calculate credits, diagnose issues and enforce rate limits.
  • Support messages are kept while needed to respond and maintain a useful support history.

Backups and archival copies may persist for a limited period after deletion from active systems. We may keep limited records where necessary to prevent abuse, resolve disputes, enforce agreements or meet legal obligations.

International transfers

CFGI and its providers may process data in the United Kingdom, European Economic Area, United States or other countries. Where required, we use appropriate safeguards such as contractual commitments or other lawful transfer mechanisms.

Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to or receive a copy of your personal data. You may also have the right to withdraw consent where processing is based on consent.

To make a request, contact [email protected]. We may need to verify your identity before acting on a request. You may also have the right to complain to your local data protection authority.

You can manage some account, notification and billing settings directly from your account area. You can also unsubscribe from non-essential emails using the method shown in the message where available.

Security

We use technical and organisational measures designed to protect personal data, including HTTPS, account authentication, bot protection, limited access controls and provider security controls. No internet service can be guaranteed to be completely secure.

You are responsible for using a strong password, protecting your devices, keeping API keys private and signing out of shared devices.

Automated decisions and children

CFGI does not use your personal data to make solely automated decisions that produce legal or similarly significant effects. CFGI is not intended for children under 16, and we do not knowingly collect personal data from children.

Changes

We may update this policy as CFGI changes. Material updates will be posted on this page and, where appropriate, communicated through the site or by email.