ApexFlow
Home

Privacy Policy

This Policy describes what data the ApexFlow online service collects, and how it is used, stored and deleted.

Revised on June 11, 2026 · apexvision.trade

1. General provisions

1.1. This Privacy Policy (the "Policy") applies to all data that Физическое лицо — предприниматель Асеев Александр Юрьевич (ФОП Асєєв Олександр Юрійович) (the "Operator") receives about a user of the online service ApexFlow (apexvision.trade, the "Service").

1.2. Personal data is processed in accordance with the Law of Ukraine "On the Protection of Personal Data" No. 2297-VI of 01.06.2010 and other applicable law of Ukraine. By using the Service, the User consents to the processing of their personal data on the terms of this Policy.

2. What data we collect

2.1. Account data (Google OAuth)

Sign-in to the Service is done via Google OAuth 2.0. During authorization we receive from Google and store:

  • email address;
  • profile name;
  • a link to the profile image (avatar).

The Google account password is not transmitted to, processed by or stored by the Service. The scope of requested permissions is limited to the basic profile.

2.2. Service usage data

  • chart screenshots uploaded by the User and the results of their analysis (analysis history);
  • messages in conversations with the AI assistant ALBERT;
  • data about token balance, trial period and completed purchases (order ID, package, payment status);
  • support requests and feedback submitted through the Service.

2.3. Technical data and logs

  • IP address, browser and device type, language;
  • date and time of requests, actions in the Service (access and security logs);
  • technical events and errors needed for diagnostics.

2.4. Payment data

Payment is processed by the Service's payment provider. Bank card details are processed exclusively by the payment system in accordance with the PCI DSS standard and are not transmitted to the Operator. The Operator receives only the payment status, the amount and the order ID.

3. Cookies

3.1. The Service uses cookies in a minimal amount:

  • Session cookies — mandatory; they enable authorization and session security (session ID, CSRF protection during Google sign-in). Sign-in to the Service is impossible without them.
  • Functional cookies — may be used to save interface settings.

3.2. The Service does not use third-party advertising or tracking cookies. The User can delete cookies in their browser settings, but this will end the session.

4. Purposes of data processing

  • providing access to the Service and identifying the User;
  • running analyses, operating AI features and storing analysis history;
  • token accounting, payment processing and fraud prevention;
  • ensuring security and detecting abuse and technical failures;
  • user support and handling requests;
  • complying with the requirements of the law of Ukraine.

Data is not used for automated decision-making with legal consequences for the User and is not sold to third parties.

5. Sharing data with third parties

5.1. Data may be shared with a limited circle of recipients:

  • Google LLC — as part of Google OAuth authorization;
  • the payment provider — as part of payment processing;
  • infrastructure providers (hosting, AI request processing) — to the minimum extent necessary for the Service to operate;
  • government authorities — only upon a lawful and justified request in the cases provided for by the law of Ukraine.

5.2. In all other cases, data is not shared with third parties.

6. Data storage and protection

6.1. Data is stored on secure servers. Access to it is restricted and granted only to persons who need it to operate the Service.

6.2. Organizational and technical protection measures are applied: connection encryption (HTTPS/TLS), signing and verification of payment notifications, access segregation, and security event logging.

6.3. Data is stored for the lifetime of the User's account. Payment records may be kept longer if required by the tax and accounting law of Ukraine.

7. Account and data deletion

7.1. The User may at any time request deletion of their account and the associated data by sending a request from the email address linked to the account to sanya.aseev.88@gmail.com with the subject "Account deletion".

7.2. The account and data (profile, analysis history, ALBERT conversations) are deleted within up to 30 calendar days of the request being confirmed. Any remaining unused tokens are cancelled upon account deletion; a refund for them is possible in the manner set out in the Refund Policy.

7.3. Payment records may be retained in an anonymized or minimally necessary form for the periods set by law for financial reporting.

8. User rights

Under the Law of Ukraine "On the Protection of Personal Data", the User is entitled to:

  • obtain information about the composition and content of their data;
  • demand the clarification or correction of inaccurate data;
  • withdraw consent to processing and demand deletion of the data;
  • appeal the Operator's actions to the Ukrainian Parliament Commissioner for Human Rights or in court.

Requests are sent to sanya.aseev.88@gmail.com and reviewed within up to 10 business days.

9. Changes to the Policy

The Operator is entitled to update this Policy. The current version is always available at apexvision.trade/privacy with the revision date indicated. Material changes may additionally be announced in the Service's interface.

10. Contacts

Физическое лицо — предприниматель Асеев Александр Юрьевич (ФОП Асєєв Олександр Юрійович)
E-mail: sanya.aseev.88@gmail.com
Website: apexvision.trade