Privacy Policy

Last updated: February 11, 2026

1. Introduction

Mimic ("we," "our," or "us") operates the Mimic mobile application (the "Service"). This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service.

By using Mimic, you agree to the practices described in this policy. If you do not agree, please do not use the app.

2. Information We Collect

Information you provide:

  • Watchlist data: The list of insiders you choose to follow is stored locally on your device using standard iOS storage (UserDefaults).
  • Device token: If you enable push notifications, we collect and store your Apple Push Notification service (APNs) device token to deliver trade alerts for your followed insiders.

Information collected automatically:

  • Identifiers: We generate a unique anonymous identifier (via Supabase) to manage your access to our financial data services. This identifier is not linked to your name, email, or any personal contact information.
  • Usage data: We may collect anonymous, aggregated analytics about how you use the app (screens viewed, features used) for internal analytics to monitor the usage of our Service and detect, prevent, and address technical issues.
  • Device information: Basic device type and iOS version for app compatibility and debugging purposes.
  • Purchase history: We use RevenueCat to manage subscription status. We can see whether your subscription is active, but we do not store or have access to your payment card details.

Information we do NOT collect:

  • We do not collect your name, email address, phone number, or any personal contact information through the app.
  • We do not collect financial data, brokerage accounts, portfolio holdings, or trading account details.
  • We do not track your location or access GPS data.
  • We do not access your contacts, photos, camera, or microphone.

3. How We Use Your Information

Your data is used strictly for:

  • App functionality: Delivering insider trade data and displaying your personalized watchlist.
  • Push notifications: Sending trade alerts for insiders you follow (Pro subscribers only).
  • Account management: Managing your subscription status and app access level.
  • Internal analytics: Monitoring app usage patterns to improve performance, fix bugs, and develop new features.

4. Tracking, Advertising, and Data Sales

We do not use your personal data for tracking purposes across third-party apps or websites. Your data is not sold to third parties, and we do not display third-party advertisements. We do not engage in cross-platform tracking or share personal data with advertisers, data brokers, or any other third parties for marketing purposes.

5. Third-Party Services

Mimic uses the following third-party services to operate:

  • Supabase: Backend database and API hosting (hosted in US-West-2). Your device token (if notifications are enabled) and anonymous identifier are stored securely on Supabase servers with row-level security policies.
  • RevenueCat: Subscription management and receipt validation. RevenueCat processes your subscription through the Apple App Store. We do not have access to your payment information. RevenueCat Privacy Policy.
  • Apple App Store: All payments and subscriptions are processed entirely by Apple. We do not collect or store credit card numbers, billing addresses, or payment details.
  • Finnhub: Financial data provider for insider trade information. No personal user data is shared with Finnhub.

6. Data Storage and Security

Your watchlist is stored locally on your device using standard iOS storage and is never transmitted to our servers unless you enable push notifications (in which case only your followed insider list and device token are synced).

Server-side data (device tokens, anonymous identifiers) is stored on Supabase with:

  • Row-level security (RLS) policies restricting data access.
  • Encrypted connections (HTTPS/TLS) for all data in transit.
  • Restricted service-role access for write operations.

While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

  • Local data: Stored on your device until you delete the app or clear the app data.
  • Device tokens: Retained on our servers while your push notifications are active. Removed upon request or when the token becomes invalid.
  • Anonymous identifiers: Retained as long as necessary to provide the Service.

8. Subscriptions

Mimic offers optional in-app subscriptions managed entirely through the Apple App Store:

  • Monthly: $9.99/month, billed monthly.
  • Yearly: $59.99/year, billed annually.

Payment is charged to your Apple ID account at confirmation of purchase. Subscriptions automatically renew unless turned off at least 24 hours before the end of the current billing period. You can manage and cancel subscriptions at any time in your iPhone Settings > Apple ID > Subscriptions. No refunds will be provided for unused portions of a subscription period, except as required by applicable law.

9. Children's Privacy

Mimic is not directed at children under the age of 13 (or under 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

10. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access and portability: Request a copy of the data we hold about you.
  • Deletion: Delete your local watchlist data by deleting the app. Request deletion of server-side data (device token, anonymous identifier) by contacting us.
  • Opt-out of notifications: Disable push notifications at any time in your iPhone Settings > Notifications > Mimic.
  • Withdraw consent: You may stop using the Service at any time.

For users in California (CCPA) or the European Economic Area (GDPR): since we do not collect personal contact information, sell data, or track users across apps, most CCPA/GDPR requests are fulfilled by default. If you have specific requests, contact us at the email below.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. We encourage you to review this page periodically. Continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

mimicapp@gmail.com