Account & Billing.

No.

The Co-Pilot uses Anthropic's hosted Claude API. Each query is a fresh API call with a prompt that contains only:

• The deterministic report payload (the verdict, engine votes, context fields)
• The user's question
• System instructions (the hard rules)

It never includes your journal entries, your watchlist, your account info, or any other private data unless you explicitly paste it into the question.

Anthropic's API default is that prompts and responses are not used to train their models. We operate under that default and don't opt into any training-data collection.

Three things, all in natural language:

1.Explain reports— "Walk me through this Market Intelligence verdict." The Co-Pilot reads the deterministic payload (engine votes, confidences, key levels, rationale) and produces a conversational summary.

2.Critique reports— "Is this verdict reliable?" Surfaces internal inconsistencies (e.g., engines disagree more than usual), fragile dependencies (verdict driven by a single engine), or warning signs (low confidence, parent-timeframe conflict).

3.Surface insights— "What's worth noticing?" Identifies anomalies — extreme percentiles, regime transitions, contradictions with recent history.

Hard limits: the Co-Pilot never generates signals, never says "I recommend," never invents numbers not in the payload (a cite-checker rejects responses with numbers outside the source data).

10 queries per day per user, resetting at midnight UTC. The cap is intentional — we want traders to think before asking, not spam the model.

Breakdown by plan: - Free: 0 queries (Co-Pilot is locked, but you can read it on past reports) - Plus / Pro / Enterprise: 10 queries/day

A query is a single round-trip (your question + the AI's response). Follow-up questions in the same conversation count separately.

If you regularly hit the limit and need more, talk to us — Enterprise customers get higher quotas on request.

Three guard layers:

1.Prompt design— the system instructions explicitly tell the model to ground every claim in the provided payload, to refuse questions outside its scope, and to never invent numbers.

2.Cite checker(post-generation) — we parse the response for numerical claims and verify each one against the payload. If the model cites a percentile or value not in the source data, we reject the response and the user sees "Couldn't generate a reliable answer for this query."

3.No-recommendation filter— phrases like "I recommend," "you should," "the best trade is" are filtered out. Repeat offenses get the response rejected.

The combination keeps hallucination rate very low in production. We log every rejection for ongoing tuning.

Claude Haiku 4.5 from Anthropic. We chose it for three reasons:

1.Fast response time— typically under 2 seconds for an explanation. Slower models break the flow of analysis.

2.Lower cost— the Co-Pilot is for interpretation, not deep research. We don't need the heaviest reasoning model, and lower per-query cost means we can offer reasonable quotas.

3.Strong instruction-following— Haiku 4.5 reliably respects the hard rules (no recommendations, no inventing numbers, cite-check compliance).

For Enterprise customers who want a heavier model for specific use cases, we can route to Claude Sonnet on demand at a different rate structure.

Two reasons.

Product reason: FOCSAL is built on the principle that the trader decides. We surface evidence, weight it, explain it. Recommendations would short-circuit the cognitive work that makes traders better over time.

Legal reason: FOCSAL is not a licensed financial advisor or investment advisor in any jurisdiction. Giving specific buy/sell recommendations would be regulated activity. We don't do it because we shouldn't and because we believe traders are better served without it.

The Co-Pilot will help you understand. It won't tell you what to do.

Different prompts that produce different perspectives on the same report:

• Explain— "What does this report say, in plain English?" Best when you're new to a module or want a quick summary. The Co-Pilot walks through what each engine said and why the aggregated verdict came out the way it did.

• Quality— "Is this report internally consistent? Are there fragilities?" The Co-Pilot looks for engines that disagree, verdicts driven by a single engine, weak confidence, conflicts with parent timeframes. Use when you want to stress-test before acting.

• Insights— "What's unusual or worth highlighting?" Surfaces extreme percentiles, regime changes, divergences from recent history. Use when you want the system to point at anomalies.

You pick the mode in the Co-Pilot panel before asking.

No, not by default. Every Co-Pilot query is stateless and isolated — the prompt contains only the report you're asking about and your question.

We deliberately don't pipe in your private context (journal, watchlist, history) because:

1.Privacy— your journal stays in your account, never goes to the AI API 2.Determinism— the same question on the same report gives the same answer 3.Trust— you know exactly what the Co-Pilot sees

Enterprise customers can opt into context-aware mode for specific use cases (e.g., "how does this verdict compare to my last 10 trades on this asset?"), with explicit consent and a clear audit trail.

English by default. Polish, Spanish, and German are supported — set your preferred language in profile settings and the Co-Pilot responds accordingly.

Trading terminology (gamma flip, basis, BOS) is preserved in English even in non-English responses, because translating these terms would lose precision. The Compendium provides definitions in the user's selected language.

Four tiers:

• Free — $0/month: 1 asset (BTC), 1 venue, Pulse + Macro + Smart Money cohort view, Strategy library, no AI Analyst, no alerts. Indefinite duration.

• Plus — $50/month: 20 assets, 6 venues, full Read the Market modules (Order Flow, Liquidity Map, Options Map, Smart Money), Journal, 10 email alerts. No AI Analyst. No API.

• Pro — $100/month: 200 assets, 6 venues, everything in Plus + AI Analyst(10 queries/day) + Smart Money full + Telegram alerts unlimited + Strategy Lab full + API Layer 1 access.

• Enterprise — $500/month: everything in Pro + custom analyses + dedicated analyst hours + full API (Layers 1-4) + webhooks + 1h support SLA + 99.9% uptime SLA.

7-day Pro trialavailable without credit card. One trial per email address.

Pro is the flagship for serious individual traders.

Everything in Plus, plus: - 200 assets (full coverage including alts with futures markets) - AI Analyst (10 queries/day across Explain / Quality / Insights modes) - Strategy Lab full — AI-optimized strategies, advanced backtesting - Journal AI insights — pattern recognition across your trades - Telegram alerts (unlimited) - Custom alert rules with AND/OR conditions - API Layer 1 access (50,000 calls/month, 60/min) — funding, OI, liquidations, options chain, orderbook, OHLCV - Email/chat support, 4h response target

The 7-day free trial gives you Pro tier access without a credit card.

Enterprise is for trading desks, funds, and teams.

Everything in Pro, plus: - API Layer 1-4 full access — Foundation + Analytics + Intelligence + Strategy/Copilot endpoints (1M calls/month soft cap, 500/min, unlimited WebSocket subscriptions, MCP server access) - Custom analyses on request - Dedicated analyst hours (4h/month) for hands-on questions - Custom alert webhooks - Custom dashboard layouts - Priority feature requests - 1h support response SLA via dedicated Slack channel - 99.9% monthly uptime SLA with credits for breaches

Enterprise contracts beyond $500/mo (e.g., white-label, custom infrastructure, hedge fund deployments) are negotiated case-by-case. Emailsales@focsal.com.

Plus is the entry point for active traders.

You get: - 20 assets (BTC, ETH, SOL, XRP, plus 16 majors) - 6 venues (full venue coverage for spot/perp + Deribit options) - All modules unlocked: Order Flow, Footprint, Liquidity Map, Options Map, Charts, Smart Money (full snapshot) - Strategy Lab — basic builder + backtest - Journal — full analytics - 10 email alerts (Market Intelligence-driven, e.g., regime change on BTC.4h) - All Market Intelligence verdicts and rationales

You don't get: AI Analyst, Telegram alerts, custom analyses, API.

Plus suits traders who want the FOCSAL toolkit without the AI layer or API.

Yes, with different rules per direction:

• Upgrade(e.g., Plus → Pro): takes effect immediately. You're charged a prorated amount for the remainder of the current cycle, calculated as:(new_price − old_price) × days_remaining / 30. The new features unlock instantly.

• Downgrade(e.g., Pro → Plus): takes effect at the end of the current billing cycle. You keep your current tier until then, and the lower price kicks in for the next renewal. No refund for the difference (this is how Stripe handles it natively and how UPK requires us to treat fully-performed service).

Both changes require the standard 3 consent checkboxes (Terms acceptance, immediate service request, withdrawal waiver) for the upgrade case.

Any new user with a verified email. One trial per email address — we track this via atrial_eligibleflag on the account.

If you create a second account with a different email after using your first trial, you can technically get another trial, but multi-account abuse violates our Terms of Service and may result in suspension.

Trial activation: after signup and email verification, go to your billing page and click"Start 7-day Pro trial". No card required. You'll get atrial_startedemail with the end date.

The trial expires automatically — you won't be charged because there's no card on file.

Your account drops to Free tier automatically. You'll receive:

• 48h before end: "Your trial ends in 2 days" email
• 24h before end: "Your trial ends tomorrow" email
• At end: "Your trial has ended — your account is now on Free tier" email

Your data (journal entries, saved strategies, alerts) is preserved. Pro features simply lock; if you upgrade later, everything's there waiting.

If you decide to subscribe before the trial ends, the trial continues until its natural end date and you're charged starting from that date (no double-charging).

Free is genuinely useful — not a marketing trap.

You get: - BTC pulse dashboard (the 7-widget morning check) - Macro context (DXY, walcl, regime) - Smart Money cohort view (latest CFTC TFF snapshot for BTC) - Strategy library (read-only access to community strategies) - Compendium (full encyclopedia access) - Preview of Market Intelligence reports (verdict visible, full rationale locked)

You don't get: AI Analyst, alerts, multi-asset, multi-venue, journal, Strategy Lab, API.

Free is for evaluating the product or for casual market watchers. Active traders move to Plus or Pro within a week.

Each plan defines three knobs:

• Daily quota— hard ceiling. Once exhausted, the evaluator silently suppresses further fires for the day (counter resets at midnight UTC).
• Cooldown— per(asset, TF, bias)combo. Prevents the same trigger from emailing you on every 5-minute scan:Plus 4h, Pro 2h, Enterprise 1h.
• Max watched assets— the alphabet of what the evaluator scans. Assets outside your watched list are ignored entirely, even if they would otherwise satisfy the trigger.

Higher tiers don't get lower thresholds (every alert is still high-conviction). They getmore responsiveness— shorter cooldown means a 4h reset doesn't gate you out if a fresh setup forms, more watched assets means broader coverage, larger daily quota means you don't hit the silent suppression ceiling during volatile sessions.

Monthly by default. Annual prepayment available at a 20% discount (so Pro annual = $960/year, equivalent to ~$80/mo).

Annual subscriptions are charged upfront, not refundable mid-term (see refunds policy), but you can downgrade or cancel renewal at any time.

Payment via Stripe — all major credit cards, bank transfers (SEPA for EU customers), and select alternative methods depending on your country.

FOCSAL operates under Polish Consumer Rights Act (UPK) and EU Consumer Rights Directive.

Trial users: 7 days of full Pro access, no card required, no charge at any point. If you don't convert, you owe nothing.

Paid subscribers: at the moment of subscribing, you actively consent to immediate service performance and waive your standard 14-day withdrawal right (Art. 38(1)(13) UPK). This means refunds are generally not available for periods where the service was performed and accessible.

Exception: if FOCSAL fails to deliver the service (extended downtime, account locked through our error, billing mistake), we issue prorated refunds or credits. Emailsupport@focsal.comwithin 30 days of the issue.

This is a deliberate policy choice. We don't have a "30-day money-back guarantee" because we offer a 7-day trial without a card upfront — you can fully evaluate before paying.

Account Settings → Billing →Cancel subscription. One click; no "are you sure" guilt-trip flow.

What happens: - Your subscription marks ascancel_at_period_end = true- You keep your current tier access until the end of the current billing cycle - You'll receive a confirmation email with your exact end date - At the end date, your account drops to Free tier automatically - Your data (journal, strategies, alerts) is preserved

If you change your mind before the period ends, the same page has aResume subscriptionbutton.

You can also cancel via the Stripe Customer Portal (linked from your billing page) — same outcome.

Your data ispreservedwhen you cancel — the account simply drops to Free tier at the end of the billing period.

If you also want todelete your accountentirely (separate action):

1. Settings → Account →Delete account2. Soft delete: account becomes inaccessible; data retained for 30 days in case you change your mind 3. After 30 days: hard delete, GDPR-compliant — personal data removed or fully anonymized

During the 30-day grace period you can emailprivacy@focsal.comto restore. After that, restoration is impossible.

Before deletion, you canexport your dataas JSON: Settings → Privacy → Export my data. Includes journal, strategies, alerts, profile, consent log. Stripe-related data is managed by Stripe per their own retention policies.

Polish UPK (Consumer Rights Act, Art. 38) requires explicit, separable consent for three specific things when a digital service is delivered immediately after payment:

1.Terms of Service & Privacy Policy acceptance— standard agreement to our contract.

2.Request for immediate service performance— you explicitly request that the service begin right away (not after the 14-day cooling-off period).

3.Acknowledgment of withdrawal-right waiver— you acknowledge that, because service is performed immediately, you lose the standard 14-day withdrawal right.

Each must be a separate checkbox, unchecked by default, with clear language. Bundling them into a single checkbox would violate UPK and EU consumer protection law.

All three consents are logged in ourconsent_logtable with timestamp, IP, user agent, and document versions — for compliance and for your record.

Two reasons:

1.The trial replaces it.A 7-day free Pro trial without a credit card is the equivalent of a money-back guarantee, but cleaner: no chargebacks, no refund disputes, no "I forgot to cancel." You evaluate before paying, paying confirms your decision.

2.Legal compliance.Under Polish UPK (Consumer Rights Act), once a digital service is performed (i.e., you've accessed the platform during the billing period), the consumer waives the right of withdrawal upon explicit consent. We require this consent at checkout to enable immediate service delivery. Without the waiver, we'd have to delay your access for 14 days — which would defeat the purpose of buying analytics.

If you genuinely have a problem with the service we delivered, talk to us — we resolve issues case-by-case.

Filing a chargeback without first contacting us is a breach of our Terms of Service. Here's how we handle it:

1.We're notified by Stripewhen the chargeback is filed. 2.Account suspendedimmediately, pending resolution. 3.We contestthe chargeback with evidence (consent log entries, service access logs, IP records) — almost always successfully because the consent trail is comprehensive. 4.If your dispute is legitimate(billing error, fraud, service failure), please emailsupport@focsal.cominstead — we resolve genuine issues fast without involving banks.

If the chargeback is upheld against us despite legitimate service delivery, the account is terminated permanently and the user is added to a do-not-sell list across our infrastructure. We don't pursue legal recovery for amounts under €500, but reserve the right for larger or repeat cases.

No. Downgrades take effect at theendof the current billing cycle, not immediately. You keep the higher tier (and what you've already paid for) until then, and the new lower price kicks in at next renewal.

No prorated refund for the unused portion of the higher tier. This is consistent with both Stripe's standard subscription behavior and UPK rules around already-performed services.

If you want immediate downgrade with refund, cancel instead and re-subscribe on the lower tier — but in practice that's almost always worse for the customer because you lose your access until you re-subscribe.

No. FOCSAL doesn't need your API keys — we pull only public market data using our own clients.

We never ask for your exchange keys. There is no integration in the platform that requires them. If anyone asks you for exchange keys claiming to be from FOCSAL, it's a phishing attempt — report it immediately tosecurity@focsal.com.

Your trades happen on your exchange of choice using your own credentials. We see the public market state, not your individual positions.

Yes — TOTP-based (Time-based One-Time Password). Compatible with any standard authenticator app: Google Authenticator, Authy, 1Password, Bitwarden, Microsoft Authenticator.

Enable via Settings → Security →Enable 2FA: 1. Scan QR code with your authenticator app 2. Enter the 6-digit code to confirm 3.Save the 10 backup codes— shown once, each single-use

SMS-based 2FA is not supported. SMS is vulnerable to SIM-swap attacks; for accounts tied to financial workflows, the risk is unacceptable.

2FA is optional on Free / Plus / Pro andrequiredfor Enterprise accounts.

Settings → Account →Delete account. Confirms via password re-entry, then:

1. Account marked deleted (soft delete) — immediate logout, account inaccessible 2. Data retained for 30 days in case of reconsideration 3. After 30 days: personal data hard-deleted or anonymized in line with GDPR retention rules

If you have an active paid subscription, deletion cancels it (no proration refund — see refund policy).

During the 30-day grace period, emailprivacy@focsal.comfrom the account email to restore. After 30 days, restoration is impossible.

Before deletion, consider exporting your data (Settings → Privacy → Export my data).

JWT-based authentication with HS256 signing.

Flow: 1. You enter email + password on app.focsal.com 2. Backend verifies password against bcrypt hash (12 rounds) 3. On success, backend issues: -Access token(JWT, 60-minute lifetime, containsuser_id,plan_tier,is_admin) -Refresh token(256-bit random, 30-day lifetime, stored hashed in DB) 4. Frontend stores access token in localStorage, refresh token in httpOnly cookie 5. Access tokens automatically refresh silently before expiry — you stay logged in seamlessly

Logout revokes the refresh token server-side and clears local storage.

We support session management: see all active sessions in Settings → Security, revoke individual or all sessions.

ClickForgot passwordon the login screen, enter your email, and we send a reset link. Link is valid for 1 hour and single-use.

Clicking the link takes you to a reset page where you choose a new password.

Notes: - Using a reset link invalidates any previous unused reset links for the same account - All active sessions are revoked when you reset your password (a security measure) - We don't reveal whether the email exists in our system — the success message is the same whether the account exists or not (anti-enumeration measure)

Use abackup code. When you enabled 2FA you received 10 single-use backup codes — save them somewhere safe (password manager, printed in a secure location).

If you don't have backup codes: 1. Emailsupport@focsal.comfrom the email address on the account 2. Identity verification flow: we'll ask questions only the account holder would know 3. After verification, we disable 2FA and you re-enable it on a new device

The verification process takes 24-48 hours. We don't process 2FA recovery faster because rushing is exactly how account takeover attacks succeed.

• Minimum 10 characters
• Must contain at least one of each: uppercase letter, lowercase letter, digit
• Special characters allowed and encouraged (we don't restrict them)
• Checked against known breach databases — if your password appears in a known leak (haveibeenpwned), we reject it
• No maximum length (up to 1024 chars, which is well above anything reasonable)

We hash with bcrypt cost = 12, which is the industry standard for high-value applications.

We don't enforce arbitrary rotation. If you use a strong unique password (via a password manager), rotating it for the sake of rotating weakens security rather than improving it.

Yes. Settings → Security →Active sessionslists every device currently signed into your account, showing:

• Device fingerprint (browser + OS)
• Approximate location (city, country — derived from IP, not GPS)
• First login timestamp
• Last activity timestamp

You can revoke any session except your current one.Revoke all other sessionsis a single button if you suspect compromise.

Revoking a session invalidates its refresh token immediately; the next access token refresh will fail, forcing re-login.

Brute-force protection: 5 failed login attempts within 5 minutes locks the account for 15 minutes. The lock is per-account, not per-IP, so an attacker can't lock you out by trying from many IPs.

During lock: - Login is blocked even with the correct password - Password reset still works (intentional — so a legitimate user can recover quickly) - The locked account receives an email notification with details (timestamp, IP)

If you see lockout emails you didn't trigger, change your password immediately — someone is attempting to access your account.

TheRecent alerts tableinside the Alerts module shows the last 20 fires with: timestamp, asset, timeframe, bias, verdict prose, confidence score, and whether the email was successfully queued for delivery.

Full alert history isretained for 90 daysserver-side for audit and Prometheus monitoring purposes. If you need older history (for backtesting your alert reaction time or for tax records), you can export the journal-side trade records that reference each alert.

The alerts log is independent from your Journal — Alerts is the signal feed, Journal is your trade record. They can be cross-referenced via timestamp.

Open the Alerts module → flip bothFuturesandOptionstoggles off →Save settings. The evaluator skips your tenant on the next 5-minute cycle.

Re-enabling later picks up where you left off — your watched-asset list, thresholds, channel preferences (email vs Telegram), and notification settings are all preserved. Nothing is destroyed, just paused.

No cancellation flow, no "are you sure?" friction — alerts should be easy to silence when you're on vacation, in a focus session, or just don't want to be pinged for the next week.

Yes. FOCSAL is operated by a Polish legal entity, falls under EU jurisdiction, and processes data in line with GDPR (Regulation (EU) 2016/679).

Key commitments: - Lawful basis for every processing activity (consent for marketing, contract for service delivery, legitimate interest for fraud prevention and analytics) - Data minimization — we collect only what we need (email, plan info, journal/strategy content) - Purpose limitation — your data is used for service delivery, not resold - Subject rights honored: access, portability, erasure, rectification, objection, restriction - Breach notification within 72 hours per Art. 33 - DPO contact:privacy@focsal.com

Our Privacy Policy details the full scope of processing.

The minimum necessary:

At signup: email address, password (hashed), display name (optional).

During use: - Onboarding answers (experience level, trading style, preferred assets, language, timezone) - Journal entries (only what you write yourself) - Saved strategies and alerts (only what you configure) - IP address and user agent (for security: rate limiting, fraud detection, audit logs) - Login timestamps and device fingerprints (security) - Consent records (regulatory)

For billing(Pro/Enterprise): Stripe handles payment details — we never see your card number.

We don't collect: KYC documents, government IDs, social security numbers, exchange account details, on-chain wallet addresses, browsing history outside the app.

Yes — that's your right under GDPR Art. 17 (right to erasure).

Self-service: Settings → Account →Delete account. Soft delete with 30-day grace period, then hard delete or anonymization.

If you want immediate deletion without the grace period, emailprivacy@focsal.comfrom your account email. We process within 30 days as required by GDPR.

Limits to erasure: - Some data must be retained for legal compliance (tax records, anti-fraud logs) — these are anonymized rather than deleted - Stripe billing history follows Stripe's own retention policies and PSD2 / tax law requirements - Aggregated, anonymized statistics (e.g., total users on Pro tier) are kept indefinitely

We'll explain in writing what's deleted and what's retained after processing your request.

We use a small set of processors, each with a DPA in place:

• Stripe— payments, billing, tax (your card details, billing address, tax ID)
• Resend— transactional emails (your email address, message contents)
• Anthropic— AI Analyst prompts (the deterministic report payload + your question; no personal context)
• Sentry— error tracking (technical errors, no PII — PII is filtered before transmission)
• AWS— infrastructure hosting (everything we store)
• Backblaze B2— encrypted backups
• Cloudflare— DNS, DDoS protection, CDN
• Better Stack— uptime monitoring (no user data)
• Cookiebot / equivalent— cookie consent management

We don't sell data to anyone. We don't share data with advertisers. The full processor list with purposes is in our Privacy Policy.

No. We don't sell user data to anyone — full stop.

Our revenue model is straightforward: subscriptions. Free users cost us a little, paid users cover the costs of free users plus margin. We don't need to sell data, and we don't. This is a deliberate design choice.

We also don't use your trading patterns, journal entries, or behavior for any purpose other than delivering and improving the service. Anthropic doesn't train on our Co-Pilot prompts (their default, which we operate under).

Yes. Settings → Privacy →Export my data.

Generates a JSON file containing: - Profile data - Subscription history (plan changes, not Stripe internals) - Journal entries (all of them) - Saved strategies - Configured alerts - Consent log (when, what, IP, version) - Audit log (login history, key actions)

Delivered to your email within 24 hours (large exports can take longer). Format is human-readable JSON, designed to be portable to other tools.

This is your GDPR right under Art. 20 (data portability). No cost, no questions asked.

Primary infrastructure:AWS Europe (Frankfurt) region (eu-central-1). All production databases, application servers, and live data reside in EU jurisdiction.

Backups:Backblaze B2 (EU region), encrypted at rest.

Third-party processors with non-EU presence (Stripe, Anthropic, Sentry, Cloudflare) operate underStandard Contractual Clauses (SCCs)for any data transfer outside the EU, as required by GDPR after Schrems II.

We don't have multi-region deployments yet. As we grow, additional regions (US for latency, APAC for clients) will be evaluated; any expansion will maintain GDPR compliance for EU users.

Three categories:

Necessary(always on, no consent required): - Authentication (refresh token cookie, httpOnly, secure) - CSRF protection - Session state

Analytics(consent required): - Anonymized usage analytics (which features are used, error rates) - Performance monitoring

Marketing: not used. We don't run ad campaigns that require cookies.

The cookie banner on first visit lets you accept all, accept necessary only, or customize. You can change your choice anytime via the cookie preferences link in the footer.

Full list with purposes, providers, and durations in our Cookies Policy.

Only if you explicitly opt in. During signup and in settings you'll find a"Newsletter"opt-in checkbox — unchecked by default.

If you opt in, expect ~1-2 emails per month: product updates, methodology notes, market commentary. No ads, no third-party promotions.

Every marketing email has an unsubscribe link in the footer that works instantly (no "confirm unsubscribe" trap).

Transactional emails (verification, password reset, trial reminders, billing receipts, alerts you've configured) are not marketing — those are sent regardless of newsletter opt-in because they're part of the service.