Kledon is a small product team building a daily ETF brief for long-horizon retail investors. We're based in Greece, and we're the data controller for everything described below.
The operating entity is in the process of being incorporated in Greece. Until then Kledon is run by its founder, who acts as the data controller. You can reach us any time at hello@kledon.app.
This policy covers our marketing site (kledon.app) and the Kledon iOS & Android apps once they launch. It does not cover anything you read at the news outlets we link to — those are governed by their own policies.
Kledon is built for adults making their own investment decisions — you must be 18 or older to sign up.
If you'd rather skim than read, the TL;DR card above is honest. If you want the line-by-line, keep going.
We try to collect as little as possible. Here's the full list, and whether it's required for the product to work or optional.
Usage analytics. We collect anonymous, first-party information about how the Kledon app is used — which screens are viewed and which actions are taken (for example, adding a ticker or opening a daily read) — to understand where people get stuck and to improve the product. This data is stored on our own EU-hosted infrastructure, is never sold or shared with third parties, and you can turn it off any time under Settings → Privacy.
Under GDPR we need a legal basis for each kind of processing. Ours boils down to two:
We do not run ads, we do not sell ads, and we do not use your data to train external models. The summaries inside Kledon are generated from public news — never from your personal data.
If you're in the EU/EEA, UK, or Switzerland, GDPR gives you a set of rights over your data. Most of them are reasonable everywhere else too, and we honour them globally.
Ask for a copy of everything we store about you. We'll send it as a JSON file within 30 days.
Most fields you can edit in Settings yourself. For anything you can't reach, just email us.
One tap in Settings → Delete account, or one email. Everything is purged within 7 days; backups within 30.
Your data export comes as machine-readable JSON. Move it wherever you want, no lock-in.
We process very little under legitimate interest, and our analytics are anonymous. If you still want to object, email us — the product keeps working.
If we've done something wrong, the Hellenic Data Protection Authority (dpa.gr) is your supervisor.
To exercise any of these, email hello@kledon.app from the address tied to your account. We answer within seven days, usually faster.
The shortest possible time that still makes the product useful.
Standard practice, nothing exotic: TLS everywhere, secrets in a managed vault, database encrypted at rest, principle of least privilege on the backend. Sign-in is passwordless — magic links and Apple/Google sign-in — so there's no password for anyone to steal or for us to leak. Two people on the team have production access; everything they do is logged.
If something does go wrong and your data is exposed, we'll email you within 72 hours of becoming aware of it — alongside the regulator, as the law requires.
If we materially change this policy — adding a subprocessor, collecting a new field, changing a retention window — we'll email everyone on the list and put a banner on the home page for 30 days. Cosmetic edits (fixing a typo, restructuring a paragraph) don't get an email.
Privacy questions, GDPR requests, suspected breaches, anything else — write to hello@kledon.app. There's a human on the other end. We answer within seven days, usually within one.
Last updated 27 May 2026. Effective immediately for all new signups; existing users notified by email.
We're a small team and we read every email. Ask anything — what we store, why, how to get rid of it. We answer within a day.