Privacy Policy

1. Introduction

SignalCast ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site or service.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us:

• Account Information: Email address, password (encrypted)
• Profile Information: Name (optional), subscription preferences
• Billing Information: Processed securely through Stripe (we do not store credit card numbers)
• Communication Data: Messages you send to us for support or feedback

2.2 Usage Information

We automatically collect certain information about your use of the Service:

• Log Data: IP address, browser type, device information, pages visited
• Usage Data: Podcasts you subscribe to, digests you read, features you use
• Email Engagement: Email open rates, link clicks (aggregated for analytics)
• Performance Data: Error logs, API response times

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide the Service: Generate summaries, send digests, manage your account
• Process Payments: Handle subscriptions and billing through Stripe
• Improve the Service: Analyze usage patterns, fix bugs, develop new features
• Communicate: Send transactional emails, newsletters, product updates
• Support: Respond to your questions and provide customer service
• Security: Detect fraud, abuse, and security incidents
• Compliance: Comply with legal obligations and enforce our terms

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

4.1 Service Providers

We share data with the following trusted service providers under strict data processing agreements:

Data Location: All services process data in USA or EU. For EU users, we ensure Standard Contractual Clauses (SCCs) are in place where required.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different Privacy Policy.

5. Data Retention

We retain your information for as long as necessary to provide you with our Service and as described in this Privacy Policy:

• Account Data: Retained while your account is active and for 90 days after account deletion
• Digest History: Retained for the duration of your subscription plus 90 days
• Billing Records: Retained for 7 years for tax and accounting purposes
• Email Logs: Retained for 180 days for deliverability monitoring
• Usage Analytics: Aggregated data retained indefinitely (non-personally identifiable)

6. Your Data Rights

6.1 Access and Portability

You have the right to access and receive a copy of your personal data. You can export your data in JSON format from your account settings.

6.2 Correction

You can update your account information at any time from your account settings.

6.3 Deletion

You can delete your account and associated data at any time. Some information may be retained in backups for up to 90 days or as required by law.

6.4 Objection and Restriction

You have the right to object to certain uses of your data and request restrictions on processing. Contact us to exercise these rights.

6.5 Email Preferences

You can manage your email preferences in account settings. You can opt out of marketing emails but will continue to receive transactional emails (e.g., password resets, billing notifications).

7. Data Security

We implement appropriate technical and organizational security measures to protect your information:

• Encryption: Data encrypted in transit (TLS/SSL) and at rest
• Authentication: Passwords hashed using bcrypt
• Access Controls: Row-level security policies limit data access
• Payment Security: PCI-DSS compliant payment processing via Stripe
• Monitoring: Automated security monitoring and logging

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

8. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using our Service, you consent to your information being transferred to our facilities and service providers as described in this Privacy Policy.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can delete it.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know whether personal information is sold or disclosed
• Right to say no to the sale of personal information (we do not sell data)
• Right to delete personal information
• Right to non-discrimination for exercising CCPA rights

To exercise these rights, contact us at hello@signalcast.app.

10.1 "Do Not Sell My Personal Information"

However, if you wish to submit a formal "Do Not Sell" request as a California resident, you may:

• Email us at hello@signalcast.app with "CCPA Do Not Sell" in the subject line
• Include your account email address for verification
• Manage data sharing preferences in your account settings

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right of access to your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

Our legal basis for processing your data includes: (1) consent you provide, (2) performance of a contract with you, (3) compliance with legal obligations, and (4) legitimate business interests.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For material changes, we will provide notice via email or a prominent notice on our Service.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

For GDPR-related inquiries, please specify "GDPR Request" in your subject line.