Legal
Privacy Policy
Effective Date: April 10, 2026 | Last Updated: April 10, 2026
ArtinFox Signal Intelligence ("ArtinFox," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services (collectively, the "Service"). Please read it carefully.
1. Information We Collect
1.1 Information You Provide
- Account Information: When you register, we collect your email address and a hashed password. We never store plaintext passwords.
- Payment Information: If you subscribe to a paid plan, payment details (credit card number, billing address) are collected and processed directly by our payment processor, Stripe. We do not store your full card number on our servers. We retain only a Stripe customer ID and subscription ID for account management.
- Portfolio & Preferences: Assets you add to your watchlist, onboarding preferences, and alert settings.
- Communications: If you contact us via email, we may retain the correspondence.
1.2 Information Collected Automatically
- Log Data: IP address, browser type, operating system, referring URL, pages visited, and timestamps.
- Session Data: Authentication tokens and session identifiers needed to keep you logged in.
- Device Information: Device type, screen resolution, and language preference.
1.3 Information from Third Parties
We do not purchase personal data from data brokers. We may receive limited information from our payment processor (e.g., subscription status) to manage your account.
2. How We Use Your Information
| Purpose | Legal Basis |
|---|
| Provide and operate the Service | Performance of contract |
| Authenticate your identity and manage sessions | Performance of contract |
| Process subscription payments via Stripe | Performance of contract |
| Send transactional emails (password resets, billing receipts) | Performance of contract |
| Detect and prevent fraud, abuse, and security threats | Legitimate interest |
| Monitor and improve Service performance | Legitimate interest |
| Enforce our Terms of Service | Legitimate interest |
| Comply with legal obligations | Legal obligation |
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
3. Cookies & Local Storage
We use browser local storage (not tracking cookies) to store your authentication token and user preferences (e.g., tier, theme). We do not use third-party advertising cookies. If we integrate analytics in the future, we will update this policy and provide opt-out options.
4. Data Sharing & Disclosure
We may share your information only in the following circumstances:
- Payment Processor: Stripe receives your payment data to process transactions. See Stripe's Privacy Policy.
- Legal Compliance: When required by law, subpoena, court order, or governmental request.
- Safety & Security: To protect the rights, property, or safety of ArtinFox, our users, or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the successor entity.
5. Data Retention
- Account Data: Retained for as long as your account is active. Upon account deletion, personal data is removed within 30 days, except where retention is required by law.
- Session Logs: IP addresses and session data are retained for up to 90 days for security purposes and then automatically purged.
- Payment Records: Transaction records are retained as required by applicable tax and financial regulations.
6. Data Security
We implement industry-standard security measures to protect your data, including:
- Passwords are hashed using bcrypt with per-user salts.
- Authentication tokens are signed JWTs with expiration.
- All data in transit is encrypted via HTTPS/TLS.
- Account lockout after repeated failed login attempts.
- Admin audit logging for all privileged operations.
No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
7. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate data.
- Deletion: Request deletion of your personal data ("right to be forgotten").
- Portability: Request your data in a portable, machine-readable format.
- Objection: Object to processing based on legitimate interest.
- Withdrawal of Consent: Where processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
8. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected data from a minor, we will promptly delete it.
9. International Users
The Service is operated from the United States. If you access the Service from outside the United States, your data may be transferred to and processed in the United States. By using the Service, you consent to this transfer.
10. Third-Party Links
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a revised "Last Updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.
12. California Privacy Rights (CCPA / CPRA)
This section applies to California residents and is provided in compliance with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).
We Do Not Sell or Share Your Personal Information
ArtinFox does not sell, rent, trade, or share your personal information with third parties for monetary or other valuable consideration — and we never will. We do not share personal information for cross-context behavioural advertising. There is nothing to opt out of because this practice does not occur.
Your California Rights
As a California resident, you have the following rights under the CCPA/CPRA:
- Right to Know: You may request a copy of the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for collecting it, and the categories of third parties with whom it is shared.
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions (e.g., information needed to complete a transaction, comply with a legal obligation, or detect fraud).
- Right to Correct: You may request correction of inaccurate personal information we hold about you.
- Right to Opt-Out of Sale or Sharing: Not applicable — we do not sell or share personal information. No opt-out mechanism is required.
- Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by the CPRA beyond what is necessary to provide the Service (e.g., account credentials for authentication).
- Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights. Exercising your privacy rights will not affect your access to the Service, pricing, or quality of service.
Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of personal information:
- Identifiers (email address, IP address, device identifiers)
- Account credentials (hashed password)
- Commercial information (subscription plan, payment status via Stripe)
- Internet activity (pages visited, session duration)
- User preferences (watched assets, alert settings)
We have not sold or shared any of these categories with third parties for commercial purposes.
How to Submit a California Privacy Request
To exercise any of your California rights, contact us at [email protected] with the subject line "California Privacy Request." We will verify your identity and respond within 45 days as required by law (extendable by an additional 45 days with notice).
13. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us at:
Email: [email protected]