Home

Privacy Policy

Last updated: 2026-04-29

SignalNews respects your privacy. This policy explains exactly what data we collect, why, and who we share it with — no hidden trackers, no dark patterns.

1. Data we collect

At signup: email address, password (bcrypt-hashed — we never store it in retrievable form), country (optional), language preference.

During use: your interests, watchlist, price alerts, portfolio (quantities and average costs you enter), and notification engagement (open / dismiss / useful / not relevant).

Technical data: IP address, browser/device type, page URLs visited, timestamps. Used to prevent abuse and improve performance.

2. Cookies & tracking

We use cookies and localStorage for:

  • Login (your account JWT token) — strictly necessary
  • Language preference (a cookie named snk_lang) — strictly necessary
  • Google Analytics 4 via Firebase — anonymized usage stats (most-visited pages, conversion rates). You can opt out by setting Do Not Track in your browser; we honor it.

3. Service providers (sub-processors)

We use the following companies to operate the service. All have GDPR-compliant Data Processing Agreements:

  • Hetzner Online GmbH (Germany) — server hosting
  • Resend Inc (United States) — transactional email
  • Stripe Inc (United States) — payment processing. We never see your full card number at any point.
  • Anthropic + Moonshot AI — analyze public news articles only; we do not send your personal data to them.
  • Google (Firebase Analytics + Sentry for errors) — Analytics is anonymized, Sentry collects stack traces stripped of PII.
  • Finnhub + Twelve Data — market prices only, no personal data.

4. International data transfers

Data is primarily stored in the EU (Hetzner Falkenstein, Germany). Some processors (Resend, Stripe, Sentry, Firebase) operate in the US under EU Standard Contractual Clauses.

5. Retention

We keep your data while your account is active. When you delete your account from Settings, data is purged from the primary DB within 24 hours and from backups within 30 days. After that, it cannot be recovered.

6. Your rights (GDPR + equivalents)

  • Access: request a copy of all data we hold on you.
  • Rectification: correct inaccurate data via Settings.
  • Erasure: right to be forgotten — delete your account from Settings.
  • Portability: request a JSON export of your data.
  • Object: opt out of any marketing-purpose processing.
  • Withdraw consent: turn off notification subscriptions any time from Settings.

To exercise: email privacy@signalnews.app. We respond within 30 days.

7. Security

HTTPS via TLS 1.3 for all traffic. Passwords hashed with bcrypt (cost 12). API tokens with sliding 90-day TTL. Encrypted backups.

8. Children

The service is not directed at children under 13. We do not knowingly collect data from them. If you learn a child has submitted data, contact us — we'll delete it.

9. Financial disclaimer

Content is informational only and is not investment advice. Any financial decision is your sole responsibility. See the Terms of Service for details.

10. Changes

For material changes, we email registered users at least 30 days before they take effect. Continued use after the effective date constitutes acceptance.

11. Contact

Privacy questions: privacy@signalnews.app