Privacy Policy

This policy applies to the ArcSignals website, dashboard, and related services that link to it. It does not cover third-party services you access via links (e.g., Stripe’s checkout pages), which have their own policies.

• Account & Profile: name (if provided), email, user ID, subscription/credit status, and preferences.
• Authentication: session identifiers, tokens, timestamps, and related metadata to keep you signed in.
• Billing: handled by Stripe. We receive limited data (e.g., customer ID, plan, payment status) but do not store full card details.
• Uploads & Inputs: images/charts you upload and text fields you provide to generate reports.
• Generated Output: analysis PDFs and related metadata.
• Usage & Device Info: IP address, device/browser type, pages visited, and basic logs for security and troubleshooting.
• Cookies & Local Storage: essential cookies for authentication, session continuity, and Stripe checkout functionality.

• Provide the Service and generate reports you request (contract performance).
• Process payments and manage subscriptions/credits (contract performance).
• Secure accounts, prevent abuse, and troubleshoot (legitimate interests/security).
• Communicate important updates about the Service (legitimate interests/contract).
• Comply with legal obligations (tax, bookkeeping, fraud prevention, sanctions).

We keep personal data only as long as necessary for the purposes described above: account data while you maintain an account; billing records per statutory retention; uploads/outputs until deleted by you or per our operational retention schedules and backups. Backup copies are cycled out on a schedule.

• Stripe – payments, invoicing, subscription management.
• Supabase – database, authentication, storage of uploads/outputs.
• Hosting/CDN providers – serve the app securely and reliably.

We do not sell your personal data. Service providers act under agreements that limit processing to our instructions and apply appropriate safeguards.

Where data is transferred outside your jurisdiction, we rely on appropriate safeguards (e.g., EU Standard Contractual Clauses) with our processors, as applicable.

We apply technical and organizational measures appropriate to the risks of the Service, including access controls, encryption in transit, and least-privilege practices with our providers. No method is 100% secure; report concerns to us immediately.

• Access, rectification, deletion, and portability of your personal data.
• Restriction or objection to certain processing (e.g., legitimate interests).
• Complaint to a supervisory authority where applicable.

• Update account info and manage subscriptions in your dashboard.
• Delete uploads/outputs or request account/data deletion by contacting us.
• Control cookies via your browser (note: essential cookies are required for login/checkout).

The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child provided data, contact us for deletion.

We may update this Policy from time to time. Material changes will be announced on the website or by email where appropriate.

Data controller: ArcSignals. Questions or requests? Email Arcsignals@hotmail.com.