Privacy Policy

1. Introduction & Data Controller

StrikeSignalAI ("we," "our," or "us") is committed to protecting your privacy and ensuring compliance with global data protection laws. We provide trading signal services and educational content related to financial markets.

Data Controller Information:

Company: StrikeSignalAI
Contact: privacy@strikesignalai.com
Data Protection Officer: dpo@strikesignalai.com
Address: [Your Business Address]

2. Information We Collect

2.1 Personal Information

Account Data: Name, email address, phone number, billing address
Financial Information: Payment details, subscription status, trading preferences
Identity Verification: Government ID, proof of address (for compliance with financial regulations)
Communication Records: Support tickets, emails, chat logs

2.2 Technical Information

Device Data: IP address, browser type, operating system, device identifiers
Usage Analytics: Page views, click patterns, session duration, feature usage
Cookies & Tracking: Session cookies, preference cookies, analytics cookies
Location Data: General geographic location (country/region level)

2.3 Trading & Signal Data

Signal Preferences: Asset classes, risk tolerance, notification settings
Performance Metrics: Signal accuracy tracking, user engagement data
Educational Progress: Course completion, quiz results, learning preferences

3. Legal Basis for Processing (GDPR)

Data Type	Legal Basis	GDPR Article
Account & Service Data	Contract Performance	Article 6(1)(b)
Marketing Communications	Consent	Article 6(1)(a)
Analytics & Improvement	Legitimate Interest	Article 6(1)(f)
Financial Compliance	Legal Obligation	Article 6(1)(c)

4. How We Use Your Information

4.1 Service Provision

Deliver trading signals and educational content
Process payments and manage subscriptions
Provide customer support and technical assistance
Customize user experience and dashboard preferences

4.2 Financial Compliance

Verify user identity and prevent fraud (KYC/AML requirements)
Comply with FINRA, SEC, FCA, and international financial regulations
Maintain audit trails for regulatory reporting
Monitor for suspicious trading patterns or market manipulation

4.3 Analytics & Improvement

Analyze platform usage to improve services
Track signal performance and accuracy
Conduct A/B testing for feature optimization
Generate anonymized market research insights

5. Information Sharing & Third Parties

5.1 Service Providers

Google Analytics: Website analytics and user behavior tracking
Google AdSense: Advertising services and revenue optimization
Firebase/Firestore: Database hosting and authentication services
Stripe: Payment processing and subscription management
SendGrid: Email delivery and communication services
Vercel: Website hosting and content delivery

5.2 Legal Disclosures

We may disclose your information when required by law, including:

Regulatory investigations by financial authorities
Court orders and legal proceedings
Anti-money laundering (AML) compliance
National security or public safety requirements

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

6. International Data Transfers

Your data may be processed in countries outside your residence, including the United States. We ensure adequate protection through:

Standard Contractual Clauses (SCCs): EU-approved data transfer mechanisms
Adequacy Decisions: Transfers to countries with adequate data protection
Binding Corporate Rules: Internal data protection standards
Certification Programs: Privacy Shield successors and equivalent frameworks

7. Security Measures

We implement comprehensive security measures to protect your personal information:

Encryption: All data transmitted using TLS 1.3 encryption
Access Controls: Role-based access with multi-factor authentication
SOC 2 Compliance: Annual security audits and certifications
Data Minimization: We collect only necessary information
Regular Updates: Security patches and system updates
Incident Response: 24/7 monitoring and breach notification procedures
Financial Grade Security: Bank-level security standards for trading data

8. Data Retention

Retention Periods:

Account Data: 7 years after account closure (financial regulation requirement)
Transaction Records: 7 years (FINRA/SEC requirement)
Marketing Data: Until consent withdrawal + 30 days
Analytics Data: 26 months (Google Analytics standard)
Support Records: 3 years after case closure
Audit Logs: 7 years (compliance requirement)

9. Your Privacy Rights

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your data ("right to be forgotten")
Portability: Receive your data in a machine-readable format
Restriction: Limit how we process your data
Objection: Object to processing based on legitimate interests
Withdraw Consent: Revoke consent for marketing or analytics

9.2 CCPA Rights (California Residents)

Know: What personal information we collect and how it's used
Delete: Request deletion of your personal information
Opt-Out: Opt out of the sale of personal information
Non-Discrimination: Equal service regardless of privacy choices

8.3 Exercising Your Rights

To exercise your privacy rights, contact us at:

Email: privacy@strikesignalai.com
Data Subject Request Form: [Link to form]
Response Time: 30 days (GDPR) / 45 days (CCPA)
Identity Verification: Required for security purposes

9. Cookies & Tracking Technologies

9.1 Cookie Categories

Strictly Necessary: Essential for site functionality and security
Performance: Analytics and site improvement (Google Analytics)
Functional: Remember preferences and settings
Targeting: Personalized advertising (Google AdSense)

9.2 Cookie Management

You can manage cookie preferences through:

Our cookie consent banner (first visit)
Privacy settings in your account dashboard
Browser settings and extensions
Industry opt-out tools (NAI, DAA)

10. Security Measures

We implement industry-standard security measures to protect your data:

Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
Access Controls: Role-based permissions and multi-factor authentication
Infrastructure: SOC 2 compliant cloud providers (Google Cloud, Vercel)
Monitoring: 24/7 security monitoring and incident response
Audits: Regular security assessments and penetration testing
Staff Training: Regular privacy and security training for employees

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Financial Services Disclosures

Important Financial Disclaimers:

Educational Purpose: Our signals are for educational purposes only
Risk Warning: Trading involves substantial risk of loss
No Investment Advice: We do not provide personalized investment advice
Regulatory Compliance: Subject to FINRA, SEC, and international oversight
Performance Disclosure: Past performance does not guarantee future results

13. Updates to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of material changes through:

Email notification to registered users
Prominent notice on our website
In-app notifications for mobile users
30-day advance notice for material changes

14. Contact Information

Privacy Contact Details:

General Privacy Inquiries

privacy@strikesignalai.com

Data Protection Officer

dpo@strikesignalai.com

Security Issues

security@strikesignalai.com

Compliance Hotline

+1 (555) 123-4567

15. Supervisory Authorities

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority:

EU: Your national Data Protection Authority
UK: Information Commissioner's Office (ICO)
California: California Attorney General's Office
Canada: Office of the Privacy Commissioner