Privacy Policy

Last updated: March 8, 2026

Your privacy is important to us. This Privacy Policy explains in detail how SignalEdge AI collects, uses, stores, shares, and protects your personal information when you visit our website, create an account, or use our services. Please read this policy carefully to understand our practices regarding your data.

1. Introduction and Scope

H4StrategyLabs DOOEL, operating as SignalEdge AI ("Company", "we", "us", or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy applies to all information collected through our website at https://signaledgeai.com, our platform, applications, email communications, and any related services (collectively, the "Service").

By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein. If you do not agree with this policy, please do not use the Service.

This Privacy Policy should be read in conjunction with our Terms of Service and Refund Policy.

2. Data Controller

SignalEdge AI is the data controller responsible for your personal data collected through the Service. For payment-related data, Paddle acts as the Merchant of Record and independent data controller for billing and transaction information.

If you have questions about how your data is processed, contact us at support@signaledgeai.com.

3. Information We Collect

We collect different types of information depending on how you interact with our Service:

3.1 Information You Provide Directly:

  • Account Registration: Full name, email address, and password when you create an account
  • Profile Information: Optional details such as display name, timezone, and notification preferences
  • Communication Data: Information you provide when you contact our support team, submit feedback, or respond to surveys
  • Subscription Preferences: Your chosen plan, alert preferences, and dashboard settings

3.2 Payment Information:

  • All payment and billing information (credit card numbers, billing addresses, tax IDs) is collected and processed directly by Paddle, our Merchant of Record
  • SignalEdge AI does NOT store, process, or have access to your full credit card numbers or payment credentials
  • We receive limited transaction data from Paddle, including: subscription status, plan type, transaction IDs, payment dates, and country of purchase
  • For Paddle's data handling practices, please refer to Paddle's Privacy Policy

3.3 Information Collected Automatically:

  • Device Information: Browser type and version, operating system, screen resolution, device type (desktop/mobile/tablet), and device identifiers
  • Usage Data: Pages visited, features used, buttons clicked, signals viewed, time spent on pages, and navigation paths
  • Log Data: IP address, access timestamps, referring/exit URLs, HTTP request method, and response status codes
  • Location Data: Approximate geographic location derived from your IP address (country and city level only; we do not collect precise GPS location)
  • Session Data: Session duration, frequency of visits, and login/logout timestamps

3.4 Cookies and Similar Technologies:

We use cookies and similar tracking technologies to collect and store information. Cookies are small text files placed on your device by your web browser. We use the following types:

  • Strictly Necessary Cookies: Required for the Service to function properly. These include authentication cookies, session management, and security tokens. These cannot be disabled.
  • Functional/Preference Cookies: Remember your settings and preferences (e.g., dark/light mode, timezone, notification preferences). These enhance your experience but are not essential.
  • Analytics Cookies: Help us understand how users interact with the Service, which pages are most popular, and how users navigate the platform. This data is aggregated and anonymized. These are only set with your consent.
  • Marketing Cookies: Used to track the effectiveness of our marketing campaigns. These are only set with your explicit consent.

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may affect the functionality of the Service. Most browsers allow you to refuse or delete cookies. The methods for doing so vary by browser and version — please consult your browser's help documentation.

4. How We Use Your Information

We use the information we collect for the following purposes:

4.1 Service Delivery and Operations:

  • Providing, operating, and maintaining the Service and its features
  • Processing and managing your subscription
  • Delivering trading signals, alerts, and notifications to your preferred channels
  • Authenticating your identity and managing your account access
  • Providing customer support and responding to your inquiries

4.2 Service Improvement:

  • Analyzing usage patterns and trends to improve the platform's features and user experience
  • Conducting internal research and development
  • Testing and implementing new features, functionality, or services
  • Monitoring and analyzing the performance and reliability of the Service

4.3 Communications:

  • Sending service-related emails (account verification, subscription confirmations, signal alerts, password resets)
  • Notifying you of important changes to the Service, Terms, or policies
  • Sending marketing communications about new features, promotions, or content (only with your opt-in consent, and you can unsubscribe at any time)
  • Responding to support requests and feedback

4.4 Security and Legal:

  • Detecting, preventing, and addressing fraud, unauthorized access, and security incidents
  • Enforcing our Terms of Service and other agreements
  • Complying with applicable laws, regulations, legal processes, and government requests
  • Protecting the rights, property, and safety of SignalEdge AI, our users, and the public

5. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or other jurisdictions that require a legal basis for processing personal data, we rely on the following legal grounds:

  • Performance of Contract (Article 6(1)(b) GDPR): Processing necessary to provide the Service you subscribed to, including account management, signal delivery, and subscription processing
  • Legitimate Interests (Article 6(1)(f) GDPR): Processing necessary for our legitimate interests, including improving the Service, ensuring security, preventing fraud, and conducting analytics — provided these interests are not overridden by your rights and freedoms
  • Consent (Article 6(1)(a) GDPR): Processing based on your explicit consent, including analytics cookies, marketing communications, and optional data processing. You may withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal
  • Legal Obligation (Article 6(1)(c) GDPR): Processing necessary to comply with legal obligations, such as tax regulations, fraud prevention requirements, and responding to legal requests

6. Data Sharing and Disclosure

We do NOT sell, rent, or trade your personal data to third parties for marketing purposes.

We may share your information with the following categories of recipients, solely for the purposes described in this policy:

6.1 Payment Processor:

  • Paddle (Merchant of Record): Paddle processes all payments, handles billing, calculates applicable taxes, and manages subscription transactions. Paddle receives your payment information directly and acts as an independent data controller for that data. See Paddle's Privacy Policy.

6.2 Service Providers:

  • Cloud Infrastructure Providers: For secure hosting, data storage, and computing resources (servers are located in regions compliant with applicable data protection laws)
  • Email Service Providers: For delivering transactional emails, signal notifications, and marketing communications (with your consent)
  • Analytics Providers: For aggregated, anonymized analysis of Service usage patterns (no personally identifiable information is shared)
  • Security Services: For fraud detection, DDoS protection, and security monitoring

All service providers are contractually obligated to protect your data and may only process it on our behalf and in accordance with our instructions.

6.3 Legal and Compliance:

  • We may disclose your information if required to do so by law, regulation, legal process, or governmental request
  • We may disclose information if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others
  • We may share information in connection with an investigation of fraud, intellectual property infringement, or other illegal activity

6.4 Business Transfers:

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service of any change in ownership or use of your personal data.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from the laws of your jurisdiction.

When we transfer personal data outside of the EEA or UK, we ensure adequate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data processing agreements with all service providers
  • Transfers to countries recognized as providing an adequate level of data protection

You may request a copy of the safeguards we use by contacting us at support@signaledgeai.com.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected. Specific retention periods:

  • Account Data: Retained for as long as your account is active. After account deletion or subscription cancellation, data is retained for up to 90 days before permanent deletion
  • Transaction Records: Retained for up to 7 years as required by tax and accounting regulations
  • Usage and Analytics Data: Aggregated, anonymized usage data may be retained indefinitely for analytics and Service improvement. Identifiable usage data is deleted after 24 months of account inactivity
  • Communication Records: Support tickets and correspondence are retained for up to 3 years for quality assurance and legal purposes
  • Log Data: Server logs are retained for up to 12 months for security and debugging purposes
  • Cookie Data: Session cookies expire when you close your browser. Persistent cookies have varying expiration periods (typically 30 days to 12 months)

After the applicable retention period, personal data is securely deleted or anonymized so it can no longer be linked to you.

9. Data Security

We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it, including:

  • Encryption: All data transmitted between your device and our servers is encrypted using TLS 1.2+ (SSL). Data stored on our servers is encrypted at rest using AES-256 encryption
  • Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis. Multi-factor authentication is enforced for all administrative access
  • Authentication: Passwords are hashed using industry-standard algorithms. We support and encourage the use of strong, unique passwords
  • Infrastructure Security: Our hosting environment is secured with firewalls, intrusion detection systems, and regular vulnerability scanning
  • Monitoring: We continuously monitor for security incidents, unauthorized access attempts, and suspicious activity
  • Employee Training: All team members receive regular training on data protection and security best practices
  • Incident Response: We have a documented incident response plan to address potential data breaches promptly and effectively

While we implement robust security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly addressing any security incident and notifying affected users as required by applicable law.

10. Your Rights and Choices

Depending on your jurisdiction, you have certain rights regarding your personal data. These may include:

10.1 For All Users:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete personal data
  • Deletion: Request deletion of your personal data (subject to legal retention obligations)
  • Unsubscribe: Opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or contacting us
  • Cookie Preferences: Manage cookie settings through your browser or our cookie consent banner

10.2 Additional Rights for EEA/UK Users (GDPR):

  • Data Portability: Request your personal data in a structured, commonly used, machine-readable format (e.g., CSV or JSON)
  • Restriction: Request restriction of processing of your personal data under certain circumstances
  • Objection: Object to the processing of your personal data based on legitimate interests
  • Automated Decision-Making: Right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. Note: Our AI-generated signals are informational tools — they do not make decisions on your behalf
  • Withdraw Consent: Withdraw consent for any processing based on consent at any time, without affecting the lawfulness of processing before withdrawal
  • Complaint: Lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated

10.3 For California Residents (CCPA/CPRA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do NOT sell personal information, so no opt-out is necessary
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights

How to Exercise Your Rights:

To exercise any of the above rights, contact us at support@signaledgeai.com. We will respond to verified requests within 30 days (or as required by applicable law). We may ask you to verify your identity before processing your request.

11. Third-Party Links and Services

The Service may contain links to third-party websites, services, or applications that are not operated by us. We are not responsible for the privacy practices, content, or security of any third-party service. We strongly encourage you to review the privacy policies of any third-party service before providing your personal information.

Third-party services we may link to or integrate with include:

  • Paddle (payment processing)
  • Social media platforms
  • Financial data providers
  • Help center and documentation platforms

12. Children's Privacy

The Service is not intended for, directed at, or designed to attract individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from children.

If we become aware that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete that data. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@signaledgeai.com.

13. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Due to the lack of a uniform standard for interpreting DNT signals, our Service does not currently respond to DNT signals. However, you can control tracking through your cookie preferences and browser settings as described in Section 3.4.

14. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach (where required by GDPR)
  • Notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Document the breach, its effects, and remedial actions taken
  • Take immediate steps to contain and mitigate the breach

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  • We will update the "Last updated" date at the top of this page
  • We will notify registered users via email at least 14 days before material changes take effect
  • We will post a prominent notice on the Service
  • For significant changes, we may seek your renewed consent where required by law

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated policy.

16. Contact Us

If you have any questions, concerns, requests, or complaints about this Privacy Policy, our data practices, or your personal data, please contact us:

Email: support@signaledgeai.com

Company: H4StrategyLabs DOOEL (operating as SignalEdge AI)

Website: https://signaledgeai.com

We aim to respond to all privacy-related inquiries within 2 business days. For formal data subject requests (access, deletion, portability), we will respond within 30 days as required by applicable law.

If you are in the EEA or UK and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.