This Privacy Policy explains how FiduciarySignal (the “Service”) handles your information. The Service is made available at four01k-advisor-line-report-card.onrender.com and through its mobile applications.
We do not collect passwords, location, contacts, or device identifiers. We do not use third-party advertising or analytics SDKs. The Service is currently free during a trial period. If we introduce paid plans in the future, payments will be processed by a PCI-compliant processor (such as Stripe); we will update this Policy before any such collection begins and we will never store full card numbers ourselves.
We do not sell, rent, or trade your information. We do not share it with advertisers or data brokers.
We set a single session cookie when you sign in. It is HttpOnly, Secure, and uses SameSite=Lax. The cookie expires after 30 days of inactivity or when you sign out. Our service worker may cache the application shell and public reference content on your device to enable offline use; this cache contains no personal information.
We retain your email address for as long as your account is active. Sign-in tokens expire 15 minutes after they are issued and cannot be reused. You may request deletion of your account at any time (see section 8).
The Service is intended for retirement plan professionals and is not directed to individuals under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with information, please contact us and we will delete it.
California residents (CCPA/CPRA). You have the right to know what personal information we have collected about you, to request its deletion, and to not be discriminated against for exercising these rights. We do not sell or share personal information for cross-context behavioral advertising.
EEA, UK, and Swiss residents (GDPR/UK GDPR). You have the right to access, correct, delete, restrict, or port your personal data, and to object to processing. The lawful basis for processing your email is your consent (when you request a sign-in link) and our legitimate interest in operating the Service.
To request access to or deletion of your data, or for any privacy question, email cdanielswpb@gmail.com. We will respond within 30 days.
We use HTTPS for all traffic, hash and sign sign-in tokens with a server-side secret, and apply standard hardening to session cookies. No system is perfectly secure; if we become aware of a breach affecting your information, we will notify you in accordance with applicable law.
We may update this Privacy Policy from time to time. Material changes will be indicated by updating the “Last updated” date above. Continued use of the Service after a change indicates acceptance of the updated policy.