Privacy Policy

Last updated: April 7, 2026

1. Information We Collect

When you register for an account, we collect:

• Email address — used for account identification and communication.
• Password — stored as a cryptographic hash. We never store or access your plaintext password.

When you use the API, we automatically collect:

• API request metadata — timestamps, endpoints accessed, and response codes for rate limiting and usage tracking.
• IP address — for security and abuse prevention.

2. How We Use Your Information

• To provide and maintain the Service.
• To enforce rate limits and usage tiers.
• To prevent abuse and maintain security.
• To communicate important updates about the Service.

3. Analytics & Tracking

With your consent, we use Google Analytics 4 to understand how visitors use our website. It collects anonymous usage data such as pages visited, session duration, and general location (country/region). We do not enable Google's advertising features or data sharing with other Google products.

These services only load after you grant consent via our cookie banner. You can withdraw consent at any time by clearing your browser's localStorage for this site.

• We do not sell your personal information.
• We do not share your data with third parties for marketing purposes.
• We do not track your browsing activity across other websites.

4. Data Security

We implement appropriate security measures to protect your information, including:

• Passwords are hashed using industry-standard algorithms.
• API keys are generated using cryptographically secure methods.
• All API traffic is encrypted via HTTPS/TLS.

5. Data Retention

We retain your account information for as long as your account is active. API request logs are retained for operational purposes and automatically purged after 90 days.

6. Your Rights

You may:

• Request access to the personal data we hold about you.
• Request deletion of your account and associated data.
• Rotate or revoke your API keys at any time via the dashboard.

7. Cookies & Local Storage

This website uses cookies only for analytics, and only after you grant consent:

• Google Analytics cookies (_ga, _ga_*) — set after you click "Accept" on the cookie consent banner. Used to distinguish unique visitors and sessions. These cookies expire after 2 years and 24 hours, respectively.

We also use your browser's localStorage (not cookies) for:

• is_analytics_consent — stores your cookie consent preference ("granted" or "denied").
• is_token, is_tier — authentication token and subscription tier for logged-in sessions.

localStorage data is never sent to third parties and stays entirely in your browser.

8. Payment Processing

Subscription payments are processed by Whop Inc., which acts as our merchant of record. When you subscribe to a paid plan:

• Your payment information (card number, billing address) is collected and stored by Whop — we never see or store your full payment details.
• Whop handles billing, tax collection, and remittance on our behalf.
• We receive from Whop: your subscription status, plan, and a membership identifier used to link your payment to your IrrationalSignals account.

Whop's handling of your payment data is subject to Whop's Privacy Policy.

9. Third-Party Services

We use the following third-party services:

• Whop — for payment processing and subscription management. Subject to Whop's Privacy Policy.
• Cloudflare — for website hosting and CDN. Subject to Cloudflare's Privacy Policy.
• Google Analytics — for website usage analytics (consent-gated). Subject to Google's Privacy Policy.
• Google Fonts — for web fonts. Subject to Google's Privacy Policy.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email.

Contact

Privacy questions? Contact us at support@irrationalsignals.com.