This policy applies to all users of Their Signals at theirsignals.ai, operated by Otter Tail Heavy Industries LLC. It explains what data we collect, why we collect it, how we store it, and what rights you have over it.
We collect only what we need to deliver the service. Here is the complete picture:
| Data | Stored? | Format | Why |
|---|---|---|---|
| Email address | YES | Encrypted at rest | Signal delivery and account access |
| Tier / subscription status | YES | free / paid / pro | Determine which signals you receive |
| Path preference | YES | Easy / Medium / Hard | Route appropriate signals |
| Signal frequency preference | YES | Integer (1–8 schedule) | Deliver signals on your schedule |
| Ticker symbols | YES | Symbols only (e.g. VOO, KO) | Personalize signals to your holdings |
| Allocation ranges | YES | Ranges only (e.g. $10k–$50k) | Calibrate signal relevance |
| Account numbers | NEVER | Stripped before storage | Not needed, not wanted |
| Institution name | NEVER | Stripped before storage | Not needed, not wanted |
| Legal name | NEVER | — | Never requested or stored |
| Exact dollar amounts | NEVER | Converted to ranges | Ranges are enough; precision is a liability |
| SSN or tax ID | NEVER | — | Never requested under any circumstance |
| Original account statements | NEVER | Deleted immediately after anonymization | We anonymize and discard; we never log originals |
| Payment card data | NEVER | Handled by Stripe | We never see or touch your card details |
We collect data through three channels:
We do not use tracking pixels, advertising cookies, or behavioral analytics. We do not fingerprint your browser or device.
We use your data for one purpose: delivering the service you signed up for.
We do not use your data to build advertising profiles, train AI models on your personal financial information, or sell to third parties under any circumstances.
Your data is stored in a SQLite database on a Mac Mini located at our operator's home office in Columbus, Ohio. It is not stored in a public cloud database service.
The system is accessible via a Cloudflare Tunnel. Cloudflare provides DNS and tunnel services; they do not have access to your stored data.
Email is delivered via Gmail SMTP. Google's servers handle email transit. We do not store copies of sent signal emails beyond what Gmail retains as sent mail.
Payment processing is handled by Stripe. Stripe's privacy policy governs data they collect during payment. We receive confirmation of payment status only — no card details.
The only parties who access your data are:
We use session tokens stored in your browser's local storage to keep you signed in after OTP verification. These are functional only — they are not used for tracking or advertising.
We do not use third-party analytics services (Google Analytics, Mixpanel, etc.). We do not use advertising cookies. We do not participate in ad networks.
If you clear your browser storage, you will need to verify your email again to access your dashboard.
You have the following rights over your data:
To exercise any of these rights, email [email protected]. We will respond within 30 days.
Account deletion removes all stored data associated with your email address. Anonymized aggregate data (not linked to you) may be retained.
We retain your data as long as your account is active. If you cancel or request deletion, your data is removed within 30 days.
We do not retain financial documents or statements beyond the anonymization process. Original documents are deleted immediately after the anonymized result is extracted.
We take security seriously. Our practices include:
No system is perfectly secure. If you discover a security vulnerability, please report it to [email protected] before disclosing publicly. We will respond promptly.
Their Signals is not directed at children under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has provided us with data, contact us and we will delete it promptly.
We may update this policy. When we do, we update the version date above and, for material changes, notify you by email. Your continued use of the service after notice constitutes acceptance.
We will never change our core commitment: we do not sell your data, we do not share it with advertisers, and we store only what we need to serve you.
Privacy questions, data requests, or concerns:
We are a small operation. A real person reads every email.