Privacy Policy

This Privacy Policy explains how FaithScreener ("we," "us," or "our") collects, uses, discloses, and safeguards information when you visit faithscreener.com or use the FaithScreener Service. Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

This Privacy Policy is designed to comply with the European Union General Data Protection Regulation (GDPR), the United Kingdom Data Protection Act 2018, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), and other applicable data protection laws.

Information you provide directly: When you create an account, we collect your email address, your password (stored as a cryptographic hash, never in plaintext), and your name if you choose to provide it. When you upgrade to a Pro subscription, our payment processor Stripe collects your billing information. We do not store full credit card numbers on our servers.

Information generated by your use of the Service: We log your IP address, browser type, operating system, referring URL, pages visited, time spent on each page, screening queries you run, watchlists you create, and compliance alerts you set up. This information is used for analytics, fraud prevention, and improving the Service.

Cookies and similar technologies: We use cookies and local storage to maintain your session, remember your preferences, and analyze usage patterns. You can disable cookies in your browser settings, though some features of the Service may not function properly as a result.

Third-party analytics: We use Google Analytics 4 and Microsoft Clarity to understand how visitors interact with the Service. These services may collect information about your device, browser, and behavior on our site. You can opt out of Google Analytics by installing the Google Analytics opt-out browser add-on.

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data on the following legal bases:

• Contract: Processing necessary to provide the Service you have signed up for, including account creation, screening, alerts, and billing
• Legitimate interests: Improving the Service, preventing fraud, ensuring security, and conducting analytics, balanced against your privacy rights
• Consent: Where required, such as for marketing communications or non-essential cookies, which you may withdraw at any time
• Legal obligation: Compliance with applicable laws, including tax, accounting, and law enforcement requests

We use the information we collect to:

• Provide, operate, and maintain the Service
• Process your subscription, payments, and renewals
• Send compliance alert emails when stocks you monitor change status
• Send transactional emails such as account verification, password reset, and billing receipts
• Respond to your inquiries and provide customer support
• Improve and personalize the Service
• Detect, prevent, and address technical issues, fraud, and abuse
• Comply with legal obligations and enforce our Terms and Conditions

We do not sell, rent, or trade your personal data to third parties. We share information only in the following limited circumstances:

• Service providers: We use trusted third-party service providers to operate the Service, including Stripe (payment processing), Cloudflare (content delivery and DDoS protection), Hetzner (hosting infrastructure), Google Analytics and Microsoft Clarity (analytics), and Google Workspace (email delivery via SMTP). These providers are bound by data processing agreements and may only use your data to provide services to us.
• Legal compliance: We may disclose information when required by law, subpoena, court order, or other legal process, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers: If FaithScreener is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you by email and on the Service before such transfer occurs.
• With your consent: We may share information with third parties when you give us explicit consent to do so.

We retain your account information for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except for information we are required to retain for legal, tax, accounting, or fraud prevention purposes. Anonymized analytics data may be retained indefinitely.

Backups are retained for up to 90 days for disaster recovery purposes, after which deleted data is purged from backups in the normal rotation.

We implement industry-standard security measures to protect your information, including encrypted data transmission via TLS, encrypted storage of sensitive credentials, password hashing using bcrypt, JSON Web Tokens for session management, and access controls limiting who within FaithScreener can access user data. However, no system is completely secure, and we cannot guarantee the absolute security of your information.

If we become aware of a data breach affecting your personal information, we will notify you by email within 72 hours of discovery, in accordance with applicable data protection laws.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to access: Request a copy of the personal data we hold about you
• Right to rectification: Correct inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data, subject to legal retention requirements
• Right to restrict processing: Limit how we use your data in certain circumstances
• Right to data portability: Receive your data in a structured, machine-readable format
• Right to object: Object to processing based on legitimate interests, including direct marketing
• Right to withdraw consent: Where processing is based on consent, withdraw that consent at any time
• Right to lodge a complaint: File a complaint with your local data protection authority

To exercise any of these rights, please email us at [email protected]. We will respond within 30 days.

California residents have specific rights under the CCPA and CPRA, including the right to know what personal information we collect, the right to delete personal information, the right to correct inaccurate personal information, the right to opt out of the sale or sharing of personal information, and the right to non-discrimination for exercising these rights.

We do not sell personal information as defined by the CCPA. To exercise your California privacy rights, please email [email protected] with the subject line "California Privacy Rights Request."

FaithScreener is operated from servers located in the European Economic Area. If you access the Service from outside the EEA, your information may be transferred to, stored, and processed in the EEA or in other countries where our service providers operate. Where personal data is transferred outside the EEA to countries without an adequacy decision, we rely on Standard Contractual Clauses approved by the European Commission.

The Service is not directed to children under the age of 18, and we do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us at [email protected], and we will delete such information promptly.

We use the following types of cookies:

• Essential cookies: Required for the Service to function, including authentication tokens stored in localStorage
• Analytics cookies: Used by Google Analytics and Microsoft Clarity to measure usage patterns
• Functional cookies: Remember your preferences such as your selected market or screening framework

You can manage your cookie preferences through your browser settings. Disabling essential cookies will impair the functionality of the Service.

We may send you transactional emails relating to your account, alerts you have configured, and important Service announcements. You cannot opt out of these as they are necessary to provide the Service. We will not send you marketing emails without your explicit opt-in consent. If we do send marketing communications and you wish to unsubscribe, every such email contains an unsubscribe link.

We reserve the right to update this Privacy Policy at any time. Material changes will be communicated to you by email or by a prominent notice on the Service prior to taking effect. The "Last updated" date at the top of this page reflects when this Privacy Policy was last revised.

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at [email protected].