Privacy Policy

We collect the following categories of information: (a) Account information provided through Discord OAuth: your Discord username, email address, avatar, and Discord user ID; (b) Payment information processed through Stripe: your name, billing address, and payment method details (we do not store full credit card numbers; Stripe handles all payment processing); (c) Usage data: pages viewed, features used, signals accessed, search queries, and interaction timestamps; (d) Device and technical data: IP address, browser type, operating system, and referring URLs; (e) Watchlist and preference data: tickers you track, notification settings, and dashboard preferences.

We use collected information to: (a) provide and maintain the Service, including signal delivery, dashboard access, and Discord alerts; (b) process subscription payments and manage billing through Stripe; (c) send transactional communications (subscription confirmations, billing receipts, service alerts); (d) improve the Service through usage analytics and feature prioritization; (e) enforce our Terms of Service and prevent fraud or abuse; (f) comply with legal obligations.

Open Alpha does not sell, rent, or trade your personal information to third parties for marketing purposes. We do not share your data with data brokers. We do not use your personal information for targeted advertising. Period.

We share limited data with trusted service providers who help us operate the Service: (a) Stripe processes payments and stores payment method details under their own privacy policy; (b) Supabase provides database hosting and authentication services; (c) Discord provides OAuth authentication and community features; (d) Hetzner provides server hosting infrastructure located in the United States. These providers only receive the minimum data necessary to perform their services and are contractually required to protect your data.

We use essential cookies required for authentication and session management. We use a minimal analytics approach: basic page view tracking to understand which features are used. We do not use third-party advertising cookies. We do not use Facebook Pixel, Google Ads, or similar advertising tracking technologies. You can disable cookies in your browser settings, but this may prevent you from using certain features of the Service.

We retain your account data for as long as your account is active. If you cancel your subscription, we retain your account data for 90 days in case you wish to resubscribe, after which it is deleted. Usage analytics data is retained in aggregate (non-personally identifiable) form indefinitely. Payment records are retained as required by tax and financial regulations (typically 7 years). You may request deletion of your data at any time by contacting us.

We implement industry-standard security measures to protect your data: (a) all data in transit is encrypted via HTTPS/TLS; (b) database access is restricted through Row Level Security (RLS) policies; (c) API keys and secrets are stored in environment variables, never in source code; (d) server access is restricted to SSH key authentication only; (e) payment processing is handled entirely by Stripe (PCI DSS compliant). While we take security seriously, no method of electronic transmission or storage is 100% secure.

You have the right to: (a) access your personal data by contacting us; (b) correct inaccurate information in your account settings; (c) delete your account and associated data; (d) export your data in a machine-readable format; (e) opt out of non-essential communications; (f) withdraw consent for data processing at any time (which may require account closure). To exercise these rights, contact us at openalphahq@gmail.com.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA): (a) Right to Know: you may request disclosure of the categories and specific pieces of personal information we have collected; (b) Right to Delete: you may request deletion of your personal information; (c) Right to Opt-Out: we do not sell personal information, so this right is automatically satisfied; (d) Right to Non-Discrimination: we will not discriminate against you for exercising your CCPA rights. To exercise these rights, email openalphahq@gmail.com with the subject line "CCPA Request."

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have collected data from a user under 18, we will delete it promptly. If you believe a minor has provided us with personal information, please contact us immediately.

For privacy questions, data requests, or concerns, contact us at openalphahq@gmail.com. Open Alpha HQ, LLC is based in Longview, Washington. We may update this Privacy Policy from time to time. Material changes will be communicated via email or dashboard notification. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.