Privacy Policy

1. Overview

This Privacy Policy describes how Mitchell Magid (“we,” “us,” or “our”) collects, uses, and protects information when you use Footnote (“Service”). We collect only what is necessary to operate the Service.

2. Information We Collect

• Account information: Your email address and authentication method (email/password or Google OAuth), collected via Clerk.
• Watchlist data: The ticker symbols you add to your watchlist and your alert threshold settings.
• Payment information: Billing is handled entirely by Stripe. We store only your Stripe customer ID and subscription status. We never see or store your card details.
• Usage data: Standard server logs (IP address, browser type, pages visited) for security and debugging purposes.

3. How We Use Your Information

• To provide and operate the Service
• To send you filing alert emails based on your watchlist and threshold settings
• To process payments and manage your subscription
• To respond to support requests
• To detect and prevent fraud or abuse

We do not sell your personal information. We do not use your data for advertising.

4. Third-Party Services

We use the following third-party services to operate Footnote. Each has its own privacy policy governing how they handle your data:

• Clerk: authentication and user management. Privacy policy →
• Stripe: payment processing. Privacy policy →
• Resend: transactional email delivery. Privacy policy →
• Supabase: database storage. Privacy policy →
• Vercel: hosting and infrastructure. Privacy policy →

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law (e.g., payment records).

6. Your Rights

You may at any time:

• Access the personal data we hold about you
• Request correction or deletion of your data
• Cancel your subscription and close your account
• Opt out of email alerts by removing tickers from your watchlist

To exercise any of these rights, email mitchell.magid@gmail.com.

7. Security

We use industry-standard security practices including HTTPS encryption, secure authentication via Clerk, and access-controlled database storage via Supabase. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email. Continued use of the Service after changes constitutes acceptance of the updated policy.

9. Contact

Privacy questions or data requests: mitchell.magid@gmail.com