POLICYSIGNAL

2.1 Information You Provide

• Account registration: Email address, password (stored as a one-way hash), and birth year. Birth year is required for age compliance and is never displayed publicly.
• Profile: Display name and profile photo (optional). These may be visible to other users depending on your visibility settings.
• Zip code: Optional unless required by a specific forum. Used to support geographic analysis by forum managers; never displayed publicly by default.
• Forum contributions: Policy statements, premises, and the reasoning you submit in forums.
• Endorsements and ratings: Which policy statements you have endorsed and how you have rated premises. These are used for aggregated analytics and are not individually attributed to you in manager-facing views.
• Contact form submissions: Any message you send via the contact form, including your email address.

2.2 Information Collected Automatically

• Log data: IP address, browser type, operating system, referring URLs, pages visited, and timestamps when you access the Service.
• Session data: A session token stored in a secure, HTTP-only cookie to keep you signed in.

2.3 Information from Third Parties

We use Stripe to process payments. When you subscribe, Stripe shares with us a customer ID and subscription status. We do not receive or store full payment card numbers. Stripe's privacy practices are governed by Stripe's Privacy Policy.

3.1 To Provide and Operate the Service

• Create and manage your account
• Display your contributions within forums you participate in
• Generate aggregated, anonymized analytics for forum managers
• Process subscription payments and manage your billing status
• Send transactional emails (account verification, password reset, forum invitations)

3.2 AI-Assisted Features

When you use the AI-assisted statement structuring feature, the raw text you submit is sent to a third-party AI provider (currently Anthropic, Inc. or Google LLC, depending on forum configuration) to generate a structured output. We do not permit these providers to use your inputs to train their foundation models. The structured output is returned to you and stored as your contribution if you choose to submit it.

3.3 To Improve the Service

We use aggregated, de-identified usage data to understand how the Service is used and to improve its features and performance. We do not use individual endorsement or premise rating data for this purpose.

3.4 Legal and Safety Purposes

We may use your information to comply with applicable law, respond to lawful requests from public authorities, enforce our Terms of Service, and protect the rights, property, or safety of PolicySignal, our users, or the public.

4.1 With Forum Managers

Forum managers can see aggregated analytics about participation in their forums, including endorsement counts, premise rating distributions, and AI-generated analysis. Managers cannot see which specific user endorsed which statement or how individual users rated individual premises.

If a forum is private and you were invited by email, the manager knows your email address was invited and whether the invitation was accepted.

4.2 With Other Users

Your display name and profile photo (if set) may be visible to other users of forums you participate in, subject to your visibility settings. Your email address is never shown publicly. Your individual endorsements and premise ratings are not publicly attributed to you by name.

4.3 With Service Providers

We share information with third-party vendors who help us operate the Service, including:

• Hosting and infrastructure: Google Cloud Platform (Cloud Run, Cloud SQL, Cloud Storage)
• AI processing: Anthropic, Inc. (Claude) and Google LLC (Gemini) for AI-assisted features
• Email delivery: Resend, Inc. for transactional emails
• Payment processing: Stripe, Inc.
• Caching: Upstash, Inc. for rate limiting and session caching

These providers are authorized to use your information only as necessary to provide services to us and are bound by confidentiality obligations.

4.4 What We Will Never Do

We will never:

• Sell your personal information to any third party
• Share your individual endorsements, premise ratings, or political opinions data with political parties, campaigns, data brokers, advertisers, or government agencies, except as required by law
• Use your email address for unsolicited commercial marketing without your explicit consent

4.5 Business Transfers

If PolicySignal is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.6 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process, such as a court order or subpoena. Where permitted, we will attempt to notify you before disclosing your information in response to such a request.

7.1 Access and Correction

You can view and update your profile information, including your display name, photo, and zip code, from your account settings at any time.

7.2 Account Deletion

You may close your account at any time by contacting us at privacy@policysignal.app. Upon closure, your personal profile data will be deleted or anonymized as described in Section 5.

7.3 Endorsement Changes

You can change or withdraw your endorsements at any time within the Service. There is no record of past endorsements retained once you change them.

7.4 Emails

We send transactional emails necessary to operate your account (verification, password reset, invitations). You cannot opt out of these while your account is active. We do not send marketing emails.

7.5 California Residents

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your personal information, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at privacy@policysignal.app.