Privacy Policy
This Privacy Policy describes how SPXSlayers LLC (“we,” “us,” or “Chippie”) collects, uses, shares, and protects information about you when you use the Chippie AI service at chippieai.com and related applications (the “Service”).
By using the Service, you agree to the collection and use of information in accordance with this Policy. If you do not agree, do not use the Service.
01Information We Collect
Information you provide directly
- Account information. Email address, display name, password (hashed), and authentication tokens. If you sign in with Google, we receive your Google account email and basic profile from Google.
- Payment information. When you subscribe, payment details are collected by Stripe, Inc., our payment processor. We receive only a limited record (last four digits of your card, card brand, billing zip, and a Stripe customer ID). We do not store your full card number, CVV, or expiration date on our servers.
- Watchlist & preferences. The tickers you track, scanner filters you save, trendlines you draw, and other personalization data.
- Brokerage connection. If you choose to connect a brokerage account via SnapTrade, we store an opaque user identifier and connection metadata supplied by SnapTrade. We do not receive your brokerage username, password, or trading PIN.
- Communications. If you contact us by email or support form, we retain the message and any attachments you send.
Information collected automatically
- Usage data. Which pages and features you use, signals you view, and high-level interaction events used to improve the Service.
- Device & log data. IP address, browser type and version, operating system, referring URL, and timestamps. This data is collected by our hosting and authentication providers and is generally retained in their logs.
- Cookies and similar technologies. See Section 9 below.
02How We Use Information
We use the information we collect to:
- Provide, operate, and maintain the Service, including authenticating you and personalizing your dashboard;
- Process subscription payments and manage your billing relationship;
- Send you transactional messages (sign-in confirmations, receipts, password resets, security alerts, important Service changes);
- Monitor, detect, and prevent fraud, abuse, and security incidents;
- Analyze aggregate usage trends to improve the Service;
- Comply with legal obligations and enforce our Terms of Service.
We do not sell your personal information, and we do not use it for advertising or behavioral targeting.
03How We Share Information
We share information only as described below.
Service providers (sub-processors)
We rely on the following third-party providers to operate the Service. Each receives only the information needed to perform its function and is contractually obligated to protect that information.
| Provider | Purpose | Data received |
|---|---|---|
| Google Firebase | Authentication, database, hosting | Email, profile, watchlist, signals viewed, IP, device data |
| Stripe, Inc. | Payment processing | Name, email, billing address, payment-card data (collected directly by Stripe) |
| Polygon.io / Massive | Market data feed | Anonymous query metadata (no personal data tied to your account) |
| Anthropic, PBC | AI-generated 13F summaries | Public 13F holdings data (no personal account data) |
| SnapTrade, Inc. | Brokerage integration (optional) | SnapTrade user ID, brokerage connection metadata |
| Vercel, Inc. | Website hosting (chippieai.com) | IP, browser, request logs |
| Google Cloud / Cloud Run | Backend infrastructure | Request logs, server metrics |
Legal requirements
We may disclose information if required to do so by law, subpoena, or court order; to enforce our Terms; to protect the rights, property, or safety of Chippie, our users, or others; or to respond to a verified law-enforcement request.
Business transfers
If we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction, subject to confidentiality terms and applicable law.
With your consent
We may share information with third parties when you give us specific consent to do so.
04Data Retention
We retain your account information for as long as your account is active and for a reasonable period afterward to comply with legal obligations, resolve disputes, and enforce our agreements. Specifically:
- Account & watchlist data: Retained until you delete your account.
- Billing records: Retained for at least 7 years to comply with tax and financial-reporting obligations.
- Server & log data: Generally retained for 30–90 days depending on the provider.
- Email correspondence: Retained for up to 3 years.
To request deletion of your account and associated data, see Section 5.
05Your Rights & Choices
Depending on your jurisdiction, you may have the following rights with respect to your personal information:
- Access — You can request a copy of the personal information we hold about you.
- Correction — You can request that we correct inaccurate information.
- Deletion — You can request that we delete your personal information, subject to legal retention obligations.
- Portability — You can request your data in a structured, machine-readable format.
- Withdrawal of consent — Where processing is based on consent, you can withdraw that consent at any time.
- Objection — You can object to certain types of processing.
To exercise any of these rights, email legal@chippieai.com from the address associated with your account. We will respond within 30 days. We do not charge a fee for reasonable requests.
06California Residents (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act, as amended, grants you additional rights, including the right to know what personal information we collect, the right to delete that information, and the right to opt out of any “sale” or “sharing” of personal information. We do not sell or share personal information as those terms are defined under California law. To exercise your California rights, contact us at legal@chippieai.com.
07European & UK Residents (GDPR / UK GDPR)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, our legal basis for processing your information is one or more of:
- Contract: processing necessary to provide the Service you have subscribed to;
- Legal obligation: processing required by tax, accounting, or other laws;
- Legitimate interest: processing for security, fraud prevention, and improving the Service, where not overridden by your rights;
- Consent: for any processing that requires it (e.g., optional marketing emails, if applicable).
You have the right to lodge a complaint with a supervisory authority in your country of residence.
08International Data Transfers
We are based in the United States, and most of our service providers operate in the United States. By using the Service, you understand that your information will be transferred to and processed in the United States and other jurisdictions where our providers operate. These jurisdictions may have data-protection laws different from your own.
09Cookies & Similar Technologies
We use cookies and similar technologies for essential purposes:
- Authentication cookies — keep you signed in and remember your session;
- Functional cookies — remember your dashboard preferences (active tab, theme, last-viewed ticker);
- Security cookies — protect against cross-site request forgery and brute-force attempts.
We do not use third-party advertising cookies or cross-site tracking pixels. We do not participate in advertising networks.
Most browsers allow you to block or delete cookies. Blocking essential cookies will prevent you from signing in and using the Service.
10Security
We use industry-standard administrative, technical, and physical safeguards to protect your information, including TLS encryption in transit, encrypted storage at rest, hashed passwords, scoped service-account access, and audit logging. No system is perfectly secure, however, and we cannot guarantee absolute security. You are responsible for safeguarding your account credentials and notifying us immediately of any suspected unauthorized access.
11Children’s Privacy
The Service is not directed to and is not intended for use by children under the age of 18. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, please contact us at legal@chippieai.com and we will delete it.
12Do Not Track
Our Service does not respond to “Do Not Track” signals because no industry standard exists for how to interpret them. As noted above, we do not engage in cross-site behavioral tracking.
13Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will provide notice by email or via in-app notice and update the “Last updated” date at the top of this page. Your continued use of the Service after the effective date constitutes acceptance of the revised Policy.
14Contact
For any privacy-related question or to exercise your rights, contact:
SPXSlayers LLC
Attn: Privacy
Michigan, United States
Email: legal@chippieai.com