Privacy Policy

Last updated: February 12, 2026

SendSignal Inc. (“we,” “us,” or “our”) operates the SendSignal platform. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our Service.

1. Information We Collect

Account Information

When you create an account, we collect your email address and name through our authentication provider (NextAuth). If you sign in via a third-party provider (e.g., Google), we receive your name, email address, and profile picture from that provider.

Newsletter Content

We collect the topics, publication descriptions, design preferences, subject lines, and custom instructions you provide to create newsletters. We also store generated issue content, public archive pages, and subscriber engagement events.

Advertising & Personalization

SendSignal is ad-supported: free issues include one clearly-labeled advertisement. To choose which single ad an issue shows, we use engagement signals on our own servers — which stories a reader has clicked and the newsletter's topic — to select a relevant ad and to record ad impressions and clicks. We do not sell your email address, and we do not share it with advertisers; advertisers never receive your identity, only aggregate performance of their ad. Issues sent to paying (premium) subscribers are ad-free. If we later integrate a third-party ad network, we will update this policy before doing so.

Payment Information

Payment processing is handled entirely by Stripe. We do not store your credit card number, bank account details, or other sensitive financial information on our servers. We receive and store Stripe account, customer, subscription, price, and status identifiers needed for creator paid subscriptions and reader access.

Usage Data

We collect information about how you interact with the Service, including pages visited, features used, brief generation history, and email open tracking data for briefs you send.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Service, including generating newsletter issues
  • Process creator payouts and reader paid subscriptions through Stripe
  • Send transactional emails, newsletters, and premium access links
  • Provide analytics on newsletter engagement, including opens and clicks
  • Improve the Service and develop new features
  • Respond to support requests
  • Comply with legal obligations

3. AI Processing

To generate briefings, your topics, preferences, and newsletter configuration are sent to AI model providers for processing. We route AI requests through OpenRouter to large-language-model providers (currently Anthropic Claude models), and use Perplexity for research on public news sources. Each provider processes data under its own privacy policy. We do not send your subscriber lists or recipient email addresses to AI providers.

4. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe — Payment processing. See Stripe's Privacy Policy.
  • Resend — Email delivery for briefings and transactional emails. See Resend's Privacy Policy.
  • OpenRouter and Perplexity — AI processing for briefing generation and research (as described above).
  • PostHog — Product analytics (page views, feature usage, and the engagement events described in section 1). See PostHog's Privacy Policy.
  • Sentry — Error monitoring and limited session replay (a sample of sessions is recorded to diagnose bugs; text inputs are masked by default). See Sentry's Privacy Policy.
  • Google Fonts — Font delivery. Google may collect your IP address when fonts are loaded.

We also temporarily record IP addresses server-side for rate limiting and abuse prevention (for example, limiting sign-in email requests). These records are used only for security.

5. Cookies and Analytics

SendSignal uses the following cookies and similar technologies:

  • Authentication cookie — A session cookie set by NextAuth to keep you signed in. Essential; cannot be disabled.
  • Reader access cookie — A signed cookie may be set for paid readers so premium issues unlock without asking them to sign in every time. Essential.
  • Stripe cookies — Stripe may set cookies during checkout and payment processing for fraud prevention and billing. Essential for payments.
  • Analytics (PostHog) — We use PostHog to understand how the product is used (pages visited, features used). PostHog stores an identifier in your browser for this purpose.
  • Error monitoring (Sentry) — Sentry may store identifiers needed to group errors and replay a sample of sessions for debugging.

We do not use third-party advertising cookies, cross-site tracking, or data brokers. Ads in free newsletter issues are selected using the publication's topic and reading activity within SendSignal only (see section 1) — never from third-party tracking.

6. Data Retention

We retain your account information and briefing history for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law (e.g., billing records may be retained for tax purposes). Generated briefings and associated analytics data are retained for 12 months after creation.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — Request a copy of the personal data we hold about you.
  • Correction — Request correction of inaccurate data.
  • Deletion — Request deletion of your personal data and account.
  • Export — Request a portable copy of your data in a common format.
  • Opt-out of sale — We do not sell your personal data to third parties.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. GDPR (European Users)

If you are located in the European Economic Area (EEA), our legal bases for processing your data include: performance of our contract with you (providing the Service), your consent (where applicable), and our legitimate interests (improving the Service, preventing fraud). You have the right to lodge a complaint with your local data protection authority.

9. CCPA (California Users)

If you are a California resident, you have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information. To make a request, contact us at [email protected].

10. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will take steps to delete it promptly. If you believe a child under 13 has provided us with personal data, please contact us.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS), secure authentication, and access controls. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the “Last updated” date. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

13. Contact

If you have questions or concerns about this Privacy Policy, contact us at [email protected].