Privacy Policy

Effective Date: April 26, 2026 · Last Updated: April 26, 2026

This Privacy Policy describes how Signal Labs ("we," "us," "our") collects, uses, and shares information when you use signallabsports.com, our Discord server, and any related services (collectively, the "Service"). By using the Service, you agree to the practices described here.

Plain English summary. We collect the minimum information needed to run a subscription Discord service: your email, Discord ID, payment confirmation from Whop (we do not see your card number), and basic usage logs. We don't sell your data. We use it to deliver the Service, prevent fraud, and improve the product.

Contents

Information We Collect
How We Use Information
How We Share Information
Whop, Stripe & Payment Data
Discord
Cookies & Analytics
Data Retention
Data Security
Your Rights (CA, VA, CO, CT, UT, and Other States)
Children
International Users
Do Not Track
Changes to This Policy
Contact

1. Information We Collect

1.1 Information you provide directly

Account information. Email address, account password (hashed), display name, and Discord username/ID when you sign up or link your Discord account.
Payment confirmation. When you subscribe through Whop, Whop confirms your subscription status to us. We receive your subscription tier, renewal date, and a unique Whop user ID. We never receive or store your full payment card number, CVC, or bank account details.
User-submitted content. If you use features that let you upload images , we receive and process those images. If you post in our Discord, we receive your messages. If you contact support, we receive your communications.
Survey or feedback responses. Anything you voluntarily share when responding to surveys or asking questions.

1.2 Information collected automatically

Log data. IP address, browser type, device type, operating system, referring URL, pages viewed, timestamps, and similar standard server-log information.
Usage data. Which pages you visit, which picks you view, how long you stay, and similar non-identifying interaction patterns. Aggregated for product improvement.
Cookies / local storage. Small files used to keep you logged in and remember preferences. See Section 6.

1.3 Information from third parties

Whop. Subscription status, renewal events, cancellation events, refund events, and basic profile data you authorized Whop to share.
Discord. Your Discord username, ID, avatar, and server-membership data when you link your Discord account.

2. How We Use Information

Provide the Service — authenticate you, gate paid content, deliver picks.
Communicate with you — service notices, billing receipts, security alerts, and (only if you opt in) marketing.
Operate, debug, and improve the Service.
Prevent fraud, abuse, and unauthorized access.
Comply with legal obligations and enforce our Terms.

3. How We Share Information

We do not sell your personal information. We share information only as follows:

Service providers. Vendors that help us operate the Service, including Whop (billing), Discord (community), Amazon Web Services (hosting), Resend / SendGrid (transactional email). Each vendor is contractually limited to using your data to provide their service to us.
Legal compliance. When required by subpoena, court order, or law, or to protect rights, safety, and property.
Business transfers. If Signal Labs is acquired, merged, or restructured, your information may transfer to the successor entity, subject to this Policy.
With your consent. Anything else only with your explicit permission.

4. Whop, Stripe & Payment Data

Payments are processed exclusively by Whop, which acts as the merchant of record. Whop processes payments using Stripe as its underlying payment processor. Signal Labs does not receive, store, or process your payment card number, CVC, expiration date, or bank account information. Whop's collection and use of your payment data is governed by Whop's privacy policy, available at whop.com/privacy. We receive only confirmation that a subscription is active, what tier, and when it renews or cancels.

5. Discord

The Service includes a Discord server. Anything you post in Discord is governed by Discord's own Terms and Privacy Policy (discord.com/privacy). We can see public messages in our server and can use Discord's bot APIs to gate paid channels, post picks, and respond to interactions. We do not read your private DMs with other users. We do log message events from our own bot for audit and abuse-prevention purposes.

6. Cookies & Analytics

We use a small number of essential cookies to keep you logged in, remember preferences (e.g., timezone display), and protect against fraud. We use Cloudflare Web Analytics, a privacy-respecting analytics service that does not use cookies and does not track users across sites. We do not use third-party advertising trackers. You can disable cookies in your browser, but doing so may break login.

7. Data Retention

Active accounts: Retained while your subscription is active and for a reasonable period after to handle disputes, refunds, and tax obligations.
Inactive accounts: Deleted or de-identified within twenty-four (24) months of last activity, except where retention is required by law.
Server logs: Typically rotated within ninety (90) days.
Tax / legal records: Retained as long as required by applicable law.

8. Data Security

We use reasonable administrative, technical, and physical safeguards to protect your information, including: HTTPS/TLS in transit, encrypted storage at rest where applicable, hashed passwords (scrypt), restricted access to production systems, and least-privilege access for our infrastructure. No system is perfectly secure. We cannot guarantee absolute security, but we will notify affected users of a material data breach within the timeframe required by applicable state or federal law, generally no later than forty-five (45) days after discovery.

9. Your Rights

Depending on where you live, you may have the following rights:

Access. Request a copy of the personal information we hold about you.
Correction. Ask us to correct inaccurate information.
Deletion. Ask us to delete your information, subject to legal-retention exceptions.
Portability. Request a machine-readable export of your information.
Opt-out of "sales" or "sharing" of personal information for cross-context behavioral advertising. We do not sell or share for behavioral advertising; this right is moot for our Service, but we honor opt-out signals where applicable.
Non-discrimination. We will not retaliate against you for exercising any of these rights.

State-specific notices:

California (CCPA / CPRA): California residents may exercise the rights above. We do not sell or share personal information for cross-context behavioral advertising.
Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon, Montana, Tennessee, and other states with comprehensive privacy laws: You have analogous rights. To exercise, see Section 14.
North Carolina: NC does not currently have a comprehensive consumer-privacy statute, but we honor the rights above for NC residents as a matter of policy.

To exercise your rights, email signallabs247@gmail.com. We may need to verify your identity before responding. We will respond within forty-five (45) days or as required by applicable law. You may also designate an authorized agent to make a request on your behalf.

10. Children

The Service is intended for users aged twenty-one (21) and older. We do not knowingly collect personal information from anyone under 21. If we learn that we have collected information from a person under 21, we will delete it promptly. Parents or guardians who believe their child has provided information to us should contact signallabs247@gmail.com.

11. International Users

The Service is operated from the United States. If you access it from outside the U.S., you understand that your information will be transferred to and processed in the U.S., where data-protection laws may differ from your home country. We do not currently solicit users from the European Union, the United Kingdom, or other regions with comprehensive cross-border data-transfer rules; if you are located in such a region, please do not use the Service.

12. Do Not Track

Some browsers send a "Do Not Track" signal. There is no industry consensus on how to respond. We do not currently respond to DNT signals because we do not engage in cross-site behavioral tracking.

13. Changes to This Policy

We may update this Policy from time to time. Material changes will be communicated by email and/or by a notice on the Service at least thirty (30) days before they take effect, except when changes are required by law. The "Effective Date" at the top of this Policy reflects the most recent version.

14. Contact

Privacy questions, requests, and complaints:

Signal Labs — Privacy
Email: signallabs247@gmail.com
General support: signallabs247@gmail.com

9.1 No Sale or Sharing of Personal Information

Signal Labs has not sold or shared (as those terms are defined under the California Consumer Privacy Act, as amended by the CPRA) any personal information about consumers in the preceding twelve (12) months and does not intend to do so. We have not knowingly collected or sold the personal information of consumers under age 16.

11.1 Not Offered in the EU/UK/EEA/Switzerland

The Service is not directed to, offered in, or available to residents of the European Union, European Economic Area, United Kingdom, or Switzerland. We do not knowingly accept users from those regions. If you are located in any of these jurisdictions, you must not use the Service, and any data you provide will be deleted upon discovery.

5.1 Discord Monitoring

We log messages posted in channels operated by our Discord bot for moderation, abuse prevention, audit, and product-improvement purposes. By posting in the Signal Labs Discord server, you consent to this logging. We do not access your private direct messages with other users.

2.1 AI/LLM-Assisted Processing

Some Service operations — including content generation, support triage, and abuse detection — use large language models. When you submit a support inquiry or message our bot, the content may be processed by an LLM under data-processing agreements that prohibit training on your data. We do not submit your full account record to any LLM for general training purposes.