Your Data Rights
CCPA, GDPR & Global Privacy Rights
Overview
At Signals, we respect your privacy rights under applicable data protection laws. This page explains your rights under the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), and other global privacy regulations. These rights supplement our Privacy Policy.
California Residents (CCPA/CPRA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).
Your Rights
- Right to Know
Request information about what personal data we collect, use, disclose, or sell.
- Right to Delete
Request deletion of your personal information, subject to certain exceptions.
- Right to Correct
Request correction of inaccurate personal information.
- Right to Opt-Out
Opt out of the sale or sharing of your personal information. Note: Signals does not sell personal information.
- Right to Limit
Limit the use of sensitive personal information.
- Right to Non-Discrimination
We will not discriminate against you for exercising your privacy rights.
Categories of Information We Collect
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email, IP address | Yes |
| Commercial Information | Subscription history, transactions | Yes |
| Internet Activity | Browsing history, search queries | Yes |
| Geolocation Data | General location (city-level) | Yes |
| Professional Information | Company name, job title | Yes |
| Sensitive Personal Information | Account login credentials | Yes |
Notice of Financial Incentives
We may offer promotions or discounts in exchange for subscribing to marketing communications. Participation is voluntary, and you can opt out at any time. The value of the incentive is reasonably related to the value of the data collected.
European Residents (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR).
Your Rights
- Right of Access
Request a copy of your personal data we hold.
- Right to Rectification
Request correction of inaccurate or incomplete data.
- Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data under certain circumstances.
- Right to Restriction
Request we limit processing of your personal data.
- Right to Data Portability
Receive your data in a structured, machine-readable format.
- Right to Object
Object to processing based on legitimate interests or for direct marketing.
- Right to Withdraw Consent
Withdraw consent at any time where processing is based on consent.
- Right to Lodge a Complaint
File a complaint with your local data protection authority.
Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract: Processing necessary to fulfill our services to you
- Consent: Where you have given explicit consent (e.g., marketing)
- Legitimate Interests: For business purposes that don't override your rights
- Legal Obligation: To comply with applicable laws
International Transfers
Your data may be transferred to the United States. We use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection for international transfers.
Other Jurisdictions
Virginia, Colorado, Connecticut, Utah Residents
If you reside in Virginia, Colorado, Connecticut, or Utah, you have similar privacy rights under your state's consumer privacy laws, including rights to access, correct, delete, and opt out of certain data processing.
Canadian Residents (PIPEDA)
Canadian residents have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA), including the right to access and correct personal information.
Brazilian Residents (LGPD)
Brazilian residents have rights under the Lei Geral de Proteção de Dados (LGPD), including confirmation of processing, access, correction, anonymization, portability, and deletion.
How to Exercise Your Rights
To exercise any of your privacy rights, you can:
- Email us at contact@gotsignals.com
- Visit your account settings to manage preferences
- Submit a request through our Contact Page
Verification
To protect your privacy, we may need to verify your identity before processing your request. We may ask you to:
- Confirm your email address
- Provide account-related information
- Answer security questions
Authorized Agents
You may designate an authorized agent to make a request on your behalf. We require:
- Written authorization signed by you
- Verification of the agent's identity
- Verification of your identity
Response Time
We will respond to verifiable requests within 45 days (CCPA) or 30 days (GDPR). If we need more time, we will notify you of the extension and the reason.
Do Not Sell My Personal Information
Signals does not sell your personal information to third parties. We do not exchange personal information for monetary consideration. If this practice changes, we will update this notice and provide an opt-out mechanism.
Contact Our Privacy Team
For privacy-related inquiries or to exercise your rights:
- Email: contact@gotsignals.com
- Response time: Within 30-45 days