Privacy Policy

Prestanda, LLC ("Prestanda," "we," "us," or "our") operates Pinpoint Alpha (the "Service"). This Privacy Policy describes how we collect, use, store, and protect your personal information when you use the Service. By using the Service, you consent to the data practices described in this policy.

If you have questions about this policy, contact us at privacy@pinpoint-alpha.com.

Information you provide directly:

• Your email address, provided when you sign up. Authentication is handled by email-based sign-in or, where available, Google OAuth. We do not store passwords ourselves; they are handled by our authentication provider or by your OAuth provider.
• An optional display name and avatar. The display name field is free-text, so you may enter a real name, a nickname, or leave it blank.
• Optional trading-profile answers collected during onboarding: your self-reported market experience level, instrument focus, typical holding period, and up to two primary goals. You can skip the profile entirely.
• The stock tickers you add to your watchlist (up to 15).
• Your selected digest style (Standard or Technical) and email frequency preference.
• Any messages or feedback you send to us.

Billing information: All payment processing is handled directly by Stripe, Inc. We do not receive or store your credit card number, CVV, card expiration date, cardholder name, or billing address. The only billing-related information stored in our database is a Stripe customer identifier, your subscription status (for example, active, trialing, canceled), subscription period dates, and references to Stripe invoices. All payment card handling and PCI compliance is Stripe's responsibility.

Information collected automatically:

• IP address, browser type, device type, and operating system, used for security, rate limiting, and debugging.
• Basic usage information such as pages visited on the Service and timestamps of dashboard access, used to understand feature usage and diagnose issues.
• Email delivery status (such as delivered, bounced, or unsubscribed) reported by our email delivery provider, used to maintain deliverability. We do not operate pixel-based open or click tracking on newsletter content.

Information we do not collect:

• We do not collect your brokerage account information, trading history, portfolio holdings, or account balances.
• We do not request or store Social Security numbers, government IDs, or financial account numbers.
• We do not track your activity on other websites or applications.
• We do not collect or store your credit card details. All payment-card data lives at Stripe.

The Service operates entirely on publicly available market data and the watchlist and profile preferences you provide.

We use the information we collect to:

• Generate and deliver your personalized daily and weekly newsletters
• Operate the dashboard, displaying market analysis, signal data, and historical digests relevant to your watchlist
• Process subscription payments and manage billing (via Stripe)
• Send transactional messages such as account confirmations, payment receipts, and subscription notices
• Improve the accuracy, clarity, and relevance of our analytical signals and AI-generated content
• Detect, prevent, and respond to fraud, abuse, security incidents, or violations of our Terms of Service
• Comply with legal obligations

We do not use your personal information to make trading decisions on your behalf. We do not sell, rent, or share your personal information for advertising purposes.

Where applicable (including for users in the European Economic Area or the United Kingdom), we process your information on the following legal bases:

• Contract: to provide the Service you have subscribed to
• Legitimate interests: to secure the Service, prevent fraud, and improve the product
• Consent: for optional communications where consent is required
• Legal obligation: when we are required to retain or disclose information by law

We rely on a small set of trusted vendors to operate the Service. Each processes data only as needed to perform its function. We do not share your personal information with any third party for their own marketing purposes.

Beyond the sub-processors listed above, we share information only in the following limited circumstances:

• Legal or safety obligations: We may disclose information when required by law, subpoena, court order, or to protect the rights, property, or safety of Prestanda, LLC, our users, or the public.
• Business transfers: If Prestanda, LLC is involved in a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your information.

We do not share your information with advertising networks, data brokers, or any third party for marketing purposes.

• Account and watchlist data: retained for the duration of your active subscription and for 90 days after account deletion or subscription cancellation, unless longer retention is required by law.
• Digest history: retained for the duration of your subscription. Upon cancellation, digest history is retained for 90 days before deletion.
• Billing records: retained by Stripe and by us as required by applicable tax and financial regulations (typically 7 years).
• Email delivery logs: retained for up to 12 months for deliverability troubleshooting.
• Server and access logs: containing IP addresses and access patterns, retained for up to 30 days for abuse prevention and forensic investigation.

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including:

• Encryption of data in transit (TLS/HTTPS)
• Encrypted storage at rest
• Database-level access controls that ensure users can only access their own data
• Authentication via secure OAuth protocols or email-based verification
• Principle-of-least-privilege access controls and routine security reviews

No method of transmission over the Internet or electronic storage is 100 percent secure. While we strive to protect your personal information, we cannot guarantee its absolute security. If we become aware of a data breach that affects your personal information, we will notify you and the appropriate authorities as required by applicable law.

Depending on your jurisdiction, you may have some or all of the following rights over your personal information:

• Access: request a copy of the personal information we hold about you
• Correction: ask us to correct inaccurate or incomplete information
• Deletion: request that we delete your account and associated data, subject to legal retention requirements
• Portability: request a machine-readable export of your data
• Objection: object to certain uses of your information
• Withdraw consent: where processing is based on consent, you may withdraw it at any time
• Opt-out of communications: unsubscribe from non-essential communications at any time via the unsubscribe link in any email

To exercise any of these rights, email us at privacy@pinpoint-alpha.com from the address associated with your account. We will respond within 30 days. You also have the right to lodge a complaint with a data protection authority in your jurisdiction.

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with the rights described in Section 9 above, as well as:

• The right to know what personal information we collect, use, and disclose
• The right to request deletion of your personal information
• The right to opt out of the "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under California law.
• The right to non-discrimination for exercising your privacy rights

We do not knowingly collect the personal information of California residents under 16 years of age.

The Service is intended for adults. We do not knowingly collect personal information from anyone under the age of 18. If you believe a minor has provided us with personal information, contact us at privacy@pinpoint-alpha.com and we will promptly delete it.

By subscribing to the Service, you consent to receive:

• Daily market analysis digests on U.S. trading days
• Weekly recap digests on Sundays
• Service notifications, including account changes, billing updates, and important service announcements

You may adjust your email delivery preferences (frequency, format) from your Profile page at any time. You may unsubscribe from optional marketing communications at any time. Service-critical notifications, such as billing failures or account security alerts, may still be sent to active subscribers.

We use only essential cookies required for the Service to function:

• Authentication cookies to keep you signed in during your session
• Security cookies for CSRF protection and fraud prevention
• Preference cookies to remember UI settings such as light and dark mode

We do not use:

• Advertising or remarketing cookies
• Third-party analytics cookies that track you across websites
• Social media tracking pixels

You can disable cookies in your browser, but parts of the Service may not function properly without them.

Prestanda, LLC is based in the United States, and our service providers are primarily located in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States. By using the Service, you consent to such transfer.

Where required by law (including for users in the EEA and UK), we rely on appropriate safeguards such as Standard Contractual Clauses to protect international transfers of personal information.

Some browsers offer a "Do Not Track" signal. Because there is no industry-wide standard for how to interpret these signals, we do not currently respond to them. We do not engage in the kinds of cross-site behavioral tracking that Do Not Track was designed to address.

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party services you access.

We may update this Privacy Policy from time to time. If we make material changes, we will notify active subscribers by email at least 14 days before the changes take effect, and we will update the "Last updated" date at the top of this page. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

For questions about this Privacy Policy or your personal data, contact us at:

Prestanda, LLC
d/b/a Pinpoint Alpha
221 W 9th St, PMB 853
Wilmington, DE 19801
privacy@pinpoint-alpha.com
General support: support@pinpoint-alpha.com