StaffSignal

Privacy Policy

Effective date: March 1, 2026

StaffSignal ("we", "us", "our") operates the website staffsignal.io. This page describes how we collect, use, and protect your information when you use our service.

1. Information We Collect

Account information. When you create an account, we collect your name, email address, and authentication credentials. If you sign in via Google or GitHub, we receive your name, email, and profile picture from the provider. We do not receive or store your OAuth password.

Usage data. We track which playbook sections you have read and your reading mode preferences to provide progress tracking. This data is stored in your account and not shared with third parties.

Payment information. Payments are processed by our payment provider. We do not store your card number, CVV, or full payment details on our servers. We retain a payment reference ID and subscription status to manage your access.

Analytics. We may use privacy-respecting analytics to understand aggregate usage patterns (e.g., which playbooks are most read). We do not sell or share personal data with advertisers.

2. How We Use Your Information

  • To provide and maintain your account and subscription
  • To track your reading progress across playbooks
  • To process payments and manage billing
  • To send transactional emails (e.g., password reset, payment receipts)
  • To improve the product based on aggregate usage patterns

3. Data Storage and Security

Your data is stored using Google Cloud Platform (Firebase) infrastructure. Authentication sessions use server-side httpOnly cookies. We use industry-standard encryption for data in transit (TLS) and at rest.

4. Third-Party Services

We use the following third-party services to operate StaffSignal:

  • Firebase (Google) — authentication, database, and hosting infrastructure
  • Vercel — application hosting and deployment
  • Payment processor — payment processing (we do not store card details)

Each provider has their own privacy policy governing how they handle data.

5. Cookies

We use a single essential cookie (firebase-session) to maintain your authenticated session. We do not use advertising or third-party tracking cookies.

6. Data Retention

We retain your account and progress data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days. Anonymized, aggregate analytics data may be retained indefinitely.

7. Your Rights

You may:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your progress data

To exercise any of these rights, contact us at the email below.

8. Children

StaffSignal is designed for professional software engineers. We do not knowingly collect information from anyone under 16 years of age.

9. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance.

10. Contact

For privacy-related questions or requests, email us at privacy@staffsignal.io.

Terms of Service →