555-123-4567
Get Early Access

PRIVACY POLICY

COTES AI, INC.

Document Version: 2.0  •  Effective: October 11, 2025  •  Last Updated: October 11, 2025

PLAIN ENGLISH SUMMARY (The Important Stuff Up Front)

Here's our privacy philosophy in simple terms:

We collect only what we need to run our service and keep you updated. We don't sell your data. Period. We're not in the data-selling business—we're in the technical analysis business.

What we collect: Your email, payment info (processed securely by Stripe—we never see your full card number), and info about how you use our platform.

What we DON'T collect: Your investment portfolio, trading strategies, net worth, or anything about your personal finances. We're publishers of technical tools, not financial advisors, so we don't need (or want) that information.

Your credit card: Goes straight to Stripe, our payment processor. We never touch it, see it, or store it. All we get is "you paid" and the last 4 digits for your records.

Your rights: You can access your data, download it, correct it, or delete it anytime. You can opt out of marketing emails with one click. You're in control.

Security: We use industry-standard encryption and security practices. No system is 100% hack-proof (anyone who promises that is lying), but we take this seriously and keep improving.

The detailed policy follows below if you want all the specifics.

OUR COMMITMENT TO YOUR PRIVACY

Cotes AI, Inc. ("Cotes AI," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.cotes.ai and use our spectral analysis tools (collectively, the "Services").

Please read this Privacy Policy carefully. By using our Services, you consent to the practices described here.

If you have questions, skip to Section 13 for our contact info. We're here to help.

1 Information we collect
Information You Give Us Directly When you register for an account or subscribe, we collect: Account Information:
  • Email address
  • Username
  • Password (encrypted—we never see your actual password)
Billing Information:
  • Billing address
  • Transaction history (dates, amounts, subscription status)
Important: Your payment card details are processed directly by Stripe, our PCI-compliant payment processor. Your card number never touches our servers. We only receive:
  • A secure token (meaningless to anyone but Stripe)
  • Last 4 digits of your card (so you can identify which card you used)
  • Whether the payment succeeded or failed
Communication Data:
  • Information from your emails or support requests
  • Any feedback you voluntarily provide
What We DON'T Collect (And Never Will) As a publisher operating under the publisher's exclusion, we intentionally do NOT collect:
  • Your investment portfolio details
  • Trading account information
  • Net worth or income data
  • Social Security Numbers
  • Bank account numbers
  • Full credit card numbers (Stripe handles this)
  • Personal investment objectives or strategies
  • Risk tolerance information
  • Financial situation details
  • Investment experience data
Why? Because we're not investment advisers. We provide technical tools for YOUR research. We don't need to know about your personal finances. Information Collected Automatically When you use our Services, we automatically collect: Usage Data:
  • Pages viewed
  • Features used
  • Patterns you analyzed
  • Time spent on site
  • Which tools you find most useful
Device Information:
  • IP address (helps us prevent fraud)
  • Browser type
  • Operating system
  • Device identifiers
Log Data:
  • Access times
  • Referring URLs (how you found us)
  • Clickstream data
Cookies and Similar Technologies: See Section 6 for the full story on cookies.
2 How we use your information
Service Delivery We use your information to:
  • Provide access to our spectral analysis tools
  • Process subscription payments
  • Send important service-related communications (like "your card is expiring")
  • Provide customer support when you need help
Service Improvement We analyze usage patterns to:
  • Improve our algorithms and make them more accurate
  • Develop new features that you'll actually use
  • Fix bugs and technical issues
  • Conduct research on pattern recognition effectiveness
All of this is done with anonymized, aggregated data—we're looking at trends across all users, not spying on individuals. Legal Compliance We use information to:
  • Comply with applicable laws and regulations
  • Enforce our Terms of Service
  • Protect against fraud and unauthorized access
  • Respond to legal process (court orders, subpoenas, etc.)
Marketing (Only With Your Consent) If you opt in, we'll:
  • Send newsletters about market patterns and technical analysis education
  • Inform you about new features or services
  • Provide educational content about spectral analysis
You can opt out anytime with one click. We won't take it personally. What We Will NEVER Do We will NEVER use your information to:
  • Provide personalized investment recommendations
  • Create individual investment profiles
  • Target you with specific investment opportunities
  • Sell or rent your personal information to third parties
We're not in the data-selling business. Our business model is simple: you pay us for tools, we provide tools. That's it.
3 How we share your information
We share your information only in these limited circumstances: Service Providers We Trust We share information with trusted third-party service providers who help us run our business: Payment Processing:
  • Stripe - Processes payments securely. Only receives payment data directly from you (we never see your full card number)
Email Delivery:
  • Services like SendGrid or Mailchimp to send you emails
Cloud Storage:
  • AWS, Google Cloud, or similar for secure data storage
Analytics:
  • Google Analytics (with IP anonymization) to understand how people use our site
Customer Support Tools:
  • Zendesk or similar for managing support tickets
Important: All service providers are contractually required to protect your information and use it only for providing services to us. They can't use your data for their own purposes. Legal Requirements We may disclose information if required by:
  • Court order or subpoena
  • Government or regulatory request
  • Law enforcement investigation
  • To protect our rights, property, or safety
  • To prevent fraud or cybersecurity threats
We don't want to share your data, but sometimes the law requires it. Business Transfers If Cotes AI is ever acquired, merged, or sells assets, your information may be transferred to the new owner. We'll notify you if this happens and give you choices about your data. Aggregated, Anonymized Data We may share aggregated data that cannot identify you personally for research or marketing purposes. Example: "85% of our users analyze tech stocks" is fine. "John Smith analyzed AAPL on Tuesday" is not—we'd never share that. With Your Consent We'll share information for any other purpose if you give us explicit permission.
4 Data security
We Take Security Seriously We implement industry-standard security measures to protect your information. Here's what we do: Technical Safeguards
  • Encryption of data in transit (TLS/SSL) - Your data is encrypted when traveling between your device and our servers
  • Encryption of sensitive data at rest - Your data is encrypted when stored
  • Secure cloud infrastructure with regular security audits
  • Multi-factor authentication available - Turn this on in your account settings!
  • Regular security updates and patches
  • Automated security monitoring and alerts
Payment Security (The Gold Standard) We never store your credit card information. Ever. All payment data is processed directly through Stripe, a PCI Service Provider Level 1 certified payment processor. This is the highest level of certification available in the payments industry. How it works:
  1. You enter your card details on our payment page
  2. That information goes directly to Stripe's secure servers
  3. It never touches our systems
  4. Stripe sends us back a secure token and "payment successful"
  5. We store only the last 4 digits for your reference
Your full card number literally never exists in our database. We couldn't see it if we wanted to. Administrative Safeguards
  • Limited employee access on a need-to-know basis
  • Confidentiality agreements with all employees and contractors
  • Regular security training for our team
  • Incident response procedures in case something goes wrong
Physical Safeguards
  • Secure data center facilities with restricted access
  • Access controls and monitoring
  • Redundant backup systems (we're paranoid about backups)
The Reality Check Important: While we use commercially reasonable efforts to protect your information and we're continually improving our security practices, no security system is impenetrable. We cannot guarantee absolute security of your data. Anyone who promises 100% security is either lying or doesn't understand how technology works. We're honest about this: we do our best, we stay vigilant, and we keep improving—but perfect security doesn't exist. Michigan Residents - Data Breach Notification For our Michigan friends: In accordance with Michigan law (MCL 445.63), we will notify Michigan residents without unreasonable delay if there is a security breach involving personal information that could result in identity theft or fraud. Notification will be provided via email or written notice as required by law. Translation: If something bad happens, you'll know quickly.
5 Your data rights and choices
You're In Control Access and Portability You have the right to:
  • Request a copy of your personal information
  • Download your data in a portable format (CSV, JSON, etc.)
  • Access your account information anytime through your profile
Correction and Update You can:
  • Update your account information through your profile settings
  • Contact us to correct any inaccurate data
  • Manage your communication preferences
Deletion You may request deletion of your account and personal information. We'll honor this request, subject to:
  • Legal retention requirements (like tax records)
  • Completion of pending transactions
  • Legitimate business purposes
Translation: If you want out, we'll delete your stuff—except what the law requires us to keep for things like taxes. Opt-Out Rights You can opt out of:
  • Marketing emails - One-click unsubscribe link in every email
  • Non-essential cookies - Manage in your browser settings
  • Analytics tracking - Use browser privacy tools or extensions
  • Third-party information sharing (where applicable)
Do Not Sell We do NOT sell your personal information. Period. We're not in that business. We never have been, we never will be. You have the right to confirm this at any time by asking us.
6 Cookies and tracking technologies
The Cookie Conversation What Are Cookies? Small text files stored on your device that help websites remember you and your preferences. Not the delicious kind. What We Use Essential Cookies (Required):
  • Needed for basic site functionality
  • Remember your login session
  • Can't be disabled without breaking the site
Analytics Cookies (Helpful):
  • Help us understand how you use our Services
  • Google Analytics with IP anonymization (your exact IP address is hidden)
  • Show us which features are popular and which nobody uses
Preference Cookies (Convenient):
  • Remember your settings and preferences
  • Enhance your user experience
  • Save you from having to reconfigure everything each visit
Your Cookie Choices You're in control:
  • Most browsers let you manage cookie preferences in settings
  • You can delete cookies anytime
  • You can block third-party cookies
  • Disabling cookies may limit functionality (you might have to log in every time)
Do Not Track Signals: We currently do not respond to "Do Not Track" browser signals because there's no industry standard for what this means. If a standard emerges, we'll implement it.
7 Third-party links
Not Our Responsibility (But Heads Up) Our Services may contain links to third-party websites, blogs, research sites, or other services. Important: We are not responsible for the privacy practices of these third parties. They have their own privacy policies and practices. Our advice: Read their privacy policies before providing any information. Just because we link to something doesn't mean we endorse how they handle your data.
8 Children's privacy
Not For Kids Our Services are not directed to individuals under 18 years of age. We do not knowingly collect information from children. If you're under 18, please don't use our Services or provide any information. Parents: If you believe we have inadvertently collected information from a child under 18, please contact us immediately at privacy@cotes.ai and we'll delete it.
9 International users
We're Based In The U.S. Our Services are operated from the United States. If you access our Services from outside the U.S.:
  • Your information will be transferred to and processed in the U.S.
  • S. privacy laws may differ from your jurisdiction
  • By using our Services, you consent to this transfer
For European Users: See Section 10 for GDPR-specific rights.
10 State-specific rights
California Residents (CCPA/CPRA) You have additional rights including:
  • Right to know what personal information we collect, use, and share
  • Right to delete your personal information
  • Right to opt-out of the "sale" of personal information (we don't sell data anyway)
  • Right to non-discrimination for exercising your rights
  • Right to correct inaccurate information
  • Right to limit use of sensitive personal information
To exercise these rights: Email privacy@cotes.ai with your request. Michigan Residents Michigan residents have rights under state privacy laws including:
  • Right to know what personal information we collect
  • Right to request correction of inaccurate information
  • Protection under Michigan's Identity Theft Protection Act
  • Data breach notification rights under MCL 445.63
  • Additional protections under the Michigan Consumer Protection Act
Michigan Electronic Transactions: Pursuant to the Michigan Uniform Electronic Transactions Act (MCL 450.831 et seq.), Michigan residents consent to conducting transactions electronically and receiving all privacy notices and updates in electronic form. Michigan Sales Tax: For Michigan residents, we collect location data solely for calculating applicable Michigan sales tax on digital services as required by state law. This information is not used for any other purpose. European Users (GDPR) If GDPR applies to you, you have rights including:
  • Right to access, correct, and delete your data
  • Right to data portability
  • Right to object to processing
  • Right to restrict processing
  • Right to withdraw consent
  • Right to lodge a complaint with supervisory authorities
Legal basis for processing: We process your data based on:
  • Performance of our contract with you (providing Services)
  • Legitimate interests (improving our Services, fraud prevention)
  • Your consent (marketing communications)
  • Legal obligations (tax, anti-fraud laws)
Other States Residents of Virginia, Colorado, Connecticut, Utah, and other states with privacy laws may have similar rights. Contact us at privacy@cotes.ai to learn more about your specific rights.
11 Data retention
How Long We Keep Your Information We retain your information for as long as necessary to:
  • Provide our Services
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements
Generally:
Data Type Retention Period
Account information Duration of account + 3 years
Transaction records 7 years (IRS requirements)
Usage data 2 years
Marketing data Until opt-out + 90 days
Support tickets 3 years
Michigan residents may request information about our specific retention periods for their data. When you delete your account: We'll delete your personal information within 90 days, except what we're legally required to retain (like transaction records for tax purposes).
12 Changes to this privacy policy
We May Update This Policy We may update this Privacy Policy to reflect changes in:
  • Our data practices
  • Legal requirements
  • Our Services
  • Industry best practices
We will notify you of material changes by:
  • Email notification to your registered email address
  • Prominent notice on our website
  • Requiring acknowledgment for continued use (for major changes)
Non-material changes (like typo fixes or clarifications) may be made without notice, but we'll update the "Last Updated" date at the top. Your continued use of our Services after changes constitutes acceptance of the updated Privacy Policy.
13 How to contact us
We're Here To Help For privacy-related questions, requests, or concerns: Privacy Team Cotes AI, Inc. 16192 Coastal Hwy Lewes, DE 19958 Email: privacy@cotes.ai General Questions: info@cotes.ai Support: support@cotes.ai Principal Place of Business: While Cotes AI, Inc. is a Delaware corporation, our principal operations are conducted from Michigan. Michigan residents may contact us with privacy concerns under Michigan law. Response Time: We will respond to your request within 30 days, or as required by applicable law (some states require faster responses, which we'll honor).
14 Privacy notice summary
Quick Reference Checklist
  • We collect minimal information needed to provide our Services
  • We do NOT store credit card information (processed securely by Stripe)
  • We do NOT collect investment portfolio information
  • We do NOT sell your personal information (never have, never will)
  • We do NOT provide personalized investment advice
  • You can request access, correction, or deletion of your data anytime
  • We use industry-standard security measures and keep improving
  • You can opt-out of marketing communications with one click
  • Michigan residents have additional rights under state law
  • California residents have CCPA/CPRA rights
  • European users have GDPR rights
  • We're transparent and responsive to your privacy concerns
15 Final acknowledgment
BY USING OUR SERVICES, YOU ACKNOWLEDGE THAT:
  • You have read and understood this Privacy Policy
  • You agree to the collection, use, and sharing practices described here
  • You understand your rights and how to exercise them
  • You can contact us anytime with privacy questions or concerns
Document Version: 2.0 Effective Date: October 11, 2025 Last Updated: October 11, 2025 [I ACKNOWLEDGE AND ACCEPT THIS PRIVACY POLICY]