This Privacy Policy describes how Signal Labs ("we," "us," "our") collects, uses, and shares information when you use signallabsports.com, our Discord server, and any related services (collectively, the "Service"). By using the Service, you agree to the practices described here.
Plain English summary. We collect the minimum information needed to run a subscription Discord service: your email, Discord ID, payment confirmation from Whop (we do not see your card number), and basic usage logs. We don't sell your data. We use it to deliver the Service, prevent fraud, and improve the product.
1. Information We Collect
1.1 Information you provide directly
- Account information. Email address, account password (hashed), display name, and Discord username/ID when you sign up or link your Discord account.
- Payment confirmation. When you subscribe through Whop, Whop confirms your subscription status to us. We receive your subscription tier, renewal date, and a unique Whop user ID. We never receive or store your full payment card number, CVC, or bank account details.
- User-submitted content. If you use features that let you upload images , we receive and process those images. If you post in our Discord, we receive your messages. If you contact support, we receive your communications.
- Survey or feedback responses. Anything you voluntarily share when responding to surveys or asking questions.
1.2 Information collected automatically
- Log data. IP address, browser type, device type, operating system, referring URL, pages viewed, timestamps, and similar standard server-log information.
- Usage data. Which pages you visit, which picks you view, how long you stay, and similar non-identifying interaction patterns. Aggregated for product improvement.
- Cookies / local storage. Small files used to keep you logged in and remember preferences. See Section 6.
1.3 Information from third parties
- Whop. Subscription status, renewal events, cancellation events, refund events, and basic profile data you authorized Whop to share.
- Discord. Your Discord username, ID, avatar, and server-membership data when you link your Discord account.
1.4 Free Content Sign-Ups (No Payment Required)
In addition to paid subscriptions, we offer free email sign-ups for tournament coverage and other free content (such as our World Cup coverage). When you complete a free sign-up, we collect:
- Your email address.
- Your marketing preferences (whether you have opted-in to receive promotional emails from us).
- Optional sports interests you select.
- Optional confirmation that you are following our @SignalLabs247 account on X (Twitter). Note: this is an honor-system confirmation; we do not independently verify the X follow.
- The page that referred you (we read 'utm_source', 'utm_campaign', 'utm_content' query parameters if present in the referring URL) and standard log data (IP, user agent, timestamp).
- Cookies: a session cookie and, when you complete sign-up, a separate 'sl_unlock' cookie that expires in 60 days and is used to recognize you on future visits to our free content pages.
How we use it: If you opted in to marketing emails, we will email you about new content, tournament coverage, and Signal Labs updates. You can opt-out anytime by clicking the unsubscribe link in any email or contacting us. We do not sell your email address.
2. How We Use Information
- Provide the Service — authenticate you, gate paid content, deliver picks.
- Communicate with you — service notices, billing receipts, security alerts, and (only if you opt in) marketing.
- Operate, debug, and improve the Service.
- Prevent fraud, abuse, and unauthorized access.
- Comply with legal obligations and enforce our Terms.
3. How We Share Information
We do not sell your personal information. We share information only as follows:
- Service providers. Vendors that help us operate the Service, including Whop (billing), Discord (community), Amazon Web Services (hosting), Resend / SendGrid (transactional email). Each vendor is contractually limited to using your data to provide their service to us.
- Internal operational notifications. We post sign-up notifications (e.g., when a user completes a free email sign-up) to our internal Discord channel for operational and monitoring purposes. This is internal staff visibility only and is not a transfer to a third party.
- Aggregated / de-identified analytics. We may transmit aggregated and de-identified statistics to advertising platforms (e.g., X/Twitter Pixel if ever deployed) to measure campaign performance. These transmissions do not include data that personally identifies you.
- Legal compliance. When required by subpoena, court order, or law, or to protect rights, safety, and property.
- Business transfers. If Signal Labs is acquired, merged, or restructured, your information may transfer to the successor entity, subject to this Policy.
- With your consent. Anything else only with your explicit permission.
4. Whop, Stripe & Payment Data
Payments are processed exclusively by Whop, which acts as the merchant of record. Whop processes payments using Stripe as its underlying payment processor. Signal Labs does not receive, store, or process your payment card number, CVC, expiration date, or bank account information. Whop's collection and use of your payment data is governed by Whop's privacy policy, available at whop.com/privacy. We receive only confirmation that a subscription is active, what tier, and when it renews or cancels.
5. Discord
The Service includes a Discord server. Anything you post in Discord is governed by Discord's own Terms and Privacy Policy (discord.com/privacy). We can see public messages in our server and can use Discord's bot APIs to gate paid channels, post picks, and respond to interactions. We do not read your private DMs with other users. We do log message events from our own bot for audit and abuse-prevention purposes.
6. Cookies & Analytics
We use a small number of essential cookies to keep you logged in, remember preferences (e.g., timezone display), and protect against fraud. In addition to Cloudflare Web Analytics (a privacy-respecting service that does not use cookies and does not track users across sites), we use the following analytics tools:
- Google Analytics 4 (GA4). We use GA4 to measure aggregated traffic, page views, and high-level user behavior on the Service. GA4 uses cookies and a randomized client ID; we have configured it to respect standard IP-anonymization settings where available. GA4's use of your data is also governed by Google's privacy policy.
- Microsoft Clarity. We use Microsoft Clarity to capture aggregated session metrics, heatmaps, and session replays for the purpose of debugging and improving the Service. Clarity uses cookies and may record interactions on pages you visit. Microsoft's use of this data is governed by Microsoft's privacy policy.
We do not use third-party advertising trackers for cross-context behavioral advertising. If you sign up via a referral link, we may also read 'utm_source', 'utm_campaign', and 'utm_content' query parameters to attribute the referral (see Section 1.4). You can disable cookies in your browser, but doing so may break login or other features.
7. Data Retention
- Active accounts: Retained while your subscription is active and for a reasonable period after to handle disputes, refunds, and tax obligations.
- Inactive accounts: Deleted or de-identified within twenty-four (24) months of last activity, except where retention is required by law.
- Server logs: Typically rotated within ninety (90) days.
- Tax / legal records: Retained as long as required by applicable law.
8. Data Security
We use reasonable administrative, technical, and physical safeguards to protect your information, including: HTTPS/TLS in transit, encrypted storage at rest where applicable, hashed passwords (scrypt), restricted access to production systems, and least-privilege access for our infrastructure. No system is perfectly secure. We cannot guarantee absolute security, but we will notify affected users of a material data breach within the timeframe required by applicable state or federal law, generally no later than forty-five (45) days after discovery.
9. Your Rights
Depending on where you live, you may have the following rights:
- Access. Request a copy of the personal information we hold about you.
- Correction. Ask us to correct inaccurate information.
- Deletion. Ask us to delete your information, subject to legal-retention exceptions.
- Portability. Request a machine-readable export of your information.
- Opt-out of "sales" or "sharing" of personal information for cross-context behavioral advertising. We do not sell or share for behavioral advertising; this right is moot for our Service, but we honor opt-out signals where applicable.
- Non-discrimination. We will not retaliate against you for exercising any of these rights.
State-specific notices:
- California (CCPA / CPRA): California residents may exercise the rights above. We do not sell or share personal information for cross-context behavioral advertising.
- Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon, Montana, Tennessee, and other states with comprehensive privacy laws: You have analogous rights. To exercise, see Section 14.
- North Carolina: NC does not currently have a comprehensive consumer-privacy statute, but we honor the rights above for NC residents as a matter of policy.
To exercise your rights, email signallabs247@gmail.com. We may need to verify your identity before responding. We will respond within forty-five (45) days or as required by applicable law. You may also designate an authorized agent to make a request on your behalf.
10. Children
The Service is intended for users aged twenty-one (21) and older. We do not knowingly collect personal information from anyone under 21. If we learn that we have collected information from a person under 21, we will delete it promptly. Parents or guardians who believe their child has provided information to us should contact signallabs247@gmail.com.
11. International Users
The Service is operated from the United States. If you access it from outside the U.S., you understand that your information will be transferred to and processed in the U.S., where data-protection laws may differ from your home country. We do not currently solicit users from the European Union, the United Kingdom, or other regions with comprehensive cross-border data-transfer rules; if you are located in such a region, please do not use the Service.
12. Do Not Track
Some browsers send a "Do Not Track" signal. There is no industry consensus on how to respond. We do not currently respond to DNT signals because we do not engage in cross-site behavioral tracking.
13. Changes to This Policy
We may update this Policy from time to time. Material changes will be communicated by email and/or by a notice on the Service at least thirty (30) days before they take effect, except when changes are required by law. The "Effective Date" at the top of this Policy reflects the most recent version.
14. Contact
Privacy questions, requests, and complaints:
Signal Labs — Privacy
Email: signallabs247@gmail.com
General support: signallabs247@gmail.com
21+ · For entertainment only · Not gambling advice · If you or someone you know has a gambling problem, call 1-800-GAMBLER
Signal Labs has not sold or shared (as those terms are defined under the California Consumer Privacy Act, as amended by the CPRA) any personal information about consumers in the preceding twelve (12) months and does not intend to do so. We have not knowingly collected or sold the personal information of consumers under age 16.
The Service is not directed to, offered in, or available to residents of the European Union, European Economic Area, United Kingdom, or Switzerland. We do not knowingly accept users from those regions. If you are located in any of these jurisdictions, you must not use the Service, and any data you provide will be deleted upon discovery.
We log messages posted in channels operated by our Discord bot for moderation, abuse prevention, audit, and product-improvement purposes. By posting in the Signal Labs Discord server, you consent to this logging. We do not access your private direct messages with other users.
Some Service operations — including content generation, support triage, and abuse detection — use large language models. When you submit a support inquiry or message our bot, the content may be processed by an LLM under data-processing agreements that prohibit training on your data. We do not submit your full account record to any LLM for general training purposes.