Privacy
Privacy Policy
This Privacy Policy explains what information we process, why we process it, how we share it, and how you can contact us about privacy requests.
Last updated: May 20, 2026. Privacy version: 2026-05-20.1.
This Privacy Policy explains how ValuSift LLC, a Colorado limited liability company ("ValuSift," "we," "us," or "our"), collects, uses, shares, and retains information when you use ValuSift, including our website, authenticated application, generated workbooks, redlines, previews, datasets, feedback channels, and related services (the "Service"). This policy is intended for public launch, but it should be reviewed by qualified counsel before use.
1. Scope and U.S.-Only Service
The Service is intended for users located in the United States. If you access the Service from outside the United States, you understand that information will be processed in the United States. The Service is not directed to children or teenagers, and users must be at least 18 years old.
2. Information We Collect
We collect information that you provide, information generated through use of the Service, and limited information from service providers or public data sources.
- Account information: name, email address, password hash, role, account status, email verification status, and Terms/Privacy acceptance version and timestamp.
- Organization and membership information: organization name, owner, plan, workspace membership, role, subscription status, and related account administration details.
- Job inputs and workflow information: tickers, CIKs, company names, filing types, selected filings, requested periods or fiscal years, job type, job status, progress messages, and error messages.
- Generated documents and previews: workbooks, filing redlines, HTML previews, DOCX files, XLSX files, filenames, titles, byte size, storage path metadata, creation dates, expiration dates, download timestamps, and deleted/expired status.
- Usage and billing information: output counts, billing period, usage events, provider-pull indicators, plan changes, Stripe customer and subscription identifiers, checkout metadata, subscription status, and payment-related records provided by Stripe. We do not intentionally store full payment card numbers.
- Feedback and support information: feedback category, title, message, page URL, user agent, status, and communications you send to us.
- Security, audit, and log information: login, registration, logout, password change, download, admin, billing, maintenance, feedback, job, dataset, and policy-acceptance audit events; IP address; rate-limit counters; session metadata; and CSRF/security tokens.
- Device, cookie, analytics, and marketing measurement information: browser and device type, pages viewed, interactions, referring or exit pages, campaign parameters, approximate location derived from IP address, cookie or tag identifiers, Google Analytics identifiers where enabled, email delivery, open, click, unsubscribe, and campaign performance information, session cookies, analytics cookies, web beacons, pixels, and similar technologies.
- Third-party and public-source information: public company, filing, market, Treasury, institutional ownership, and other source data retrieved from SEC EDGAR, Yahoo Finance, Nasdaq, FRED, Stripe, and other providers used to operate the Service.
3. How We Use Information
We use information to provide, secure, maintain, improve, and administer the Service; create and retain generated documents; authenticate users; manage accounts and organizations; process subscriptions; measure usage; enforce output limits; provide dataset downloads; show previews; respond to feedback; communicate with users; audit activity; prevent fraud and abuse; troubleshoot errors; comply with law; protect rights and security; and develop new features.
We may use aggregated, de-identified, or non-identifying information to understand usage, improve product quality, monitor system performance, and evaluate business performance.
4. Generated Documents and Organization Access
Generated documents may contain public filing data, market data, formulas, calculations, audit notes, redlines, or other generated content. Generated documents are associated with your organization and may be visible or downloadable by authorized users or admins in that organization. Do not submit confidential, material non-public, personal, regulated, or highly sensitive information unless you have independently determined that the Service is appropriate for that use.
5. Third-Party Providers and Data Sources
We may share information with service providers and data sources as needed to operate the Service. These may include hosting, database, storage, analytics, security, communication, support, payment, and market or filing data providers. Payment processing is handled by Stripe. SEC and market-data requests may be sent to SEC EDGAR, Yahoo Finance, Nasdaq, FRED, or other sources.
To comply with SEC EDGAR access expectations, provider requests may include contact metadata such as a User-Agent containing an email address. Depending on the workflow and configuration, that email address may be your verified account email or a configured ValuSift contact email.
6. Cookies, Analytics, and Marketing
We use necessary cookies and similar technologies for authentication, session security, CSRF protection, account preferences, and application functionality. You can control cookies through your browser settings, but blocking necessary cookies may prevent the Service from working.
We may use Google Analytics and similar analytics tools to understand how visitors and users use the Service, measure product performance, diagnose issues, evaluate marketing campaigns, and improve the Service. These tools may use cookies, tags, scripts, browser or device identifiers, IP-derived approximate location, referrer and campaign data, page and event data, and other usage information. Google may process analytics data under its own terms and policies. You can learn more at How Google uses information from sites or apps that use our services, and Google provides a Google Analytics opt-out browser add-on.
We may use marketing email tools that include tracking pixels, web beacons, and tracked links to measure delivery, opens, clicks, unsubscribes, campaign performance, and similar engagement. You may be able to limit this tracking by blocking remote images, using privacy features in your email client, or unsubscribing from non-transactional marketing emails. Transactional, security, account, billing, legal, and service messages may still be sent even if you opt out of marketing emails.
We do not currently sell personal data or process personal data for targeted advertising. If we begin using advertising or retargeting technologies, or share information in a way that constitutes a sale, sharing, or targeted advertising under applicable privacy laws, we will update this Policy and provide any required notices, choices, opt-out mechanisms, and universal opt-out signal handling.
7. How We Share Information
We may share information with: service providers that help us operate the Service; payment processors; analytics and marketing providers, including Google Analytics and email marketing providers where enabled; data providers as needed for user-triggered workflows; organization owners and admins; professional advisers; law enforcement, regulators, courts, or others when required or appropriate for legal compliance; parties involved in a merger, acquisition, financing, restructuring, or sale of assets; and others with your direction or consent.
We may disclose information when we believe it is reasonably necessary to protect users, ValuSift, the Service, security, property, legal rights, or the public, or to investigate fraud, abuse, security incidents, or violations of our Terms.
8. Retention
Generated documents are currently retained for one year unless deleted, expired, or removed earlier for operational, security, legal, account-administration, or abuse-prevention reasons. Runtime caches and temporary files are retained separately; current defaults include 30 days for runtime cache and 24 hours for temporary files. Account, organization, usage, billing, audit, feedback, and security records may be retained as long as reasonably necessary for the purposes described in this Policy, including legal, tax, accounting, security, dispute, and business-continuity purposes.
Deletion requests will be reviewed, but we may retain information where needed to provide the Service, complete transactions, comply with law, prevent fraud or abuse, resolve disputes, enforce agreements, maintain security, preserve audit records, or protect legal rights.
9. Security
We use administrative, technical, and organizational safeguards designed to protect information, including authenticated access, organization-based ownership checks, password hashing, CSRF protection, HTTP-only session cookies, session timeouts, rate limits, audit logs, restricted storage endpoints, and direct-storage access controls. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.
10. Your Choices and Requests
You may contact us at valusift@gmail.com to request access to, correction of, deletion of, or a copy of personal information associated with your account, or to ask us to review a privacy request. We may need to verify your identity and account authority. We may decline or limit requests where permitted by law, including when information is needed for security, legal compliance, accounting, dispute resolution, fraud prevention, service operations, or another legitimate purpose.
You may unsubscribe from non-transactional marketing emails by using the unsubscribe mechanism if one is provided or by contacting us. You may also use browser settings, browser extensions, email-client privacy controls, image blocking, or the Google Analytics opt-out browser add-on to limit certain analytics or marketing measurement technologies. We may still send transactional, security, account, billing, legal, and service messages.
11. U.S. State Privacy Rights
Depending on where you live and whether applicable legal thresholds are met, you may have rights to access, correct, delete, obtain a portable copy of, or opt out of certain processing of personal data, and you may have a right to appeal our decision on a privacy request. Colorado residents and residents of other states with privacy laws may contact us at valusift@gmail.com to exercise available rights.
We do not currently sell personal data or process personal data for targeted advertising. If we become subject to a legal obligation to honor universal opt-out mechanisms such as Global Privacy Control for sale or targeted advertising, we will process those signals as required by applicable law and update this Policy to explain that processing.
12. Children and Teenagers
The Service is not directed to children or teenagers, and users must be at least 18 years old. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us at valusift@gmail.com so we can review the request and take appropriate action.
13. Changes to This Policy
We may update this Privacy Policy from time to time. If an update is material, we may provide notice through the Service, by email, or by requiring renewed acceptance. The updated Policy is effective when posted or when you accept it, as stated in the update.
14. Contact
Privacy questions and requests may be directed to valusift@gmail.com.