Issue · Privacy · v1

Privacy Policy

Last updated: May 7, 2026

1. Who we are

InsiderWire is operated by Yildiz Consulting ("InsiderWire", "we", "us"). The service is available at insiderwire.us and through the InsiderWire mobile apps for iOS and Android.

2. What we collect

We keep the data set deliberately small. Specifically:

• Account identity — your email address (and the name/avatar you provide via Apple Sign In or Google Sign In). Stored and managed by Clerk on our behalf.
• Subscription state — whether you are on the Free or Pro tier, the platform you subscribed on (Apple, Google, Stripe), and the next renewal date. Sourced from RevenueCat and Stripe webhooks.
• Push notification tokens — an opaque device token (Expo push token) tied to your account so we can send consensus alerts. You can revoke at any time in your device settings.
• Usage telemetry — minimal logs of API requests (timestamp, route, status). Used for operating the service. Not sold, not shared with advertising networks.

We do not collect your contacts, location, photos, microphone, camera, browsing history outside our domain, or financial account credentials. We never see your credit card number — payment is handled directly by Apple, Google or Stripe.

3. How we use it

• To authenticate you and keep your session signed in.
• To resolve your subscription tier and gate Pro features.
• To send the consensus push notifications you opted in to.
• To detect abuse, debug errors, and operate the service reliably.

4. Third-party processors

We rely on the following sub-processors. Each is a well-known company with its own privacy policy:

• Clerk (clerk.com) — authentication, user profile storage. Privacy
• RevenueCat (revenuecat.com) — subscription receipt validation across Apple, Google, Stripe. Privacy
• Stripe (stripe.com) — web subscription payments. Privacy
• Apple App Store / Google Play Billing — mobile subscription payments. Governed by their respective policies.
• Firebase Cloud Messaging (Google) — Android push delivery. Privacy
• Apple Push Notification Service — iOS push delivery.
• Cloudflare — content delivery and DDoS protection.

Market-data inputs (OpenInsider for SEC Form 4 filings, Dataroma for 13F filings, Stocktwits trending) are public data sources. We do not send your personal data to them.

5. Data retention

We retain account data for as long as your account is active. Push tokens that fail twice are flagged inactive. If you delete your account, we remove your user record and push tokens within 30 days. Anonymized signal data may be retained indefinitely for product analytics.

6. Your rights

You can review and export your data, correct inaccuracies, or request deletion at any time by emailing the address below. EU/UK and California residents have specific rights under GDPR / CCPA which we honor regardless of where you live.

7. Children

InsiderWire is intended for adults (18+). We do not knowingly collect data from minors. If you believe a minor has registered, contact us and we'll remove the account.

8. International transfers

Our servers and sub-processors are located in the United States. By using InsiderWire, you consent to your data being transferred to and processed in the United States.

9. Security

Traffic is encrypted in transit (TLS). Subscription receipts are validated server-side. We follow least-privilege access for our infrastructure. No system is perfect — if you believe you've found a vulnerability, please email us so we can fix it.

10. Changes to this policy

We may revise this policy. The "last updated" date at the top will change. Material changes will be highlighted in-app or via email.

11. Contact

Questions, data requests, deletion requests: info@yildizconsulting.us.

InsiderWire is an information aggregator, not a registered investment advisor. We do not provide financial advice. All trading decisions are yours.