Privacy Policy
Last updated · May 25, 2026
This policy explains what data Cipher collects when you sign in and generate research, how that data is used, and the choices you have. We collect the minimum needed to run the service and never sell your data.
1. Who we are
Cipher (“we”, “us”) is an educational equity-research tool operated by TJ Walsh. This policy applies to the Cipher website and web application. For any privacy question, contact tjameswalsh@icloud.com.
2. Data we collect
We collect only what we need to provide the service:
- Account data (via Google Sign-In). When you sign in, our authentication provider passes us your name, email address, profile image, and a Google account identifier. We do not receive your Google password.
- Research history. The tickers you analyze and the reports we generate for you — including their text, scores, and timestamps — are stored and linked to your account so you can revisit them.
- Technical & usage data. Standard server logs (IP address, browser/device type, request times) and privacy-friendly, aggregated analytics about page visits. Our analytics are cookieless and do not build advertising profiles.
We do not intentionally collect special-category data, and we ask that you not submit sensitive personal information through the service.
3. How we use your data
- To authenticate you and operate your account.
- To generate, store, and display your research history.
- To operate and improve the learning/calibration engine using aggregated, de-identified outcome metrics — never your personal identity.
- To secure the service, prevent abuse, debug, and meet legal obligations.
Our lawful bases for processing (where applicable) are performance of our agreement with you, our legitimate interest in operating and securing the service, and your consent where required.
6. How long we keep it
We keep your account data for as long as your account is active, and your research history until you delete it or ask us to delete your account. Server logs are kept for a limited period for security and debugging. We delete or anonymize data when it is no longer needed.
7. Your rights & choices
Depending on where you live (including under the GDPR and the California Consumer Privacy Act), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can:
- Delete individual reports yourself from your dashboard history at any time.
- Request account deletion or exercise any other right by emailing tjameswalsh@icloud.com.
We will not discriminate against you for exercising these rights.
8. Security
We rely on reputable infrastructure providers, encryption in transit, and access controls to protect your data. No system is perfectly secure, however, and we cannot guarantee absolute security.
9. Children's privacy
Cipher is not directed to children under 13 (or the minimum age required in your jurisdiction), and we do not knowingly collect their data. If you believe a child has provided us data, contact us and we will delete it.
10. Changes to this policy
We may update this policy as the service evolves. Material changes will be reflected by an updated “Last updated” date at the top of this page.
11. Contact
Questions or requests? Email tjameswalsh@icloud.com. This policy is governed by the laws of the State of California, United States.