Privacy Policy

Effective Date: March 23, 2026  |  Last Updated: March 23, 2026  |  Controller: Guerilla Finance Inc. (DilutionWatch)

This Privacy Policy explains how Guerilla Finance Inc. ("DilutionWatch," "we," "us," or "our") collects, uses, discloses, and protects personal information when you access or use our website at dilutionwatch.com and related services (the "Service").

Table of Contents

  1. Information We Collect
  2. How We Use Your Information
  3. Third-Party Services and Sharing
  4. Cookies and Tracking Technologies
  5. Data Retention
  6. Data Security
  7. Your Rights
  8. GDPR (EEA/UK Users)
  9. CCPA/CPRA (California Residents)
  10. Children's Privacy
  11. International Transfers
  12. Changes to This Policy
  13. Contact Us

1. Information We Collect

We collect the following categories of personal information:

CategoryExamplesSource
Account InformationEmail address, name, profile picture, OAuth provider IDYou provide via Google/Microsoft OAuth or direct signup
Subscription & PaymentSubscription tier, billing dates (payment card data handled by Stripe, not stored by us)You, via Stripe payment processing
Watchlist & UsageTicker symbols added to your watchlist, alert preferences, features accessed, pages viewedAutomatically collected as you use the Service
Technical DataIP address, browser type and version, device type, operating system, referring URLs, session durationAutomatically collected via server logs and analytics
CommunicationsEmail correspondence with us, support requestsYou

We do not collect: Social Security numbers, government ID numbers, financial account numbers, medical or health data, or biometric data.

2. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: Processing your registration, providing access to features corresponding to your subscription tier, and delivering SEC filing alerts for your watchlisted tickers;
  • Alert Notifications: Sending email notifications when your watchlisted tickers file relevant SEC documents (S-1, S-3, 424B, 8-K, etc.);
  • Billing and Payments: Processing subscription payments and managing your billing relationship through Stripe;
  • Analytics and Improvement: Understanding how users interact with the Service to improve features, fix bugs, and optimize performance;
  • Communications: Responding to your inquiries, sending service updates, and (with your consent) marketing communications about new features;
  • Legal Compliance: Complying with legal obligations, enforcing our Terms of Service, preventing fraud, and protecting rights;
  • Security: Monitoring for unauthorized access, abuse, and security threats.

Legal Bases (GDPR): We process your data on the following legal bases: performance of a contract (service delivery), legitimate interests (analytics, security, fraud prevention), legal obligation, and consent (marketing emails).

3. Third-Party Services and Sharing

We share personal information with the following categories of third parties:

Third PartyPurposeData Shared
StripePayment processingEmail address, subscription details (card data never touches our servers)
Google (OAuth)AuthenticationWe receive your Google profile info (email, name, picture) if you sign in with Google
Microsoft (OAuth)AuthenticationWe receive your Microsoft profile info (email, name) if you sign in with Microsoft
Google AnalyticsUsage analyticsAnonymized/pseudonymized usage data, IP address
Postmark / Email ProviderTransactional email deliveryEmail address, alert content
DigitalOceanCloud hosting infrastructureAll data stored on DigitalOcean servers in the United States

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. We may disclose information if required by law, court order, or to protect the rights and safety of DilutionWatch, our users, or the public.

4. Cookies and Tracking Technologies

We use the following types of cookies and tracking technologies:

  • Essential Cookies: Required for the Service to function, including authentication session cookies. These cannot be disabled without breaking core functionality.
  • Preference Cookies: Store your preferences such as theme (dark/light mode) and display settings. Stored in localStorage.
  • Analytics Cookies: Google Analytics (GA4) collects anonymized usage data to help us understand how the Service is used. You may opt out via Google's opt-out tool.

You can control cookies through your browser settings. Disabling essential cookies may impair your ability to use the Service.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data: Retained for the life of your account plus 12 months after account closure;
  • Payment records: Retained for 7 years to comply with financial record-keeping requirements;
  • Server logs: Retained for 90 days;
  • Backup data: May persist for up to 90 days after deletion requests are processed.

You may request deletion of your account and associated data at any time as described in Section 7.

6. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, including:

  • TLS/SSL encryption for all data in transit;
  • Encrypted storage of sensitive data at rest;
  • OAuth-based authentication (we never store passwords);
  • Access controls limiting data access to authorized personnel;
  • Regular security monitoring and vulnerability assessments.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Your Rights

Subject to applicable law, you have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you;
  • Correction: Request correction of inaccurate or incomplete data;
  • Deletion: Request deletion of your personal data ("right to be forgotten");
  • Portability: Receive your data in a structured, commonly used, machine-readable format;
  • Restriction: Request restriction of processing of your data;
  • Objection: Object to processing based on legitimate interests;
  • Withdraw Consent: Withdraw consent for marketing emails at any time via the unsubscribe link in any email.

To exercise any of these rights, email admin@dilutionwatch.com with your request. We will respond within 30 days. We may need to verify your identity before processing your request.

8. GDPR — EEA and UK Users

If you are located in the European Economic Area (EEA) or United Kingdom, the General Data Protection Regulation (GDPR) or UK GDPR applies to our processing of your personal data. Guerilla Finance Inc. acts as the data controller.

In addition to the rights described in Section 7, you have the right to lodge a complaint with your national data protection authority. For EU users, a list of supervisory authorities is available at edpb.europa.eu.

9. CCPA/CPRA — California Residents

California residents have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Categories of Personal Information Collected in the Last 12 Months: Identifiers (email, IP), commercial information (subscription records), internet activity (usage data).

Purpose of Collection: Service delivery, analytics, legal compliance.

Disclosure for Business Purposes: We share data with the service providers listed in Section 3 for operational purposes.

Sale/Sharing: We do not sell or share personal information as defined by the CCPA/CPRA.

To submit a California privacy rights request, email admin@dilutionwatch.com with the subject line "California Privacy Request."

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have inadvertently collected such information, we will promptly delete it. If you believe we have collected information from a minor, please contact us at admin@dilutionwatch.com.

11. International Data Transfers

DilutionWatch is operated from the United States. If you are accessing the Service from outside the United States, your personal information will be transferred to and processed in the United States, where data protection laws may differ from those in your country. By using the Service, you consent to this transfer. Where required by applicable law (e.g., GDPR), we implement appropriate safeguards for international transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or notice on the Service prior to the change becoming effective. The "Last Updated" date at the top reflects the most recent revision. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

For privacy-related inquiries, requests, or complaints:

Guerilla Finance Inc. (DilutionWatch) — Privacy Team
Email: admin@dilutionwatch.com
Website: https://dilutionwatch.com

Please use subject line "Privacy Request" for data rights requests to ensure prompt handling.

← Back to Home
📊 Research & Experimental Use Only — Data sourced from public records, provided as-is without warranty. Not financial, investment, legal, or medical advice. For research & informational purposes only. You assume all risk. Always consult a licensed professional.