Privacy Policy

1. Introduction

Stratford Research Group ("Company," "we," "us," or "our") operates the OPTIC platform at optic.stratfordresearchgroup.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By accessing or using the Service, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

We collect the following categories of information:

a. Information You Provide

• Account information: name, email address, and password when you register through our authentication provider (Clerk).
• Billing information: payment details processed securely through Stripe. We do not store your full credit card number on our servers.
• Phone number: if you opt in to SMS alert notifications, we collect your phone number to deliver text messages.
• Webhook URLs: if you configure webhook alert delivery, we store the endpoint URL you provide.
• Alert configurations: criteria, preferences, and settings you configure for ad monitoring alerts.
• Communications: any correspondence you send to us, including support requests and feedback.

b. Automatically Collected Information

• Usage data: pages visited, features used, search queries, and interaction patterns within the Service.
• Device information: browser type, operating system, IP address, and device identifiers.
• Cookies and similar technologies: session cookies for authentication and preferences. See Section 8 for details.

3. How We Use Your Information

We use collected information for the following purposes:

• Provide, operate, and maintain the Service, including ad monitoring, analytics, and AI-powered insights.
• Process transactions and manage your subscription.
• Send alert notifications via your selected delivery methods (email, SMS, and/or webhook).
• Communicate with you about your account, service updates, and respond to support inquiries.
• Improve the Service through usage analytics and feature development.
• Detect, prevent, and address technical issues, fraud, or security threats.
• Comply with legal obligations.

4. SMS Notifications & Consent

If you enable SMS as a notification method for Ad Alerts, you expressly consent to receive automated text messages from OPTIC at the phone number you provide. These messages contain alert notifications about political advertising activity matching your configured criteria.

• Frequency: message frequency depends on your alert configuration (daily, weekly, or custom schedule). You will only receive messages when your alert criteria are matched.
• Opting out: you may opt out of SMS notifications at any time by removing SMS as a notification method in your alert settings, or by contacting us at info@stratfordresearchgroup.com.
• Message and data rates: standard message and data rates from your wireless carrier may apply.
• No purchase required: consent to receive SMS is not a condition of purchasing or using the Service. SMS is an optional notification channel available on Business and Enterprise plans.
• Carrier liability: carriers are not liable for delayed or undelivered messages.

We use Twilio, a third-party service provider, to deliver SMS messages. Your phone number is shared with Twilio solely for message delivery. See Twilio's privacy policy at twilio.com/legal/privacy for information on how they handle data.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Service providers: third-party vendors that assist in operating the Service, including Clerk (authentication), Stripe (payments), Resend (email delivery), and Twilio (SMS delivery). These providers only access information necessary to perform their services and are contractually obligated to protect it.
• Legal requirements: when required by law, regulation, legal process, or governmental request.
• Business transfers: in connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
• With your consent: when you have given explicit permission to share information for a specific purpose.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Alert configurations, notification history, and associated data are retained while your account exists. If you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law. Billing records may be retained for up to 7 years for tax and legal compliance purposes.

7. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS/SSL), secure database storage, and access controls. Authentication is managed through Clerk, and payment processing is handled by Stripe, both of which maintain SOC 2 compliance. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

8. Cookies & Tracking Technologies

We use cookies and similar technologies to maintain your session, remember your preferences, and improve the Service. The types of cookies we use include:

• Essential cookies: required for authentication and core Service functionality.
• Preference cookies: remember your settings, such as alert notification preferences and dashboard configurations.
• Analytics cookies: help us understand how users interact with the Service to improve features and performance.

9. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: request a copy of the personal information we hold about you.
• Correction: request correction of inaccurate or incomplete information.
• Deletion: request deletion of your personal information, subject to legal retention requirements.
• Opt-out: opt out of marketing communications, SMS notifications, or certain data processing activities.
• Data portability: request your data in a structured, commonly used format.

To exercise any of these rights, contact us at info@stratfordresearchgroup.com. We will respond within 30 days.

10. Third-Party Services

The Service integrates with third-party services to provide functionality. These include authentication (Clerk), payment processing (Stripe), email delivery (Resend), SMS delivery (Twilio), and AI capabilities (Anthropic). Each third-party service has its own privacy policy governing how they handle your data. We encourage you to review their policies. We are not responsible for the privacy practices of third-party services.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers and service providers are located. By using the Service, you consent to the transfer of your information to these jurisdictions, which may have different data protection laws than your country.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by posting the updated policy on this page with a revised "Last updated" date. For significant changes, we may also send notification via email. Continued use of the Service after changes constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: