1. Scope and who we are
Signal87 AI provides document intelligence tools that let users upload records, ask questions, save analyses, and retrieve evidence-backed results. This policy applies to signal87.ai, the Signal87 workspace, and the Signal87 for ChatGPT app.
For privacy questions or requests, contact contact@signal87.ai.
2. Information we collect
Account and workspace information
- Email address, display name, workspace membership, and role supplied through Sign in with ChatGPT or another enabled identity provider.
- Subscription, plan, and account administration information.
User content
- Documents and files you choose to upload, including their filenames, file types, sizes, and content.
- Questions, prompts, selected document references, saved analyses, organized tables, findings, calculations, and source citations.
- When you connect Signal87 to ChatGPT, the specific search query ChatGPT sends and the matching saved answer or document record returned at your request.
Connection and security information
- OAuth client registration details, authorization grants, token hashes, scopes, and expiration times.
- Limited technical and security information needed to operate, protect, and troubleshoot the service. We do not intentionally include document contents or raw access tokens in application error logs.
3. How we use information
- Provide document upload, storage, analysis, search, retrieval, citation, history, and account features.
- Authenticate users, enforce workspace permissions, secure OAuth connections, prevent abuse, and troubleshoot failures.
- Return only the saved analysis or document record relevant to a user-requested ChatGPT search.
- Maintain, improve, and support Signal87, subject to our contractual and legal obligations.
We do not sell personal information or use document contents for behavioral advertising.
4. When information is disclosed
We disclose information only as needed to provide the service, follow your instructions, protect the service, or comply with law. Categories of recipients may include:
- OpenAI/ChatGPT: when you connect the Signal87 app and ask ChatGPT to search or retrieve your Signal87 content, the relevant tool output is sent to ChatGPT under your active connection.
- Infrastructure providers: hosting, database, object-storage, security, and delivery providers that process data for Signal87.
- AI model providers: when you run a document analysis in Signal87, selected documents and prompts may be sent to the configured model provider to produce the requested result.
- Legal and safety recipients: when reasonably necessary to comply with law, enforce agreements, or protect rights, safety, and security.
We do not make your uploaded documents or saved analyses public.
5. Retention
- Documents and saved analyses: retained while your workspace or account remains active, until you delete them, an authorized administrator removes them, or the account is closed, subject to limited backup and legal-retention requirements.
- OAuth authorization codes: expire after 10 minutes and are deleted when exchanged.
- OAuth access grants: expire after 30 days and may be revoked earlier from Signal87 connection settings or ChatGPT app settings.
- Security and operational records: retained only as long as reasonably needed for security, reliability, dispute resolution, and legal compliance.
6. Your controls and choices
- Review and delete source documents and saved analysis history from your Signal87 workspace.
- Review or revoke active ChatGPT grants in Signal87 connection settings.
- Disconnect Signal87 from ChatGPT app settings.
- Request access, correction, deletion, restriction, portability, or other applicable privacy rights by contacting us.
Some requests may require identity verification. Workspace administrators may control organizational records under their agreements with Signal87.
7. Security and international processing
We use access controls, scoped authorization, encrypted transport, hashed OAuth tokens, short-lived authorization codes, and workspace-level isolation designed to protect information. No service can guarantee absolute security.
Signal87 and its providers may process information in the United States and other countries where they operate. Where required, we use appropriate safeguards for cross-border transfers.
8. Children and changes
Signal87 is not directed to children under 13. If we learn that we collected information from a child under 13, we will take appropriate steps to delete it.
We may update this policy as the service or legal requirements change. We will post the updated date and provide additional notice when required.