Power your AI workflows with the DEHY MCP server. Learn more →

Legal

Privacy Policy

Plain-English summary: we collect your email so you can sign in and receive alerts. We don't sell your data. We use a small set of named infrastructure providers who can technically see your data on our behalf.

Last updated: May 22, 2026

1. What we collect

2. What we do not collect

3. How we use your data

4. Infrastructure providers

DEHY runs on the following providers, each of which can technically access data we send them as part of operating the Service:

5. Cookies

DEHY sets a single session cookie (authjs.session-token) when you sign in. It is HttpOnly and SameSite=Lax. We do not use advertising cookies or third-party analytics cookies.

6. Your rights

Depending on where you live, you may have rights under the GDPR, CCPA, or similar laws, including the right to:

To exercise any of these rights, email privacy@dehy.io. We respond within thirty days.

7. Retention

Account data is retained while your account is active. Session data is retained for thirty days after each sign-in. Public filing data (issuers, reporters, transactions) is retained indefinitely as part of the public record we surface.

8. International transfers

Our infrastructure providers operate in the United States and the European Union. Where we transfer personal data across borders, we rely on the relevant providers' standard contractual clauses.

9. Children

DEHY is not directed at children under thirteen and we do not knowingly collect data from them.

10. Changes

Material changes to this policy will be announced via email to active accounts.

11. Contact

Privacy questions or requests: privacy@dehy.io.

This policy is a starting template. We recommend reviewing it with counsel before relying on it for compliance.

Back to overview