Privacy Policy

Silmarl is a service that provides plain-language summaries of SEC filings. We are operated as a sole proprietorship. References to "we," "us," or "Silmarl" throughout this policy refer to the operator of this service.

Questions about this policy can be directed to hello@silmarl.com.

We collect only what we need to run the service:

• Account information - email address, provided at sign-up via Clerk.
• Usage data - API key activity, summary request counts, and filing history associated with your account.
• Billing data - payment information is processed and stored by Stripe. We store only your Stripe customer ID.
• Log data - standard server logs including IP addresses, request timestamps, and error traces, retained for up to 30 days.

We do not collect browsing behavior, sell data to advertisers, or run third-party tracking scripts.

Your data is used to:

• Authenticate your account and authorize API access
• Enforce plan quotas and rate limits
• Process payments and manage subscriptions
• Show you your summary history in the dashboard
• Respond to support requests
• Diagnose errors and improve reliability

We do not use your data to train AI models.

When you request a summary, we fetch the relevant filing text from SEC EDGAR (a public government database). That text is sent to Anthropic's Claude API to generate the summary.

Generated summaries are cached on our servers to speed up repeat requests. Raw filing text is not stored. Your API requests are not logged in a way that links them to your identity beyond what is necessary for quota tracking.

Anthropic processes the filing text under their own privacy policy. We recommend reviewing it at anthropic.com if you have concerns about how that data is handled.

We share data only with the vendors necessary to operate the service:

• Clerk - authentication and user management
• Stripe - payment processing
• Upstash - Redis-based data storage
• Anthropic - AI summary generation
• Vercel - hosting and infrastructure

We do not sell, rent, or trade your personal information.

Your account data is retained for as long as your account is active. If you close your account, we will delete your personal information within 30 days, except where we are required to retain it for legal or financial record-keeping purposes (typically 7 years for billing records).

Summary history is capped at your 50 most recent summaries and is deleted when your account is deleted.

You can, at any time:

• Access the data we hold about you by emailing hello@silmarl.com
• Request correction of inaccurate information
• Request deletion of your account and associated data
• Export your summary history from your dashboard

If you are located in the EU or UK, you have additional rights under GDPR and UK GDPR, including the right to data portability and the right to lodge a complaint with a supervisory authority.

We use only the cookies necessary for authentication (set by Clerk) and session management. We do not use advertising cookies or third-party tracking cookies.

API keys are stored as SHA-256 hashes; we never store your raw key. Connections are encrypted via TLS. We apply standard security practices but cannot guarantee absolute security of data transmitted over the internet.

We may update this policy as the service evolves. Material changes will be announced via email to registered users. Continued use of the service after changes take effect constitutes acceptance of the updated policy.

For any privacy-related questions or requests, email us at hello@silmarl.com. We aim to respond within 5 business days.