Privacy Policy | FedHorizon

Privacy at a Glance

We do not sell your personal information. Ever.

We do not share your data with advertisers. FedHorizon is ad-free.

We collect only what we need to operate the Service and fulfill your purchase.

You can request deletion of your data at any time by emailing privacy@fedhorizon.com, subject to legal retention obligations (see Section 6).

1. Who We Are

This Privacy Policy describes how Northsight Holdings LLC, a Wyoming limited liability company operating under the trade name “FedHorizon” (“we,” “us,” or “our”), collects, uses, and protects information about you when you use fedhorizon.com and any associated products or services (the “Service”).

By using the Service, you agree to the collection and use of information as described in this Policy. This Policy is incorporated into and subject to our Terms of Service.

2. Information We Collect

2.1 Information You Provide Directly

When you use the Service, you may provide:

Retirement planning inputs such as your retirement system (FERS), years of service, high-3 salary, planned retirement date, and age — used solely to generate your report
Email address, if you create an account or opt into communications
Payment information processed securely by Stripe, Inc. — we never store your full card number or CVV
Any messages or inquiries you send us via email or contact forms

2.2 Information Collected Automatically

When you visit the Service, we or our service providers may automatically collect:

Device and browser type, operating system, and IP address
Pages visited, time spent on pages, and referring URLs
General geographic location (city/region level, derived from IP address)
Cookies and similar tracking technologies as described in Section 5

Guest and anonymous users: If you use the Service without creating an account (for example, running the free Instant Estimate tool), we collect the same automatic information described above. Any retirement planning inputs you enter as a guest are used solely to generate your in-session estimate and are not stored beyond 24 hours unless you create an account or explicitly save your results.

2.3 Information We Do Not Collect

We do not collect your Social Security Number, full date of birth, government employee ID, agency affiliation, or any classified or sensitive government information. The retirement planning inputs you provide are estimates used solely to generate your report and are not verified against any government database.

3. How We Use Your Information

We use the information we collect to:

Generate and deliver your retirement scenario reports and other purchased content
Process payments and send purchase confirmations and receipts
Respond to your questions, support requests, and feedback
Send you service-related communications (account notices, policy updates)
Send optional marketing emails only if you have opted in — you may opt out at any time
Improve the accuracy, reliability, and usability of the Service
Detect and prevent fraud, abuse, and unauthorized access
Comply with applicable legal obligations

We do not use your retirement planning inputs to build profiles, make automated decisions about you, or share your data with any government agency.

4. How We Share Your Information

4.1 Service Providers

We share information with a limited set of trusted third-party vendors who help us operate the Service. These vendors are contractually obligated to use your information only as directed by us and may not use it for their own purposes. Current key vendors include:

Stripe, Inc. — payment processing
Vercel, Inc. — website hosting and infrastructure
Supabase, Inc. — database and authentication services
Anthropic, PBC — AI-generated narrative content within reports. We do not send personally identifying information (such as your name or email) to the AI layer. Retirement planning inputs processed through Anthropic’s API are subject to Anthropic’s API data use policy, which prohibits using API inputs to train Anthropic’s models. Your financial inputs are not used to train AI.
Email service provider — transactional and optional marketing emails

4.2 Legal Requirements

We may disclose your information if required to do so by law, court order, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, prevent fraud, or respond to a government request.

4.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on the Service before your information becomes subject to a different privacy policy.

4.4 What We Never Do

We do not sell your personal information to any third party
We do not share your data with advertisers or data brokers
We do not disclose your retirement planning inputs to any government agency, your employer, or any other party without your explicit consent

5. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Service. The types we use include:

Essential cookies: required for the Service to function, including session management and secure login
Analytics cookies: help us understand how visitors use the Service so we can improve it (e.g., page views, traffic sources). We use privacy-respecting analytics that do not fingerprint individual users
Payment cookies: set by Stripe to enable secure payment processing

We do not use advertising cookies or cross-site behavioral tracking cookies. You can control cookie settings through your browser. Disabling essential cookies may prevent certain features from working.

Do Not Track: Our Service does not currently respond to browser Do Not Track (DNT) signals, as there is no consistent industry standard for how DNT signals should be interpreted. We do not use advertising or cross-site tracking cookies regardless of DNT status.

6. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Policy, subject to the following:

Account data: retained until you request deletion or your account is inactive for 3 years
Purchase records and receipts: retained for 7 years to satisfy tax and accounting obligations — this data cannot be deleted on request due to legal requirements
Retirement planning inputs used to generate a report: retained for 90 days after report delivery, then permanently deleted. If you have an active account, inputs associated with saved reports are retained until you delete that report or close your account — not indefinitely
Support communications: retained for 2 years
Guest session data (non-account users): retirement planning inputs not saved to an account are deleted within 24 hours of your session

When we delete data, we remove it from our active systems within 30 days of the deletion trigger. Residual copies in encrypted backups are purged on our standard 30-day backup rotation schedule. Deletion requests submitted under Section 9 will be fully honored — including backup purge — within this window, except for data subject to legal retention obligations noted above.

7. Data Security

We implement reasonable technical and organizational safeguards to protect your information, including:

Encrypted transmission via HTTPS/TLS for all data in transit
Encryption at rest for sensitive stored data
Access controls limiting employee access to personal data on a need-to-know basis
Payment data handled exclusively by Stripe under PCI-DSS compliance — we never receive or store raw card data

No method of transmission or storage is 100% secure. While we work hard to protect your information, we cannot guarantee absolute security. If you believe your account has been compromised, contact us immediately at privacy@fedhorizon.com.

8. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you promptly in accordance with applicable law. Our breach response process includes:

Notification within 72 hours of discovering a breach where feasible, and no later than required by applicable state law
Notification delivered via email to the address associated with your account, or by prominent notice on the Service if email is unavailable
Notice will describe: the nature of the breach, the categories of data affected, the steps we are taking to address it, and what you can do to protect yourself

We maintain an incident response plan and conduct periodic reviews of our security practices. If you suspect your account or data has been compromised, please contact us immediately at privacy@fedhorizon.com.

9. Your Rights and Choices

Regardless of your location, you have the following rights with respect to your personal information:

Access: request a copy of the personal information we hold about you
Correction: request that we correct inaccurate or incomplete information
Deletion: request that we delete your personal information, subject to our legal retention obligations (see Section 6 for specific categories that must be retained)
Opt-out of marketing: unsubscribe from marketing emails at any time via the unsubscribe link in any email or by contacting us
Data portability: request your data in a portable format where technically feasible

To exercise any of these rights, contact us at privacy@fedhorizon.com. We will respond within 30 days. We may need to verify your identity before processing your request.

California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act, including the right to know specific categories of personal information collected, the right to opt out of sale (we do not sell personal information), and the right to non-discrimination for exercising your privacy rights. To submit a verifiable consumer request, contact us at privacy@fedhorizon.com.

Virginia, Colorado, and Other U.S. State Residents

Residents of states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, and others) have rights similar to those described above. We honor these rights regardless of your state of residence. Contact us at privacy@fedhorizon.com to exercise them.

10. Children’s Privacy

The Service is not directed to individuals under the age of 18. Use of the Service requires users to be at least 18 years of age, consistent with our Terms of Service. We do not knowingly collect personal information from anyone under 18. If we learn that we have inadvertently collected information from an individual under 18, we will delete it promptly. If you believe a minor has provided us with personal information, please contact us at privacy@fedhorizon.com.

11. Third-Party Links and Services

The Service may contain links to third-party websites, including OPM resources, financial planning tools, or government sites. This Privacy Policy does not apply to those sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the Effective Date at the top of this page. For material changes, we will provide notice via email (if we have your address) or a prominent notice on the Service at least 30 days before the change takes effect. For non-material changes, we may update the Policy without prior notice. Your continued use of the Service after notice constitutes acceptance of the updated Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

FedHorizon, a DBA of Northsight Holdings LLC
Privacy inquiries: privacy@fedhorizon.com
Website: fedhorizon.com/privacy

We take privacy concerns seriously and will respond to all inquiries within 30 days.