Early Access — free while we kick the tires
EdgarHawk

Privacy policy

How we handle your data.

Last updated: 2026-04-22

What we collect

  • Email address. Required to create an account and to deliver your alerts.
  • Password. Stored only as a bcrypt hash. We cannot read or recover your password.
  • Watchlist tickers. The stocks you’ve chosen to follow.
  • Alert history. Which filings triggered an email to you, and when.
  • Minimal request logs. Standard web-server logs for security and debugging (IP, user-agent, path). Rotated and discarded on a short window.

We do not collect analytics on your browsing, do not embed third-party trackers, and do not fingerprint you. There is no advertising on EdgarHawk and no plan to add any.

What we do with it

Your email and watchlist exist for one reason: so we can send you the alerts you asked for. Alert history lets us avoid sending you the same filing twice and power the “Recent Alerts” view on your dashboard. That’s it.

We may send transactional emails related to your account — email verification, password resets — and, rarely, service notices (planned maintenance, material policy changes). We do not send marketing email.

Third parties

To operate EdgarHawk we rely on a small set of vendors. Your email address travels through them in the course of normal operation; your password never does.

  • Resend — delivers our transactional and alert emails.
  • Anthropic — runs the Claude model we use for filing triage. We send the filing data (which is already public on EDGAR) to Anthropic for analysis. We never send your personal information.
  • Hostinger — hosts the application server.

Cookies

We use exactly one cookie: an HttpOnly, Secure, SameSite=Lax access_token that keeps you logged in. It expires with your session. There are no tracking cookies, no analytics cookies, no third-party cookies.

Your rights

  • Delete any ticker from your watchlist at any time from the dashboard.
  • One-click unsubscribe from any alert email — it removes that ticker from your watchlist immediately, no dark-pattern confirmation required.
  • Delete your account. Email david@meuniergroup.com and we will hard-delete your account and all associated data within one business day. (Self-serve account deletion is on the near-term roadmap.)
  • Request a copy of the data we hold about you. Same email, same response time.

Security

Passwords are stored as bcrypt hashes. All traffic to edgarhawk.com is served over HTTPS. Database backups are encrypted at rest. We are a small team; security practices will keep improving as the service grows.

Changes

If we make a material change to this policy, we’ll update the “Last updated” date above and email existing subscribers. Minor editorial tweaks don’t trigger a notification.

Contact

Questions? david@meuniergroup.com.