Legal

Privacy Policy

Effective April 19, 2026

1. Who we are

The Node (“The Node,” “we,” “us”) operates the website thenode.pro and the daily market-brief newsletter delivered from newsletter@thenode.pro. This policy explains what we collect, why, and your choices.

2. Information we collect

• Account info — when you subscribe, Shopify shares your name, email address, country, and order metadata with us so we can fulfil the subscription.
• Newsletter preferences — your watchlist (tickers you choose to track) and email opt-in status, stored in Google Firestore.
• Usage data — Cloud Run access logs (IP, user-agent, requested URL) retained for 30 days for security and reliability.
• Analytics — Google Analytics (gtag, ID G-6YDTK1TCZL) collects pseudonymous page-view and event data only after you accept analytics cookies in the consent banner.

3. How we use it

• Generate and deliver your personalised daily market brief.
• Authenticate you via the Shopify Customer Account API.
• Process subscription payments and webhooks via Shopify and Appstle.
• Send transactional and lifecycle email (welcome, billing, re-engagement).
• Detect abuse, debug errors, and improve the product.

4. Who we share it with

• Shopify Inc. — checkout, payment processing, customer accounts.
• Appstle — recurring subscription management on top of Shopify.
• Google LLC — Cloud Run hosting, Firestore database, Vertex AI (Gemini) for newsletter generation, Gmail API for sending email, Google Analytics 4.
• Klaviyo — only if you opt in to the marketing newsletter list.

We do not sell your personal information.

5. Email and unsubscribe

Every newsletter contains a one-click unsubscribe link and a List-Unsubscribe header so your mail client can opt you out. You can also toggle email delivery at any time from your account page. Unsubscribing stops the newsletter; cancelling your subscription requires using the Shopify customer portal.

6. Cookies

Strictly necessary cookies (the shopify_session JWT) are required for login and cannot be disabled. Analytics cookies (Google Analytics) are off by default and only load after you accept them via the cookie banner. You can withdraw consent at any time by clearing the thenode_cookie_consent entry in your browser's local storage.

7. Data retention

• Account data: as long as your subscription is active, plus 24 months.
• Generated newsletters: 12 months for replay/archive purposes.
• Server logs: 30 days.
• Analytics: 14 months (Google Analytics default).

8. Your rights

Depending on where you live (GDPR, CCPA, etc.) you have rights to access, correct, delete, or export your personal data, and to object to certain processing. Email privacy@thenode.pro and we'll respond within 30 days.

9. Security

Data is transmitted over TLS 1.2+, stored in Google Firestore (US region), and access is restricted to our Cloud Run service account using Workload Identity. Secrets are stored in Google Secret Manager. We follow the OWASP ASVS Level 2 baseline.

10. Children

The Node is not intended for users under 18. We do not knowingly collect data from children.

11. Changes

We'll post material changes here and update the “Effective” date. Continued use after changes means you accept the new terms.

12. Contact

The Node • privacy@thenode.pro