// Legal

Privacy Policy

This Privacy Policy describes how the AI Intelligence Briefing ("we," "us," or "our") collects, uses, and protects your personal data when you subscribe to our email newsletter service.

We are committed to protecting your privacy and complying with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Data We Collect

We collect only the minimum data necessary to provide the service.

Email address โ€” Required to send you the briefing.

Topic preferences โ€” Which AI topics you have selected.

Email theme preference โ€” Your chosen visual style.

Consent timestamp โ€” When you gave consent to subscribe (GDPR requirement).

Subscription status โ€” Whether your subscription is active or paused.

We do not collect: IP addresses, browsing data, device information, location data, or any other data beyond what is listed above.

We do not use cookies or any client-side tracking. Authentication uses tokens included in email links.

2. Legal Basis for Processing (GDPR)

We process your personal data on the basis of consent (Article 6(1)(a) GDPR). You provide explicit consent when you tick the consent checkbox at sign-up. You may withdraw consent at any time by unsubscribing or deleting your account.

We use double opt-in (email confirmation) to ensure consent is freely given, specific, informed, and unambiguous.

3. How We Use Your Data

Your data is used solely for the following purposes:

We do not use your data for advertising, profiling, or any purpose other than delivering the service you subscribed to.

4. Data Sharing and Third Parties

We share minimal data with the following service providers, solely to operate the service:

Resend (resend.com) โ€” Email delivery. Privacy Policy

Supabase (supabase.com) โ€” Database hosting (US). Privacy Policy

Vercel (vercel.com) โ€” Application hosting. Privacy Policy

Anthropic (anthropic.com) โ€” AI content generation. We do not send your personal data to Anthropic. Only topic search queries are processed. Privacy Policy

We do not sell, rent, or trade your personal data to any third party. We never have and never will.

5. Data Retention

We retain your data for as long as your subscription is active. If you request account deletion, all your personal data is permanently deleted immediately.

6. International Data Transfers

Our service providers may store and process data in the United States. By subscribing, you consent to this transfer. We rely on Standard Contractual Clauses and the service providers' own GDPR-compliant transfer mechanisms where applicable.

7. Your Rights (GDPR โ€” EU/EEA Residents)

Access

Request a copy of all data we hold about you.

Rectification

Correct inaccurate or incomplete data.

Erasure

Delete all your data immediately via your preferences page.

Portability

Receive your data in a structured, machine-readable format.

Objection

Object to processing and withdraw consent at any time.

Restriction

Request that we restrict processing of your data.

To exercise any of these rights, use your preferences page or email us at the address below. We will respond within 30 days.

8. Your Rights (CCPA โ€” California Residents)

We do not sell personal information. California residents may request access to, deletion of, or information about their personal data. Use your preferences page or contact us directly.

9. Security

All data is transmitted over encrypted connections (TLS/HTTPS). Access to subscriber data is restricted to the service operator only, protected by secure credentials and service-key authentication.

10. Children's Privacy

This service is not directed at children under 16. We do not knowingly collect data from children. Contact us to request immediate deletion if applicable.

11. Changes to This Policy

We will notify active subscribers of material changes by email before they take effect.

12. Contact

Email: privacy@yourdomain.com

We aim to respond to all privacy requests within 72 hours.