Brain Brief ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data when you use Brain Brief ("the Service").
1. Information We Collect
We collect the following types of information:
Information you provide directly
- Email address — required to create your account and deliver briefings
- Display name — optional, used to personalize your briefings
- Topic preferences — the topics you select for your briefings
- Profile question response — optional self-description (e.g., "Tech professional," "Student") to help us understand our audience
Information collected automatically
- Usage data — when you generate briefings, open emails, and interact with the Service
- UTM parameters — if you arrive via a referral link, we capture the source, medium, and campaign parameters to understand how users discover Brain Brief
- Authentication data — session tokens and login timestamps managed by our authentication provider
2. How We Use Your Information
We use your information to:
- Generate and deliver briefings — your topics are sent to our AI system to produce personalized briefings, which are delivered to your email
- Manage your account — authentication, subscription management, and support
- Improve the Service — understanding usage patterns helps us build a better product
- Communicate with you — trial status updates, subscription confirmations, service announcements, and support responses
- Analyze growth — UTM data and profile responses help us understand our audience and improve our marketing
3. Third-Party Services
We use the following trusted third-party services to operate Brain Brief. Each processes only the data necessary for their specific function:
- Supabase — database storage and user authentication. Stores your account data, topics, and briefing history.
- Stripe — payment processing. Handles subscription billing securely. We do not store your credit card details — Stripe manages all payment data.
- Resend — email delivery. Sends your daily briefings and account-related emails.
- Google Gemini — AI content generation. Your topic names are sent to Google's Gemini API with real-time web search to generate briefing content. No personal information beyond topic names is shared.
- Vercel — hosting and infrastructure. Serves the web application and runs our backend services.
4. Data Sharing and Sales
We do not sell, rent, or trade your personal data to third parties.
We share data with third-party services only as described in Section 3, solely for the purpose of operating the Service. We may disclose your information if required by law or to protect our rights, safety, or property.
5. Cookies and Tracking
Brain Brief uses minimal cookies:
- Authentication session cookies — essential cookies that keep you logged in. These are strictly necessary for the Service to function and cannot be disabled.
We do not use advertising cookies, tracking pixels, or third-party analytics cookies. We do not participate in ad networks or cross-site tracking.
6. Data Retention
We retain your data as follows:
- Active accounts: Your data is retained for as long as your account is active.
- Inactive accounts: If your account has been inactive for more than 12 months, we may reach out before deleting your data.
- Account deletion: When you request account deletion, we remove your personal data within 30 days. Some anonymized, aggregated data may be retained for analytics purposes.
- Briefing history: Past briefings are retained while your account is active so you can reference them from your dashboard.
7. Your Rights
You have the right to:
- Access your data — view all data we have about you from your dashboard
- Export your data — request a copy of your data by contacting us
- Delete your data — request complete deletion of your account and all associated data
- Update your data — modify your name, email, topics, and preferences from your dashboard
- Unsubscribe from emails — every email includes an unsubscribe link; you can also manage email preferences from your dashboard
- Cancel your subscription — at any time, with no penalty
To exercise any of these rights, contact us at support@brainbrief.app.
8. Email Communications
We send the following types of emails:
- Briefing emails — your personalized news briefings, based on the topics and frequency you selected
- Account emails — email confirmations, password resets, and subscription receipts
- Trial and lifecycle emails — trial status updates and subscription reminders during and immediately after your free trial
We will never send unsolicited spam, sell your email address, or share it with third parties for marketing purposes. All emails comply with the CAN-SPAM Act and include a clear unsubscribe mechanism.
9. Children's Privacy
Brain Brief is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete that information promptly. If you believe a child under 13 has provided us with personal data, please contact us at support@brainbrief.app.
10. Security
We take the security of your data seriously and implement industry-standard measures to protect it, including:
- Encrypted data transmission (HTTPS/TLS) for all communications
- Secure authentication through Supabase Auth
- Payment data handled exclusively by Stripe (PCI DSS compliant)
- Access controls and service-role separation for database operations
While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
11. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or through the Service before the changes take effect. Your continued use of the Service after such changes constitutes acceptance of the updated policy.
12. Contact
If you have questions or concerns about this Privacy Policy or how we handle your data, please contact us at:
support@brainbrief.app