Privacy Policy

1. Introduction

Daily Brief ("we", "us", "our") operates dailybriefmail.com. This Privacy Policy explains what data we collect, how we use it, and your rights with respect to it.

2. Data We Collect

We collect the following information:

• Account data: your email address, name, and authentication credentials (passwords are hashed by Supabase Auth; we never store plain-text passwords).

• Configuration data: your module preferences, locations, topics, and other settings you provide when customizing your brief.

• Usage data: email send logs and delivery status.

• Payment data: subscription and billing status. All payment processing is handled by Stripe. We never see, store, or process your card details.

3. How We Use Your Data

We use your data to:

• Generate and deliver your personalized daily email brief.

• Manage your account and subscription.

• Improve the reliability and quality of the service.

We do not sell your data to third parties. We do not share your module configuration or personal details with advertisers.

4. Third-Party Service Providers

We rely on a small set of trusted third-party service providers to operate Daily Brief, including providers for content generation, email delivery (Resend), and payment processing (Stripe). We share only the minimum information necessary with each provider. For content generation we send your preferences and configuration (such as topics, locations, and interests), and we do not share your name or email address. Each provider's own privacy policy governs their handling of any data shared with them.

5. Email Delivery

Emails are sent via Resend, a transactional email service. Your email address is shared with Resend solely for the purpose of delivering your daily brief. Resend's privacy policy governs their handling of this data.

6. Data Retention

Your data is retained for as long as your account remains active. Upon account deletion, your profile, module configuration, and associated data will be permanently deleted within 30 days.

7. Cookies

We use only essential session cookies required for authentication. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

8. Your Rights

You may request a copy of the personal data we hold about you, ask us to correct inaccuracies, or delete your account at any time from your dashboard settings. For data requests, contact us at: support@dailybriefmail.com.

9. Security

Your data is stored in Supabase (PostgreSQL) with row-level security policies that prevent unauthorized access. Authentication credentials are never stored in plain text. All data is transmitted over HTTPS with TLS encryption.

10. Children

Daily Brief is not intended for users under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

11. Changes to This Policy

We will notify users of material changes to this Privacy Policy via email before they take effect. Continued use of the service after changes take effect constitutes acceptance of the revised policy.

12. Contact

For privacy-related questions or data requests, please contact us at: support@dailybriefmail.com.