Privacy Policy

When you register, we collect your email address, username, display name, and optional bio. This information is necessary to create and manage your account.

When your clients use your brief page, we collect their name, optional email address, and the contents of the conversation with the AI. This data is stored as a "brief" in your dashboard.

We do not collect payment information directly — payments are processed by Paddle, a third-party payment provider.

Account data (email, username) is used solely to authenticate you and operate your account. We do not sell or share it with third parties for marketing purposes.

Brief data (client conversations and summaries) is stored on your behalf so you can access it from your dashboard. We do not read or analyse your clients' briefs.

We may use anonymised, aggregated usage statistics (e.g. number of briefs created) to improve the product. This data cannot identify you or your clients.

BriefAI uses the Anthropic Claude API to power client conversations. Messages sent during a brief session are transmitted to Anthropic's servers for processing. Please review Anthropic's privacy policy at anthropic.com/privacy for details on how they handle data.

We do not use your data to train AI models. Conversations are processed in real time and are not retained by Anthropic beyond their standard API data retention policy.

Your data is stored in Supabase, a secure cloud database hosted on AWS infrastructure. All data is encrypted at rest and in transit using industry-standard TLS encryption.

Access to your data is protected by Row Level Security (RLS) policies — only you can access your own briefs and settings. Client brief data is written using a server-side service role and is not publicly accessible.

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently deleted within 30 days.

BriefAI uses only essential session cookies required for authentication (managed by Supabase Auth). We do not use third-party tracking cookies, analytics pixels, or advertising cookies.

Your theme preference (dark/light mode) is stored in your browser's localStorage. This data never leaves your device.

Anthropic — AI processing for client conversations (anthropic.com)

Supabase — database and authentication infrastructure (supabase.com)

Paddle — payment processing for paid plans (paddle.com, applicable when billing is live)

Each service has its own privacy policy and data processing terms. We only share the minimum data required for each service to function.

You may request a copy of all personal data we hold about you by emailing us. We will respond within 30 days.

You may request deletion of your account and all associated data at any time.

If you are in the European Economic Area (EEA), you have additional rights under GDPR, including the right to data portability and the right to lodge a complaint with a supervisory authority.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify you by email.

Continued use of BriefAI after changes are posted constitutes your acceptance of the updated policy.

If you have any questions about this Privacy Policy or how we handle your data, please contact us at privacy@briefai.com.