brieflings
Log in Sign up
Log in Sign up
Draft — not yet published. This document is a structured draft prepared from internal records. It has not been reviewed by legal counsel or a data-protection officer, and must not be treated as the published version until that review completes.

Privacy Policy

This notice explains what personal data Brieflings collects when you use the service, why we process it, who we share it with, and the choices and rights you have. It covers the web app, the briefs we prepare for you, your chats with the editor, and the emails we send. Your use of Brieflings is also governed by our Terms & Conditions.

Who we are

Brieflings is operated by Kirkton Labs LTD, 2 Thorne Road, Livingston, Scotland, EH54 7GL. For any question about this notice or about your data, contact us at contact@brieflings.com .

What data we collect

We collect only what the service needs to work:

  • Account data — your email address, display name, and a hashed password.
  • Profile and preferences — the preferences and personality traits you set, and your email-digest settings.
  • Your topics and briefs — the subjects you follow and their cadence settings, the briefs we prepare, and the findings within them.
  • Chats — your conversations with the editor, and the working notes the editor builds up about you to personalise future briefs.
  • Engagement signals — reactions, bookmarks, and similar signals used to tune what we surface.
  • Notification settings — your per-channel notification preferences and any Web Push subscriptions.
  • Records of agreement — when you accept this notice and our Terms at signup, we record that acceptance: the time, the document versions you agreed to, and your IP address.
  • Technical data — sign-in cookies and server logs needed to run and secure the service.

Why we process it, and our legal bases

We rely on performance of our contract with you — set out in our Terms & Conditions — to deliver the briefing service you signed up for, and on our legitimate interests to personalise briefs, keep the service secure, and improve it. Where we introduce optional analytics, we rely on your consent, captured through the cookie banner — see our cookie policy.

Who we share it with

We use a small set of trusted providers to operate the service. We do not sell your personal data and we do not use third-party advertising trackers.

  • MiniMax — generates the research and writing in your briefs. Operates in China.
  • Anthropic — reviews briefs for quality and powers chat with your editor. Operates in the United States.
  • Resend — delivers the emails we send you. Operates in the United States.
  • Grafana Cloud — stores our operational logs.
  • Revolut — processes card payments for paid plans, once billing is available. Operates in the United Kingdom.
  • PostHog (EU Cloud) — product analytics and session replay, only if you accept analytics on the cookie banner. See the section below.
  • Web Push services (Mozilla, Google, Apple) — deliver browser push notifications, only if you enable them.
  • Our hosting provider — runs the servers the service operates on.

Analytics and session replay

If you choose Accept on the cookie banner we send anonymised product-usage events and a session recording of your visit to PostHog (EU Cloud). We use this to understand how the site is used and to diagnose problems users report.

The recording captures pages you view and how you interact with them. Form inputs (your password, signup details, account settings) are masked before the recording leaves your browser, and the /ops operator console is excluded entirely. We retain recordings for 30 days. If you reject analytics on the banner, no events are sent and no recording is made; you can also change your choice at any time through the banner.

International transfers

Some of those providers operate outside the UK — notably MiniMax (China) and Anthropic and Resend (United States). Where personal data is transferred outside the UK, that transfer is protected by an appropriate safeguard. .

How long we keep it

We keep your account data and content for as long as your account is open. When you delete your account the removal is immediate. Some operational records have shorter lifetimes — for example, the detailed logs kept while preparing a brief are purged within 72 hours.

Some records held by our providers, and our backups, roll off on their own retention schedules rather than being deleted on request: provider-side email-delivery logs, log data held in our logging infrastructure, internal per-task log files, and backups that include data from before a deletion. Backups are never used to restore a deleted account. A small record that you accepted our policies is kept after deletion as proof of agreement, with your IP address removed. .

Your rights

You can access, correct, export, and delete your data, and object to certain processing. You can delete your account yourself at any time from Settings; some preferences and topic settings are editable there too. To exercise any other right, contact us at contact@brieflings.com — some requests are currently handled manually. You also have the right to complain to the UK Information Commissioner's Office (ICO).

Automated decision-making

We personalise your briefs based on the topics you follow and the signals you give us. We do not make any decision that produces a legal or similarly significant effect about you solely by automated means.

Cookies

Brieflings uses first-party cookies only. The full inventory and how to manage your choice are set out in our cookie policy.

Children

Brieflings is not directed at children and we do not knowingly collect data from them.

Changes to this notice

If we make material changes we will update the date shown above and, where appropriate, tell you directly.