Briefly

Privacy Policy

Last updated: 9 June 2026

1. Who we are

Briefly is operated by Locryn Thomas, a sole trader based in the United Kingdom. Our contact email is hello@brieflynews.org.

2. What we collect

We collect the following categories of personal data:

  • Account data — your name, email address, and authentication tokens provided when you sign up via Google OAuth.
  • Connected source data — with your explicit permission, we read email subjects and short previews, calendar event titles and times, Notion page titles, and Stripe revenue summaries. We never read full email bodies beyond a 200-character preview, and we never access attachments or passwords.
  • Generated briefs — the daily summaries Briefly produces for you, stored so you can review past briefs.
  • Memory notes — preferences and context you add manually or that Briefly infers from your feedback.
  • Technical data — IP address, browser type, and usage logs collected automatically for security and performance.

3. How we use your data

We use your data to:

  • Compose your personalised daily brief
  • Store your preferences and memory so briefs improve over time
  • Send you your brief and transactional emails (billing, account alerts)
  • Process payments via Stripe
  • Monitor service health and fix bugs

4. AI processing and our sub-processors

Generating your brief requires sending a subset of your data to AI providers. Specifically, email subjects, calendar titles, and Notion page titles may be included in prompts sent to:

Neither Anthropic nor OpenAI trains on data submitted via their APIs. Standard Contractual Clauses apply to these international transfers.

Our other sub-processors include:

  • Supabase — database and authentication (hosted in EU)
  • Vercel — application hosting (US)
  • Resend — transactional email delivery (US)
  • Google — OAuth sign-in and Gmail/Calendar access (US)
  • Stripe — payment processing (US)
  • Notion — workspace data access, with your permission (US)

5. Legal basis

We process your data on the following legal bases:

  • Contract performance — processing your account data and connected source data is necessary to provide the Briefly service you signed up for.
  • Consent — sending your data to AI providers for brief generation. You consent to this during onboarding and may withdraw consent at any time via Settings → Privacy. Withdrawing consent will pause brief generation.
  • Legitimate interests — security monitoring and service improvement, where this does not override your rights.

6. Data retention

  • Your preferences and memory notes are retained while your account is active.
  • Generated briefs are retained for 12 months.
  • Upon account deletion, all your personal data is deleted within 30 days.

7. Your rights

Under UK GDPR, you have the right to:

  • Access — request a copy of your data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data
  • Portability — receive your data in a machine-readable format
  • Withdraw consent — stop AI processing at any time
  • Complain — lodge a complaint with the ICO

Exercise any of these rights via Settings → Privacy & Data or by emailing hello@brieflynews.org.

8. International transfers

Some of our sub-processors are based in the United States. Where personal data is transferred outside the UK, we rely on Standard Contractual Clauses approved by the UK Information Commissioner.

9. Children

Briefly is intended for users aged 16 and over. We do not knowingly collect data from anyone under 16.

10. Changes to this policy

If we make material changes, we'll notify you by email at least 30 days before the changes take effect. Continued use after that date constitutes acceptance.

11. Contact

For any privacy-related questions, email hello@brieflynews.org.

Effective date: 9 June 2026.

Terms of ServiceBack to home