Privacy Policy

1. Who We Are

IntelBrief (“we”, “our”, “us”) is a competitive intelligence SaaS platform. We are the data controller for personal data processed under this policy. You can reach us at hello@intelbrief.xyz.

2. Data We Collect

Account data: Email address, password (hashed), name, and company information you provide when signing up.

Usage data: Accounts you add for monitoring, settings you configure, digests generated, pages viewed, and features used.

Billing data: Billing is handled by Stripe. We store only your Stripe customer ID and subscription status — no card numbers or full billing details.

Technical data: IP address, browser type, and operating system, collected for security and service improvement. Session tokens for authentication.

Communications: If you email us, we keep those communications to respond and improve support.

3. How We Use Your Data

• Service delivery: Running competitive intelligence agents, generating your weekly digest, and sending email alerts.
• Account management: Authentication, billing, password resets, and account notifications.
• Product improvement: Aggregate analytics (no individual tracking) to understand which features are useful.
• Security: Detecting and preventing fraud, abuse, and unauthorized access.
• Legal compliance: Meeting obligations under applicable law.

4. Legal Basis (GDPR)

For users in the EU/EEA, we process personal data under the following legal bases:

• Contract performance: Processing necessary to provide the service you signed up for.
• Legitimate interests: Security monitoring, fraud prevention, and aggregate analytics.
• Consent: Marketing emails (you can withdraw at any time via the unsubscribe link).
• Legal obligation: Where required by law.

5. Email Communications

We send you transactional emails (account security, billing, digest delivery) and, with your consent, product updates. Every marketing email includes a one-click unsubscribe link. You can also manage digest preferences from your profile settings, or email us at hello@intelbrief.xyz to stop all non-essential emails.

6. Data Sharing

We do not sell your personal data. We share data only with the following service providers, under data processing agreements:

• Neon (Neon Inc.): PostgreSQL database hosting — stores all account and service data.
• Vercel: Hosting platform — processes requests and serves the application.
• Resend: Transactional email delivery — receives your email address to deliver digests and alerts.
• Stripe: Payment processing — handles billing independently under their own privacy policy.
• Anthropic: AI content generation — processes anonymized intelligence content (not your personal data) to generate digest summaries.

7. Data Retention

We retain your account data while your account is active. After account deletion, personal data is removed within 30 days. Anonymized aggregate analytics are retained indefinitely. Billing records are retained for 7 years as required by applicable law.

8. Your Rights (GDPR/CCPA)

Depending on your location, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data (available in your profile settings)
• Delete your account and all associated data (available in Profile › Danger Zone)
• Export your data in machine-readable format (available on paid plans via the REST API)
• Object to certain types of processing
• Withdraw consent for marketing communications at any time

To exercise these rights, use the in-app controls or contact us at hello@intelbrief.xyz. We will respond within 30 days.

9. Cookies

We use only essential cookies necessary for authentication (session management). We do not use advertising cookies, third-party tracking cookies, or analytics cookies that track individuals.

10. Security

We use industry-standard security practices: TLS encryption in transit, hashed passwords (never stored in plain text), access control on all API endpoints, and regular security audits. Despite our efforts, no system is 100% secure. If you discover a security issue, please disclose it responsibly at hello@intelbrief.xyz.

11. International Transfers

Our infrastructure is primarily hosted in the United States (Vercel, Neon). If you are in the EU/EEA, data is transferred to the US under Standard Contractual Clauses (SCCs) with our processors.

12. Children

IntelBrief is a business tool intended for use by adults (18+). We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, please contact us.

13. Changes to This Policy

We may update this policy to reflect changes in our practices or for legal reasons. We will notify you by email at least 14 days before material changes take effect.

14. Contact & Complaints

For privacy questions: hello@intelbrief.xyz. If you are in the EU and are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.