Privacy Policy

Last updated: March 28, 2026

Briffly is built on the belief that a great reading experience does not require invasive data collection. This policy explains what we collect, why, and how we protect your information. We aim to be straightforward - no legalese walls, no hidden practices.

Information We Collect

We collect only the information necessary to provide and improve the Service:

  • Account information: Your email address and display name. If you sign in with Apple or Google, we receive the name and email address associated with that account.
  • Reading preferences: The tags, categories, and publications you choose to follow.
  • Interaction data: Articles you read, like, save for later, and comments you post. This data is used to personalize your feed and improve recommendations.
  • Device information: Basic device and app version information sent with API requests for debugging and compatibility purposes.

How We Use Your Information

Your data serves one primary purpose: making your news feed better.

  • Personalization: We use your reading history and preferences to generate vector embeddings that represent your interests. These embeddings power the similarity search that ranks and recommends articles in your feed.
  • Improving recommendations: Aggregate, anonymized interaction patterns help us tune our recommendation algorithms for all users.
  • Service communication: We may send you transactional emails related to your account, such as one-time login passcodes.

What We Don't Do

We believe in earning your trust through restraint:

  • We do not sell your personal data to anyone, ever.
  • We do not track you across other websites or apps.
  • We do not use third-party advertising trackers or analytics platforms that profile you.
  • We do not share your reading history with publishers or any third parties.
  • We do not build advertising profiles based on your behavior.

Data Storage

Your data is stored securely using industry-standard infrastructure:

  • PostgreSQL: Your account information, reading preferences, and interaction history are stored in a PostgreSQL database with the pgvector extension for embedding storage.
  • Redis: Used for session management and application caching. Session data is ephemeral and expires automatically.

All data is transmitted over encrypted connections (HTTPS/TLS). Database access is restricted to the application layer and is not exposed to the public internet.

Third-Party Services

We use a limited number of third-party services to operate Briffly:

  • OpenAI: We send article text (not your personal data) to OpenAI's API to generate vector embeddings and optional article summaries. Your reading history, preferences, and account information are never sent to OpenAI.
  • Apple & Google: If you choose to sign in with Apple or Google, the authentication flow is handled by their respective OAuth services. We only receive the basic profile information (name and email) that you authorize.
  • AWS S3: Used for storing article images. No personal user data is stored in S3.

Data Retention

We retain your account data and interaction history for as long as your account is active. If you delete your account, all personal data - including your reading history, preferences, saved articles, likes, and comments - is permanently deleted from our systems. We do not maintain shadow profiles or retain personal data after account deletion.

One-time login passcodes expire automatically and are removed from our systems within 24 hours of generation.

Your Rights

You have full control over your data:

  • Access and export: You can request a complete export of your personal data at any time by contacting us.
  • Correction: You can update your account information directly within the app.
  • Deletion: You can delete your account at any time through the app. This action is permanent and cannot be undone.
  • Portability: Upon request, we will provide your data in a standard, machine-readable format.

To exercise any of these rights, contact us at [email protected].

Cookies

Briffly uses only essential session cookies required for authentication and security via Laravel Sanctum. We do not use tracking cookies, advertising cookies, or any third-party cookie-based analytics. There is no cookie banner because there is nothing to consent to beyond what is strictly necessary for the Service to function.

Children's Privacy

Briffly is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at [email protected] and we will promptly delete that information.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you through the app. We encourage you to review this page periodically to stay informed about how we protect your data.

Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us at [email protected].