Your Privacy at BrieflyGo
Your privacy is the foundation of trust. Here is what we collect, how we use it, and how we protect it.
What We Collect
Only what is needed to operate the service:
- Account data: your email address, used for authentication and service communications.
- Documents you analyze: PDFs, Word files, or text you upload for AI analysis. Processed to generate your requested output. If you use workspace features, editor flows, or saved reports, the files and related output may be stored in your account until you delete them or they are removed under our retention rules.
- Analytics data: page URL, referrer, anonymized IP, browser type, OS, device type, and country code. No full IP address is ever stored in our first-party analytics store.
- Support messages: name (optional), email, and message content when you contact us via the contact form.
- Billing data: payment method details (card type, last 4 digits, expiry) are handled by third-party payment providers or merchant-of-record partners — we never see or store your full card number.
We do not collect behavioral profiles, purchase history beyond your own subscription, or data from third party brokers.
Legal Basis for Processing (GDPR Art. 6)
For users in the European Economic Area (EEA), we rely on the following legal bases:
- Contract performance (Art. 6(1)(b)): processing your email and uploaded documents to deliver the service you subscribed to.
- Legitimate interests (Art. 6(1)(f)): first-party anonymized analytics to understand product usage, improve reliability, prevent abuse, and maintain security.
- Consent: optional third-party analytics tools only load after you explicitly allow them through the consent banner.
- Legal obligation (Art. 6(1)(c)): retaining billing records as required by applicable tax law.
No Selling
How We Use AI
Our AI analyzes your document on the fly to produce your report. Documents are processed transiently and we do not use your documents to train or fine-tune AI models. AI processing is performed through providers configured for customer-serving inference, not model training. Saved workspace artifacts are used only to deliver product features you requested, such as reopening a report, continuing editing, or resuming a send flow.
Our analysis does not constitute automated decision-making with legal or similarly significant effects under GDPR Art. 22. All conclusions in our reports require human review before any decision is made.
IP Address Anonymization
Our first-party analytics system never stores a complete IP address. Before data is written to storage, the last octet of IPv4 addresses is replaced with 0. For IPv6, the trailing bits are zeroed so the stored value is not directly identifying.
Cookies & Tracking
BrieflyGo uses a consent banner for optional analytics. Our first-party product analytics remain server-side, and Google Analytics only loads after you allow it via the banner.
- Optional analytics stay off until you give consent.
- No cross-site advertising or behavioral profiling.
- No third-party advertising networks.
Authentication and product state may use browser storage, cookies, and similar session mechanisms that are scoped to BrieflyGo features and account access.
| Cookie | Purpose | Duration |
|---|---|---|
| brieflygo_consent | Stores your cookie consent choice | 12 months |
| brieflygo_auth / session cookies | Authentication and account session state | Session / 7 days |
| _ga, _ga_* | Google Analytics (only after consent) | 2 years |
Data Retention
- Account data: retained while your account is active. Deleted permanently within 30 days of account deletion.
- Uploaded documents: may be retained only as long as needed for the specific feature you used, unless you explicitly save them into a workspace, report, template, or related product flow.
- Analytics: retained for operational analysis and then purged on our standard retention schedule, which may vary by tool or provider.
- Billing records: retained as required by applicable tax law.
- Support messages: retained for support and product quality follow-up, then removed on the normal retention cycle unless a longer retention period is required to resolve abuse, fraud, or legal issues.
Some exact retention periods depend on the feature you use, whether content was explicitly saved, and our fraud-prevention or legal obligations at the time.
Your Rights (GDPR Art. 15-22)
If you are in the EEA or UK, you have rights of access, rectification, erasure, restriction, portability, objection, and complaint to your local data protection authority.
We will respond to verified requests within 30 days (GDPR) or 45 days (CCPA). We may extend this period once by an additional 30 days where necessary, with written notice.
Contact [email protected] with the subject line Privacy Request.
California Privacy Rights (CCPA / CPRA)
California residents may request access, deletion, correction, and other rights provided by applicable California privacy law. We do not sell personal information.
To exercise a California privacy right, email [email protected] with the subject line California Privacy Request.
Data Transfers
Sub-processors
We use the following third-party sub-processors to deliver the service. Each is bound by a Data Processing Agreement (DPA) and appropriate transfer safeguards:
| Sub-processor | Purpose | Location | Safeguard |
|---|---|---|---|
| Cloud database and storage providers | Database, account services, and file storage | Varies by provider | Contractual safeguards |
| AI inference providers | Transient AI analysis and generation | Varies by provider | Contractual safeguards and no-training commitments where offered |
| Transactional email providers | Account and workflow email delivery | Varies by provider | Contractual safeguards |
| Payment providers / merchant-of-record partners | Subscription billing and checkout | Varies by provider | Contractual safeguards |
| Google Analytics | Optional analytics (consent-gated) | USA / EU | SCCs, consent-only |
Contact
Privacy questions or data requests:
- Email: [email protected]
- Subject line: Privacy Request
Last updated: April 2026. Applies to BrieflyGo (brieflygo.com).