C
AI Compliance Brief
EST. 2026 — Vigilance
§ Legal / 02 — Privacy Policy

Privacy Policy

Effective 25 April 2026

1. Scope

This Privacy Policy explains how AI Compliance Brief (the "Publisher") collects, uses, and protects personal data when you visit our website, request a sample brief, or subscribe to a paid plan.

2. Data we collect

  • Identity & contact: name, business email, company, job title — collected when you request a sample or subscribe.
  • Payment metadata: Stripe customer ID, subscription ID, current period end. We do not store full card numbers, CVVs, or expiration dates — Stripe is the payment processor and source of truth.
  • Usage data: standard server logs (IP, user agent, timestamps) for security and abuse prevention.

3. How we use it

  • To deliver subscribed briefs and account communications.
  • To respond to inquiries and provide customer support.
  • To improve editorial coverage based on aggregate engagement signals.
  • To meet legal, accounting, and tax obligations.

4. What we do not do

We do not sell personal data. We do not share subscriber lists with third parties for their marketing. We do not use subscriber data to train AI models.

5. Service providers

We rely on a small set of vendors strictly for service delivery: Stripe (payments), Google Workspace (email), and our hosting provider. Each is contractually bound to confidentiality and appropriate security controls.

6. Your rights

Depending on your jurisdiction (including GDPR, UK GDPR, CCPA), you may have rights to access, correct, delete, port, or restrict processing of your personal data. Email [email protected] and we will respond within 30 days.

7. Retention

Subscriber records are retained while your subscription is active and for up to 24 months after cancellation for accounting and audit purposes. Lead-only records (sample requests that did not convert) are retained for 12 months unless you opt out earlier.

8. Security

We use TLS in transit, encrypted databases at rest, and least-privilege access controls. No internet service is perfectly secure; we will notify affected subscribers of any material breach within 72 hours of discovery.

9. Cookies

We use essential cookies for authentication and session management. We do not run third-party advertising or cross-site tracking cookies.

10. Changes & contact

We may update this policy and will notify subscribers by email of material changes at least 14 days in advance. Questions: [email protected].