Privacy Policy
Last updated: April 2026
1. Information We Collect
We collect information you provide when subscribing, including your name, email address, firm name, and firm size. We also collect usage data such as which editions you open, links you click, and features you use within the platform.
2. How We Use Your Information
We use your information to deliver your weekly intelligence briefing, personalize your experience (scorecard benchmarks, AI assistant context), process payments, and improve our product. We do not sell your personal information to third parties.
3. AI Readiness Scorecard Data
Your scorecard responses are used to generate your individual readiness report and contribute to anonymous peer benchmarks. Benchmark data is aggregated and anonymized — no individual firm can be identified from the benchmarks we display to other subscribers.
4. AI Assistant & Firm Knowledge
Conversations with the AI assistant are stored to maintain context across your sessions. Additionally, our AI may extract factual information about your firm from your conversations (such as tools in use, team size, and goals) to improve future recommendations. This firm knowledge is stored securely and used exclusively to personalize your experience. We do not use your conversation data or firm knowledge to train AI models. All firm knowledge is deleted when you cancel your subscription.
5. AI-Generated Content
Content generated by the platform (AI policies, board presentations, client materials, certifications) is created with AI assistance and has not been reviewed by licensed professionals. All AI-generated content is for informational purposes only and does not constitute professional, legal, financial, compliance, or regulatory advice.
6. Email Tracking & Analytics
Our emails include a tracking pixel that records when you open the email and which links you click. This data is used to measure engagement, improve content quality, and detect unauthorized content sharing. We also use per-subscriber content watermarking (invisible identifiers embedded in email content) to trace the source of unauthorized distribution. IP addresses are hashed for analytics and forwarding detection.
7. Proactive Intelligence
If you are a subscriber, we may send you personalized intelligence updates between weekly editions based on your profile, scorecard results, and regulatory environment. These "micro-briefings" are generated by our ambient monitoring system, which continuously scans relevant sources for developments that may affect your practice. You can manage notification preferences from your account settings.
8. Third-Party Services
We use the following third-party services to operate the platform: Supabase (database and authentication), Stripe (payment processing), Postmark (email delivery), Anthropic/Claude (AI processing), Upstash (caching and scheduling), and Vercel (hosting). Each operates under their own privacy policy. We process your data on servers located in the United States.
9. Data Security
We implement industry-standard security measures including encryption in transit (TLS), application-level field encryption for sensitive data, rate limiting, input sanitization, and access controls. Subscriber tokens are unique per account, rotate on each login, and content is watermarked for leak detection.
10. Data Retention
We retain your account data for the duration of your subscription plus 90 days. After cancellation, scorecard history, conversation logs, firm knowledge, and generated documents are deleted. Edition access is revoked immediately upon cancellation. Anonymous benchmark data (aggregated, non-identifiable) is retained indefinitely.
11. Your Rights
You may request access to, correction of, or deletion of your personal data at any time by emailing privacy@briefinglayer.ai. You may also export all your data (profile, scorecard results, ROI entries, chat history, generated documents, firm knowledge) directly from the platform via the data export feature in your account settings. For California residents: you have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information (we do not sell your data). For EU/EEA residents: you have rights under GDPR including data portability, the right to object to processing, and the right to lodge a complaint with a supervisory authority.
12. Community Content
Questions and answers posted in the peer community are visible to other subscribers in your vertical. Posts are anonymized by firm size bracket — your name, email, and firm name are never displayed. All posts are AI-moderated for compliance before publishing. We reserve the right to remove content that violates our community guidelines.
13. Children's Privacy
Briefing Layer is intended for professional use by individuals aged 18 and older. We do not knowingly collect information from anyone under 18.
14. Changes to This Policy
We may update this privacy policy with 30 days' notice via email. Continued use after the notice period constitutes acceptance.
15. Contact
For privacy-related inquiries, contact us at privacy@briefinglayer.ai.