Privacy Policy

Last updated: March 2026

1. Overview

Bruce AI ("we", "us", or "our") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and the choices you have. We keep this simple because we don't collect more than we need.

2. Information we collect

When you sign up:

  • Email address (used to deliver reports and communicate with you)
  • Payment information — handled entirely by Stripe. We never see or store your card details.

Automatically collected:

  • Basic server logs (IP address, request timestamp, HTTP status)
  • Email open and click events (via our email provider) to measure delivery health

We do not use tracking pixels for advertising, run behavioural analytics, or sell data to third parties.

3. How we use your information

  • Delivering your daily or weekly research reports by email
  • Processing and managing your subscription via Stripe
  • Sending transactional emails (receipts, subscription changes, service notices)
  • Diagnosing delivery issues and improving report quality

We will not send you marketing emails unrelated to Bruce AI.

4. Third-party services

We use the following third-party services to operate Bruce AI:

  • Stripe — payment processing. Stripe's privacy policy governs how they handle your payment data.
  • Supabase — authentication and account management. Your email is stored in Supabase's infrastructure.
  • Resend — transactional email delivery.

Each of these providers processes data only to the extent necessary to deliver their service and is bound by their own privacy policies.

5. Data retention

We retain your email address and subscription status for as long as your account is active. If you cancel and request deletion, we will remove your personal data within 30 days, except where retention is required by law (e.g., billing records).

6. Your rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Withdraw consent for email communications (unsubscribe at any time)

To exercise any of these rights, email us at privacy@bruce.ai.

7. Security

We use industry-standard measures to protect your data in transit and at rest. All connections to Bruce AI are encrypted via HTTPS. We do not store payment card data. Access to subscriber data is restricted to authorised personnel only.

8. Children

Bruce AI is not intended for users under the age of 18. We do not knowingly collect personal information from minors.

9. Changes to this policy

We may update this policy from time to time. When we do, we'll update the date at the top of this page. For material changes, we will notify subscribers by email at least 14 days in advance.

10. Contact

Questions or concerns about this policy can be sent to privacy@bruce.ai.