v0.2.3-beta
login register

PRIVACY POLICY

at

brainful

Revised on 25 July 2025 | 📢 concerns

When we say 'brainful', 'we', 'us', or 'our', we mean the brainful team and everyone working with us. When we say 'you', we mean any person accessing or using our services. This privacy policy applies whenever you use any brainful service through desktop, mobile, web interface, API, or any other platform we operate, from any brainful domains or subdomains. Simply put, if you're using anything brainful, these are the rules for how we handle your data.


Privacy should not be gray and convoluted. Due to the nature of our personalised services, it is inevitable that you are entrusting us with highly sensitive data. We take this responsibility very seriously and go to great lengths to securely, safely, and transparently process your data. This privacy policy outlines who we are, what we collect, why we need it, how we use it, and what you can do about it.


who we are

'brainful' , 'we' , 'us' , 'our' , Refers to the brainful team and its affiliates.

This privacy policy applies when you access:

  • brainful.ai, brainful.io, or brainful.dev web domains
  • official mobile and desktop clients
  • apps from platform app stores

what we and third-parties collect

privacy-first organisation

we are not in the business of selling or sharing data. we only collect information that directly helps us provide our services to you.

account information

since we handle authentication, we temporarily collect metrics for secure authentication and identification.

Collected for authentication:

  • internet protocol (IP) address
  • browser and operating system
  • device information
  • location data

most data is deleted after authentication. only session identifiers are retained for active session management.

you can manage and delete this data from account settings at any time.

third-party services

we offer optional add-ons to improve your experience. these must be manually enabled and are disabled by default.

All third-party services are opt-in only

AI functionality

selected data passed through API for enhanced features

see OpenAI's policy

error reporting

privacy-friendly debugging and logging

see Sentry's policy

Google services

centralised tasks and events management

see Google's policy

latest updates available in the app's options menu

communication

we may keep records of communications through forms or email during your account use and for 30 days after deletion.

Retention period: account lifetime + 30 days

Your privacy controls

Core services only

we only collect essential data for authentication and service delivery

Optional features

all third-party integrations are disabled by default and clearly marked

Anonymous communication

feel free to use an alias when contacting us

Infrastructure services:

  • sentry.io for anonymous error tracking (opt-in for detailed debugging)
  • cloudflare CDN for network traffic monitoring and abuse prevention
  • no automatic collection of usage analytics or device tracking

securing your data

end-to-end security

encrypted storage

data encrypted on Google Cloud servers hosted in the EU

active monitoring

custom systems detect and prevent suspicious activity

permanent deletion

data completely removed after 30-day recovery period

data redundancy & backup

your data is replicated across multiple locations for disaster recovery

Important notice

while we maintain robust security, no system is immune to breaches. we strongly recommend regular backups using our export tool.

collecting data from minors

Age restriction

we do not knowingly collect, process, or store data from minors under the age of 13.

your rights

changing your account data

you can add, modify, and delete any characteristic of your account at any time.

deleting your account and data

Delete your account at any time from settings

You're entitled to request a complete copy of your data before deletion

opt out of marketing

opt out of marketing communications in account settings

Note: account status and security notifications cannot be disabled

request to limit data processing

Request lower processing and use of your data

By default, all processing is restricted. limiting further may affect service functionality.

brainful for beta testers and developers

enhanced tracking for beta testing

we rely on your support to ensure quality and security. beta testers are automatically enrolled in:

Logging group

Enhanced error tracking that cannot be disabled

PII transmission risk

Sentry may capture personal information in error logs

critical warning

  • do not store sensitive authentication credentials
  • elevated risk of data loss - no recovery guarantee
  • do not store critical data on development builds