Briefloop

Privacy Policy

Last updated: April 30, 2026

Briefloop ("Briefloop", "we", "us", or "our") is operated by Idea Crafters LLC, a limited liability company organized in the United States. This Privacy Policy explains what personal information we collect when you use briefloop.app and our related services (the "Service"), how we use it, who we share it with, and the choices you have. By using the Service, you agree to the practices described here.

1. Who this policy applies to

This policy applies to people who create a Briefloop account, are invited to a workspace by another user, or interact with creative work through a public review link. It also applies to visitors of our marketing website.

2. Information we collect

2.1 Information you give us

  • Account information. Name, email address, password (hashed), and an optional profile picture. If you sign in with Google, we receive your name, email, Google account ID, and profile picture from Google.
  • Workspace information. The name of your studio or company, team members you invite, and the role you assign them (admin, project manager, creative, or reviewer).
  • Content you upload. Creative files you submit for review (videos, images, PDFs, documents), comments, annotations, version history, approval decisions, and related metadata.
  • Communications. Messages you send us through support channels, the contact form, or the waitlist.

2.2 Information we collect automatically

  • Usage data. Pages visited, features used, actions taken, timestamps, and approximate location derived from IP address.
  • Device and log data. IP address, browser type and version, operating system, referring URLs, and device identifiers.
  • Cookies and similar technologies. Authentication cookies (required to keep you signed in) and analytics cookies (described in section 5).
  • Push notification tokens. If you enable push notifications, we store the device token issued by your browser or operating system.

3. How we use your information

  • To provide, maintain, and secure the Service.
  • To authenticate you and protect your account from unauthorized access.
  • To deliver in-app, real-time, push, and email notifications related to your work.
  • To respond to support requests and communicate operational changes.
  • To understand how the Service is used so we can improve it.
  • To detect, prevent, and address fraud, abuse, and security incidents.
  • To comply with legal obligations and enforce our Terms of Service.

4. Legal bases (for users in the EEA and UK)

Where European data protection law applies, we rely on the following legal bases: performance of a contract (to provide the Service you requested); legitimate interests (to secure, maintain, and improve the Service, and to communicate with you about it); consent (for analytics and push notifications, where required); and legal obligations.

5. Service providers and subprocessors

We share personal information with vendors that help us operate the Service. These providers are bound by contract to protect your data and use it only on our instructions.

  • OneSignal — push notification delivery (device tokens, notification metadata).
  • Laravel Reverb — real-time WebSocket delivery for in-app updates (operated on our own infrastructure).
  • Sentry — error monitoring and performance tracing (technical error data and limited context such as URL and user identifier).
  • Google Analytics 4 — product analytics (cookie identifiers, device and usage data).
  • Postmark — transactional email delivery (recipient email address and email content).
  • Google Sign-In — authentication (used only when you choose to sign in with Google).
  • Stripe — payment processing. Stripe will be enabled when paid plans launch; this policy will be updated to reflect payment data handling at that time.

We do not sell your personal information. We do not share your content with third parties for their own marketing purposes.

6. Data hosting and international transfers

Briefloop's production systems are hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. Where required, we rely on appropriate safeguards (such as the European Commission's Standard Contractual Clauses) for international transfers.

7. How long we keep your information

We retain personal information for as long as your account is active or as needed to provide the Service. If you delete your account, we delete or anonymize your personal information within a reasonable period, except where we are required to retain it for legal, tax, accounting, or legitimate business reasons (for example, abuse investigation or dispute resolution). Backups may persist for a limited rolling window before being overwritten.

8. Security

We use industry-standard technical and organizational measures to protect your information, including encryption in transit (TLS), hashed passwords, role-based access controls, and audit logging. No system is perfectly secure; if we become aware of a breach affecting your personal information, we will notify you and the relevant authorities as required by law.

9. Your rights

Depending on where you live, you may have the right to:

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete your account and associated data.
  • Export your data in a portable format.
  • Object to or restrict certain processing.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

To exercise these rights, email us at contact@briefloop.app. We will respond within the timeframe required by applicable law.

10. California privacy rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), including the right to know, delete, and correct personal information, and to opt out of "sales" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under California law.

11. Children

Briefloop is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will delete it.

12. Cookies

We use a small number of cookies and similar technologies. Strictly necessary cookies keep you signed in and protect your session. Analytics cookies (Google Analytics 4) help us understand how the Service is used. You can disable cookies in your browser, but parts of the Service may not work properly without them.

13. Third-party links

The Service may contain links to third-party sites. We are not responsible for the privacy practices of those sites. We encourage you to read their policies.

14. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify you by email or through the Service before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

15. Contact us

If you have questions about this Privacy Policy or our privacy practices, contact us at contact@briefloop.app.

Idea Crafters LLC
ideacrafters.com