Privacy Policy

1. Introduction

Welcome to NewsletterForMe, operated by Rectfy ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered newsletter platform service.

By using our service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use our service.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

• Google Account Information: When you sign in with Google, we collect your email address, name, and profile picture
• Interest Preferences: Your selected newsletter topics and interests
• Custom Interests: Any custom topics you submit
• Integration Settings: Your email and Slack integration preferences
• Account Activity: Login times, preference updates, and service usage patterns

2.2 Newsletter Content Data

We store and process:

• Newsletter content we curate for your interests
• Your reading preferences and interaction history
• Content delivery preferences and scheduling
• Feedback and engagement metrics

2.3 Technical Information

We automatically collect:

• Device Information: Browser type, operating system, device identifiers
• Usage Analytics: Page views, clicks, time spent, feature usage (via Google Analytics)
• Technical Logs: IP addresses, access times, error logs, performance metrics
• Cookies: Authentication tokens, preference settings, analytics cookies

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: Curating and delivering personalized newsletters
• Account Management: Authentication, preference storage, account security
• Content Curation: Using AI (Google Gemini) to personalize content based on your interests
• Communication: Sending newsletters via email or Slack integrations
• Analytics: Understanding usage patterns to improve our service
• Customer Support: Responding to inquiries and providing assistance
• Legal Compliance: Meeting legal obligations and protecting our rights
• Service Improvement: Developing new features and enhancing user experience

4. Third-Party Services

We use the following third-party services that may collect your information:

4.1 Google Services

• Firebase Authentication: For secure login and user management
• Google Analytics: For usage analytics and service improvement
• Google Gemini AI: For content curation and personalization
• Firestore Database: For storing your preferences and account data

4.2 Email Services

• Mailgun: For delivering newsletters to your email address

4.3 Integration Services

• Slack API: For delivering newsletters to your Slack channels (when connected)

5. Data Sharing and Disclosure

5.1 Strategic Partnerships and Data Sharing

We may share user data with strategic partners to enhance our service offerings and provide you with better experiences.

We may share your information with trusted strategic partners for:

• Service Enhancement: Improving content curation and personalization
• Feature Development: Creating new tools and integrations
• Content Optimization: Delivering more relevant newsletter content
• Platform Integrations: Enabling seamless cross-platform experiences
• User Experience: Providing enhanced functionality and convenience

All strategic partnerships are governed by strict data protection agreements that require partners to:

• Maintain the same level of data protection we provide
• Use data only for agreed-upon purposes
• Comply with applicable privacy laws and regulations
• Provide users with appropriate control and opt-out mechanisms

5.2 Additional Data Sharing

We may share your information only in the following circumstances:

• Service Providers: With third-party services listed above, only as necessary to provide our service
• Legal Requirements: When required by law, court order, or government request
• Safety and Security: To protect our users, prevent fraud, or address security issues
• Business Transfers: In case of merger, acquisition, or sale of assets (with user notification)
• Consent: With your explicit consent for specific purposes

6. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data transmission and storage encryption
• Access Controls: Strict access limitations to personal data
• Authentication: Secure authentication via Google OAuth
• Monitoring: Continuous security monitoring and threat detection
• Regular Updates: Security patches and system updates
• Data Minimization: We collect only necessary information

7. Your Rights (GDPR Compliance)

Under GDPR and other privacy laws, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Portability: Receive your data in a structured, machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for data processing at any time
• Lodge Complaints: File complaints with supervisory authorities

7.1 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@rectfy.com. We will respond within 30 days of receiving your request.

8. Data Retention

We retain your information for the following periods:

• Account Data: Until you delete your account or request deletion
• Newsletter Content: Up to 2 years for service improvement
• Analytics Data: Up to 26 months (Google Analytics default)
• Technical Logs: Up to 90 days for security and debugging
• Legal Requirements: As required by applicable law

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own, including:

• India: Where our primary operations are located
• United States: Where our cloud services (Google/Firebase) are hosted
• European Union: For GDPR-compliant data processing

We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses and adequacy decisions.

10. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Authentication and basic functionality
• Analytics Cookies: Google Analytics for usage insights
• Preference Cookies: Storing your settings and preferences

You can control cookies through your browser settings, but disabling essential cookies may affect service functionality.

11. Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. When we do:

• We will notify you via email or service notification
• We will update the "Last Updated" date
• Material changes will be prominently announced
• Your continued use constitutes acceptance of changes

13. Contact Information

14. Legal Basis for Processing (GDPR)

Our legal basis for processing your personal data includes:

• Consent: For newsletter delivery and marketing communications
• Contract Performance: To provide our service as agreed
• Legitimate Interests: For analytics, security, and service improvement
• Legal Obligation: To comply with applicable laws and regulations

15. Disclaimer and Limitation of Liability

IMPORTANT LEGAL NOTICE:

• This privacy policy is provided "as is" without warranties of any kind
• We make reasonable efforts to protect your data but cannot guarantee absolute security
• You use our service at your own risk regarding data privacy and security
• We are not liable for data breaches caused by third-party services or user negligence
• This policy is governed by Indian law and EU GDPR where applicable
• Any disputes will be resolved through binding arbitration in Kerala, India

By using NewsletterForMe, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.