← Back to home

Privacy Policy

Last updated: November 2025

Thank you for using Braindump ("we", "us", "our").

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use Braindump (the "Service").

If you do not agree with this Privacy Policy, please do not use the Service.

If you have questions, contact us at: reach.braindump@gmail.com

1. Information We Collect

We collect three types of information:

1.1 Information You Provide

When you create an account or use the Service, you may provide:

  • Email address
  • Password (handled by Firebase Authentication)
  • Optional profile information
  • Notes, text content, tags, and settings you create in Braindump
  • Support requests or feedback
  • Payment information (processed by Polar – we never see your full card details)

1.2 Information Collected Automatically

We automatically collect:

  • Device information (browser, OS, device model)
  • Log data (IP address, timestamps, feature usage)
  • Cookie/session data required for authentication
  • Crash logs and basic analytics (Vercel Analytics or future analytics provider)

1.3 Location Data (If You Allow It)

If you enable location access, we use the browser's navigator.geolocation API to:

  • Recommend notes based on your location
  • Provide contextual features (e.g., "smart save")

Location is not precise GPS tracking, and can be disabled at any time.

1.4 Derivative Data

To improve the product, we generate derivative data such as:

  • Note search patterns
  • Feature usage frequency
  • Simple usage profiles for recommendations
  • Embedding vectors created on-device

No sensitive personal data is collected.

2. How We Use Your Information

We use your information to:

  • Provide and operate the Service
  • Sync your notes (if you choose to enable sync)
  • Improve recommendations (local models + safe algorithms)
  • Authenticate your account
  • Process payments through Polar
  • Respond to support requests
  • Send administrative messages (updates, billing notices, outages)

We may also contact you with product updates or feature announcements. You can unsubscribe at any time.

3. How We Handle AI and Algorithms

Braindump uses:

  • Local-first algorithms (on your device)
  • Local embeddings + HNSW for recommendations
  • Non-cloud AI models unless explicitly enabled in future features

Your notes:

  • are processed on-device for structure, recommendations, and search
  • may sync to the cloud only if you enable syncing
  • are never used to train machine learning models (ours or third-party)

We do not "read" or "review" your notes.

4. When We Share Information

We do not sell your personal data.

We share data only with trusted third parties that help us provide the Service:

Service Providers

  • Firebase (authentication, hosting)
  • Google Cloud / Firestore (if sync is enabled)
  • Vercel (hosting, performance analytics)
  • Polar (payments)
  • Email provider (outbound emails)

These parties act as data processors and must protect your information under their terms.

Legal

We may disclose information if required by law or to protect the security of the Service.

Business Transfer

If Braindump is ever sold or merged, personal data may transfer to the new owner under the same protections.

5. Cookies & Tracking

We use cookies for:

  • Login sessions
  • Authentication
  • Basic analytics
  • Remembering user preferences

We do not use advertising cookies.

6. International Data Transfers

Our servers may be located in:

  • Canada
  • United States
  • Europe (depending on region)

When transferring data internationally, we follow established legal mechanisms such as:

  • Standard Contractual Clauses (SCCs)
  • Equivalent protections under Canadian PIPEDA / Law 25

7. Data Retention

We keep your personal data only for as long as needed to:

  • Provide the Service
  • Comply with legal obligations
  • Resolve disputes
  • Maintain security

You may request deletion at any time.

8. Minors

Braindump is not intended for users under 16. We do not knowingly collect data from children.

If you believe a minor is using the Service, contact us.

9. Your Rights

Depending on where you live (EU, UK, Quebec, California, etc.), you may have rights to:

  • Access your data
  • Delete your data
  • Correct your data
  • Export your data
  • Object to certain processing
  • Withdraw consent (for location, cookies, etc.)

To exercise these rights, email reach.braindump@gmail.com or use the in-app request feature.

10. Security

We use industry-standard measures to protect your data, including:

  • Encryption in transit (HTTPS)
  • Secure authentication (Firebase Auth)
  • Permissioned database access
  • Rate limiting and abuse prevention

We do not claim full end-to-end encryption yet. This may be added in the future.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are significant, we will notify you in the app or by email.

12. Contact

If you have any questions about this Privacy Policy, you can reach us at:

reach.braindump@gmail.com

← Back to home