8K Brief
Legal

Privacy Policy

Last updated: June 2026

This Privacy Policy explains how 8K Brief (“we,” “us,” or “our”) collects, uses, discloses, and safeguards information when you visit 8kbrief.com or subscribe to our email briefings (the “Service”). We are based in the United States. By using the Service, you agree to this Policy.

1. Information We Collect

  • Account and contact data. Your email address, and an optional name, which you provide when you sign up or subscribe.
  • Payment information. When you purchase a premium subscription, payment is processed by Stripe, Inc. We do not collect or store your full payment-card number, CVV, or bank credentials on our systems. We receive limited billing-related information from Stripe, such as your subscription status, customer and subscription identifiers, billing email, and the renewal date.
  • Delivery and engagement data. Records necessary to operate the Service, such as whether a briefing was sent to you and basic delivery status from our email provider.
  • Technical data. Standard server log information (such as IP address and request metadata) generated when you access the website, used for security and operation.

2. How We Use Information

  • to create and manage your account and authenticate sign-in (including magic-link access);
  • to deliver the daily and periodic email briefings you subscribe to;
  • to process payments, manage subscriptions, and handle renewals, cancellations, and refunds through Stripe;
  • to provide customer support and respond to your enquiries;
  • to operate, secure, maintain, and improve the Service; and
  • to comply with legal obligations and enforce our Terms.

3. Legal Bases (EEA/UK)

Where the GDPR or UK GDPR applies, we process personal data on the following bases: performance of a contract (to provide the subscription you purchase); our legitimate interests (to operate, secure, and improve the Service); consent (where required, e.g., for certain communications, which you may withdraw at any time); and compliance with legal obligations.

4. How We Share Information

We share personal data only as needed to operate the Service:

  • Stripe, Inc. — payment processing and subscription billing;
  • Resend — delivery of transactional and briefing emails;
  • service providers and hosting that support our infrastructure, bound by confidentiality obligations; and
  • legal and safety — when required by law, subpoena, or to protect our rights, users, or the public, or in connection with a merger, acquisition, or sale of assets.

We do not sell your personal data, and we do not share it for cross-context behavioral advertising.

5. Cookies and Tracking

We use only strictly necessary cookies required to operate the Service, such as a session cookie that keeps you signed in to your account or the admin area. We do not use advertising cookies, third-party analytics trackers, or cross-site tracking technologies. Because we do not engage in tracking-based advertising, we do not alter our practices in response to browser “Do Not Track” signals, though we honor applicable opt-out preference signals where legally required.

6. Data Retention

We retain personal data for as long as your account is active and as needed to provide the Service, and thereafter as required to comply with legal, tax, and accounting obligations, resolve disputes, and enforce our agreements. You may request deletion as described below.

7. Data Security

We use reasonable administrative, technical, and organizational measures designed to protect personal data. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

8. Your Rights — EEA/UK (GDPR)

If you are located in the European Economic Area or the United Kingdom, you have the right to access, correct, update, or delete your personal data; to restrict or object to processing; to data portability; and to withdraw consent where processing is based on consent. You may also lodge a complaint with your local supervisory authority. To exercise these rights, contact [email protected].

9. Your Rights — California (CCPA/CPRA)

If you are a California resident, you have the right to know what personal information we collect and how we use and disclose it; to request access to and deletion of your personal information; to correct inaccurate personal information; and to be free from discrimination for exercising your rights. We do not sell or share (as those terms are defined under the CCPA/CPRA) your personal information. To exercise your rights, contact [email protected]; we will verify your request using the email associated with your account.

10. International Transfers

We are based in the United States, and our service providers may process data in the United States and other countries. Where required, we rely on appropriate safeguards for international transfers.

11. Children’s Privacy

The Service is intended for adults and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

12. Changes to This Policy

We may update this Policy from time to time. Material changes will be reflected by updating the “Last updated” date above and, where appropriate, by notice to you.

13. Contact

For privacy questions or to exercise your rights, contact our privacy team at [email protected].