Privacy Policy

Last updated: January 1, 2025

1. Introduction

AiNews247 ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered news aggregator and assistant platform ("the Service"). We do not sell or share your personal data.

2. Information We Collect

Authentication Information

To provide secure login functionality, we collect:

  • Email address - for account identification and secure login
  • Google OAuth tokens - to authenticate you through Google's secure OAuth system
  • Basic profile information - name and profile picture from Google OAuth (used for personalization)

Google Drive Integration (Optional)

If you choose to connect Google Drive integration, we collect:

  • Google Drive access tokens - to read and write files you specifically request us to process
  • File metadata - names, sizes, and modification dates of files you ask us to access
  • File contents - only for files you explicitly request us to process or analyze

Important: We only access Google Drive files when you specifically request it. We never scan or access your files without your explicit permission for each action.

Technical Information

We automatically collect minimal technical data:

  • IP address - for security and fraud prevention
  • Browser and device information - to ensure compatibility
  • Usage logs - basic analytics on feature usage (aggregated, not personal)

Optional Integration Data

Only if you choose to connect third-party services:

  • OAuth tokens - securely stored for accessing your connected accounts
  • Files you request us to process - temporarily accessed for your tasks only

3. How We Use Your Information

We use your information solely for these purposes:

  • Authentication - to log you in and maintain your session
  • Service delivery - to provide the AI news aggregation and assistant features
  • Integration access - to connect to your authorized third-party services (Google Drive, etc.)
  • Security - to protect against unauthorized access and fraud
  • Service improvement - to analyze usage patterns (in aggregate only)

Legal Basis for Processing (GDPR): We process your data based on "contract" (to provide the service you signed up for) and "legitimate interest" (for security and service improvement).

4. Data Sharing

We do NOT sell, rent, or share your personal information with third parties for marketing purposes.

Limited Sharing

We only share data in these specific situations:

  • Service providers - Cloud hosting (for infrastructure only) and AI providers (for processing your requests)
  • Legal compliance - If required by law or valid legal process
  • Account security - To prevent fraud or security threats

All service providers are contractually bound to protect your data and use it only for providing services to us.

5. Data Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet is 100% secure.

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication measures
  • Secure token storage for third-party integrations

6. Data Retention

We keep your data only as long as needed:

  • Account data - Until you delete your account
  • OAuth tokens - Until you disconnect integrations
  • Usage logs - Up to 90 days for security purposes

You can request account deletion at any time, and we will remove your data within 30 days (except for minimal records required for legal compliance).

7. Your Rights

You have the following rights regarding your data:

  • Access - Request a copy of your personal data
  • Correction - Update inaccurate information
  • Deletion - Request account and data deletion
  • Portability - Export your data in a readable format
  • Objection - Object to data processing (where applicable)

For EU residents (GDPR): You have additional rights including the right to lodge complaints with your local data protection authority.

To exercise any of these rights, contact us through the platform or via email. We will respond within 30 days.

8. Third-Party Services

The Service may contain links to or integrate with third-party services. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you use.

9. Age Restrictions

Our Service is only for users 13 years and older. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use our Service. If we discover we have collected information from a child under 13, we will delete it immediately.

10. Regional Privacy Rights

California Residents (CCPA)

Note: CCPA may not currently apply to our service as we don't meet the threshold requirements (revenue >$25M, >100k CA residents/year, or >50% revenue from data sales). However, we respect these rights regardless.

EU Residents (GDPR)

If you're in the EU, GDPR applies to our processing of your personal data. You have enhanced rights as described in Section 7 above, plus the right to lodge complaints with your local data protection authority.

11. Changes to This Policy

We may update this Privacy Policy occasionally. When we do, we'll post the updated version here and update the "Last updated" date. For significant changes, we may notify you via email. Continued use of the Service means you accept the updated policy.

12. Contact Us

Questions about this Privacy Policy or want to exercise your data rights? Contact us through our platform.

We'll respond to privacy requests within 30 days.