Privacy Policy
Last updated: February 7, 2026
Pulse ("we", "us", "our") respects your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.
1. Information We Collect
Account Information
When you create an account, we collect:
- Email address
- Password (stored as a salted hash — we never store plain-text passwords)
- Display name (optional)
Usage Data
We automatically collect:
- Lookup history (which people you search for and when)
- Feature usage (bookmarks, alerts, Q&A history)
- Daily usage counts for rate limiting
Billing Data
If you subscribe to Pro, payment processing is handled entirely by Stripe. We store your Stripe customer ID to link your subscription but never see or store your credit card number.
2. How We Use Your Data
| Data | Purpose |
|---|---|
| Account authentication, alert notifications, email digests (if enabled) | |
| Password hash | Secure authentication |
| Lookup history | Caching, trending calculations, personalized experience |
| Bookmarks & alerts | Providing saved content and notification features |
| Q&A history | Conversation continuity in Ask About feature |
| Stripe customer ID | Subscription management |
3. Third-Party Services
Pulse integrates with the following third-party services:
- Anthropic (Claude AI) — We send aggregated news data to Claude for summarization and analysis. Your personal information is not included in these requests.
- Stripe — Handles all payment processing for Pro subscriptions. See Stripe's Privacy Policy.
- News & Data Sources — We query public APIs (news, Reddit, YouTube, etc.) to aggregate information about public figures. These queries do not include your personal data.
- SMTP Provider — If email features are enabled, we use an SMTP service to deliver alert notifications and digests to your email address.
4. Data Storage & Security
- All data is stored in an encrypted SQLite database.
- Passwords are hashed using industry-standard algorithms (bcrypt/scrypt).
- Session cookies are HTTP-only and use the SameSite attribute.
- In production, all connections are encrypted via HTTPS with HSTS enabled.
- We implement rate limiting and input validation to protect against abuse.
5. Data Retention
- Account data — Retained while your account is active. Deleted upon account deletion request.
- Lookup cache — Cached results expire after the configured TTL (typically 5 minutes).
- Usage logs — Daily usage counters reset at midnight UTC.
- Shared recaps — Public recap links remain accessible until you delete them.
6. Your Rights
You have the right to:
- Access — View all data associated with your account via the app.
- Delete — Request deletion of your account and all associated data.
- Export — Request a copy of your data by contacting us.
- Opt out — Disable email digests and alert notifications in your preferences.
- Correct — Update your display name and preferences at any time.
7. Cookies
Pulse uses a single session cookie to keep you logged in. We do not use tracking cookies, third-party analytics, or advertising cookies.
8. Children's Privacy
Pulse is not intended for children under 16. We do not knowingly collect data from children. If you believe a child has created an account, please contact us and we will delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated to registered users via email. The "Last updated" date at the top of this page indicates when the policy was last revised.
10. Contact
For privacy-related questions or data requests, contact us at privacy@pulse.news.