BRIEFKLAR

Privacy Policy & Security Policy

AI-powered analysis for informational purposes only. Not legal advice — consult a Rechtsanwalt for complex matters.

Version 1.0Effective: 1 February 2026Last Updated: 1 February 2026Governing Law: GermanyGDPR Compliant
Contact: privacy@briefklar.debriefklar.de

1. Introduction & Who We Are

Briefklar is an AI-powered document analysis platform built to help migrants, expats, international students, and anyone navigating official correspondence in a foreign country. We analyse government letters, administrative documents, and official notices — translating complex bureaucratic language into plain, actionable explanations across 30+ languages.

This document sets out both our Privacy Policy and our Security Policy. Together, they explain what data we collect, why we collect it, how we protect it, and your rights as a user.

Company NameBriefklar App
Websitebriefklar.app
Privacy Contactprivacy@briefklar.de
Data Protection Officerdpo@briefklar.de
Governing LawGermany (BDSG + GDPR)
Effective Date1 February 2026

2. Data We Collect

We collect only what is necessary to provide the service. Below is a full account of every category of data Briefklar collects.

2.1 Account Data

When you create an account via Clerk (our authentication provider), we receive and store:

  • Full name and email address
  • Authentication method (email/password or social login)
  • Account creation timestamp
  • Preferred language and country settings

2.2 Document Data

When you upload a letter or document for analysis:

  • The document file (image, PDF, or text) is processed and stored temporarily in a private, encrypted storage bucket
  • OCR-extracted text from your document
  • AI-generated analysis, explanation, and suggested reply
  • Upload timestamp and document metadata (type, size)
  • Urgency level, deadline dates, and required actions identified by the AI

Document Privacy

  • Documents are stored in a private bucket — no public URL exists.
  • Signed access URLs expire after 1 hour.
  • You may delete any document instantly at any time.
  • Documents are never used to train AI models.
  • Documents are never shared with third parties.

2.3 Usage Data

  • Pages visited and features used within the app
  • Number of letters processed per billing period (for plan enforcement)
  • Dashboard visit count (used only to recommend the best notification method)
  • Device type and browser (for compatibility purposes)

2.4 Subscription & Payment Data

Payment processing is handled entirely by Stripe. Briefklar never sees or stores your card details.

  • Subscription plan (Free, Pro, or Family)
  • Subscription status and billing period
  • Stripe Customer ID (a reference identifier, not payment data)
  • Subscription start and end dates

2.5 Notification & Consent Data

If you opt in to deadline reminders, we collect and store:

  • Your consent decision and the timestamp it was given
  • Your preferred notification method (email, browser push, or in-app)
  • Your notification email address (may differ from your login email)
  • Browser push subscription endpoint (encrypted at rest)
  • A hashed version of your IP address at consent time (SHA-256 — never the raw IP)
  • Consent withdrawal timestamp if you later opt out

2.6 Referral & Partner Data

If you join the Briefklar Partner Program:

  • Full legal name
  • IBAN (for commission payouts)
  • Tax ID — Steuernummer or USt-IdNr (required under German tax law)
  • Partner terms acceptance timestamp
  • Commission records, referral records, and payout history

Commission and payout records are kept for 10 years under German commercial law (Handelsgesetzbuch § 257).

2.7 Security & Technical Data

  • SHA-256 hashed IP addresses (for rate limiting and security — never raw IP)
  • API request timestamps and response codes (for monitoring)
  • Rate limit counters (reset hourly)
  • Error logs (no personal content included)

3. Legal Basis for Processing

We process your data only where we have a lawful legal basis under GDPR Article 6.

Data CategoryLegal Basis
Account dataArt. 6(1)(b) — Necessary for the contract
Document dataArt. 6(1)(b) — Necessary for the contract
Usage & visit count dataArt. 6(1)(f) — Legitimate interest (service improvement)
Payment dataArt. 6(1)(b) — Necessary for the contract
Notification consent dataArt. 6(1)(a) — Explicit consent
Partner & commission dataArt. 6(1)(b) + Art. 6(1)(c) — Contract + German tax law
Security & hashed IP dataArt. 6(1)(f) — Legitimate interest (fraud prevention)

4. How We Use Your Data

4.1 Core Service Delivery

  • Processing and analysing your uploaded documents using AI (Anthropic Claude)
  • Generating plain-language explanations in your chosen language
  • Generating formal reply letters in the official language of the document
  • Enforcing usage limits per subscription plan
  • Providing letter history and document management

4.2 Notifications & Deadline Tracking

  • Sending deadline reminders via your chosen method (email, browser push, or in-app bell)
  • Using your visit count only to recommend the most suitable notification method
  • Visit count and behavioral signals are never used for marketing, advertising, or profiling

4.3 Payments & Subscriptions

  • Processing subscription payments via Stripe
  • Enforcing plan-based credit limits
  • Calculating and paying affiliate commissions to Partner Program members

4.4 Security & Abuse Prevention

  • Rate limiting API requests to prevent abuse (max 10 uploads/hour per user)
  • Validating uploaded files to prevent malicious uploads
  • Detecting and blocking prompt injection attempts
  • Monitoring for unusual activity patterns

4.5 What We Never Do

  • Use your documents to train AI models
  • Sell your data to any third party
  • Use behavioral signals for advertising or profiling
  • Store raw IP addresses
  • Send marketing emails without separate explicit consent
  • Share partner payout data with any party other than the partner themselves

5. Notification System & GDPR Compliance

5.1 Consent-First Architecture

Briefklar's deadline reminder system is built on a consent-first model. No notification detection, no signal analysis, and no browser push prompt will ever appear until you have explicitly clicked “Yes, remind me” on our consent screen. Dismissing the screen or clicking “No thanks” means zero notification activity occurs.

5.2 Smart Method Detection

After you give consent, the system checks three signals to recommend the best notification method:

  • Browser push notification support and permission status
  • Whether you have a verified email address on your account
  • How many times you have visited the dashboard (visit count)

These signals are used solely to recommend a method. You can override the recommendation at any time.

5.3 Withdrawing Consent

You can withdraw notification consent at any time in Settings > Notifications. Withdrawal takes effect immediately — no delay, no confirmation email required. Your consent record is retained for 3 years for legal audit purposes, but no further notifications are sent.

5.4 Email Reminders Compliance (German UWG)

Every deadline reminder email sent by Briefklar includes a one-click unsubscribe link. This link works without requiring you to log in. Clicking it immediately disables all email reminders for your account. This complies with both GDPR and the German Gesetz gegen den unlauteren Wettbewerb (UWG).

6. Data Sharing & Third Parties

Briefklar uses a small number of carefully selected third-party services to operate. We share the minimum data necessary with each.

Third PartyWhat We Share & Why
Anthropic (Claude AI)Document text for analysis. No identifiable user data. Not used for training.
ClerkAccount authentication — name, email, login method.
SupabaseEncrypted database and file storage. Hosted in EU.
StripeSubscription management. Briefklar never sees card details.
ResendEmail delivery for deadline reminders only. Never used for marketing.

All third-party processors have signed Data Processing Agreements (DPAs) as required by GDPR Article 28. All data processing occurs within the European Union or under adequate transfer mechanisms.

We do not share your data with governments, law enforcement, or any other party except where required by law — in which case we will notify you where legally permitted to do so.

7. Data Retention

Data TypeRetention Period
Account dataDuration of account + 30 days after deletion
Document filesUntil you delete them, or 30 days after account deletion
AI analysis resultsUntil you delete the letter, or 30 days after account deletion
Notification consent recordsMinimum 3 years (legal compliance)
Commission & payout records10 years (German HGB § 257)
Hashed IP addresses90 days then automatically deleted
Rate limit countersReset hourly, not retained
Security logs90 days
Stripe payment references7 years (German tax law)

We apply soft-delete across all records — data is flagged as deleted and made inaccessible before permanent deletion at the end of the retention period.

8. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights. All requests are processed within 30 days at no charge.

RightWhat It Means
Right of Access (Art. 15)Request a copy of all personal data we hold about you
Right to Rectification (Art. 16)Correct inaccurate or incomplete data
Right to Erasure (Art. 17)Request deletion of your account and data ('Right to be Forgotten')
Right to Restriction (Art. 18)Restrict how we process your data in certain circumstances
Right to Data Portability (Art. 20)Receive your data in a machine-readable format
Right to Object (Art. 21)Object to processing based on legitimate interest
Right to Withdraw Consent (Art. 7(3))Withdraw notification consent at any time with immediate effect
Right to Lodge a ComplaintContact the German supervisory authority: BfDI (bfdi.bund.de)

To exercise any right, contact: privacy@briefklar.de

9. Security Policy

Briefklar has undergone a comprehensive security audit. The following measures are active in production.

9.1 File Upload Security

  • Maximum file size: 20 MB per upload
  • File type validation using magic number (byte signature) verification — not just file extension
  • All uploaded files stored in a private storage bucket with no public URL
  • Signed access URLs expire after 1 hour
  • File names are sanitised before storage to prevent path traversal attacks

9.2 Input Validation & Sanitisation

  • All user inputs validated for length, format, and content on both client and server
  • Maximum lengths enforced: names (200 chars), addresses (500 chars), instructions (2,000 chars), letter text (50,000 chars)
  • Control characters and null bytes are stripped from all inputs
  • Email addresses validated with regex on both client and server

9.3 Prompt Injection Prevention

  • All user-submitted text is sanitised before being included in AI prompts
  • Dangerous patterns (system:, ignore previous instructions, etc.) are detected and neutralised
  • User content is isolated using XML tags to prevent it from being interpreted as instructions

9.4 Rate Limiting

EndpointLimit
Document uploads10 per hour per user
AI generation (replies)20 per hour per user
Feedback submissions10 per hour per user/IP
Notification sends3 per user per day
Test notifications3 per user per day
Authentication attempts5 per 15 minutes

9.5 Data Encryption

  • All data in transit encrypted via TLS 1.2+ (HTTPS enforced)
  • Database encrypted at rest (Supabase AES-256)
  • Web Push notification credentials encrypted before database storage
  • IP addresses stored only as SHA-256 hashes — the raw IP address is never written to any database
  • Unsubscribe tokens generated using cryptographically secure random bytes

9.6 Authentication & Access Control

  • Authentication managed by Clerk — industry-standard session management
  • All API routes verify authenticated Clerk session before processing
  • Supabase Row Level Security (RLS) enforced — users can only access their own rows
  • Admin routes require explicit admin role verification
  • Unsubscribe route is the only exception — token-based access without login (GDPR compliance)

9.7 Content Security & Headers

  • Content Security Policy (CSP) headers configured to prevent XSS attacks
  • Cross-Origin-Opener-Policy (COOP) header set to same-origin
  • HSTS (HTTP Strict Transport Security) enforced in production
  • Clickjacking protection via X-Frame-Options and CSP frame-ancestors

10. Subscription Plans & Usage Limits

Free

€0/month

  • 5 credits/month
  • Document upload & analysis
  • 30+ language translations
  • PDF and Word export
  • Text-based replies

Pro

€9.99/month

  • 60 credits/month (rollover up to 60)
  • Voice replies & Voice I/O
  • Document history (50 letters)
  • Cross-device sync
  • Email support (24-48h)

Family

€14.99/month

  • 95 shared credits (rollover up to 95)
  • 2-5 family members
  • Document history (150 letters)
  • All Pro features for all members
  • Priority support (12-24h)

11. Cookies & Tracking

CookieType & Purpose
Authentication session cookieRequired
Referral attribution cookieFunctional
Notification consent (localStorage)Functional
Stripe cookiesRequired
Clerk third-party cookiesRequired

We do not use advertising cookies, tracking pixels, or any analytics cookies. We do not work with advertising networks. Referral attribution cookies are only set after cookie consent is obtained, in compliance with the German TTDSG.

12. Children's Privacy

Briefklar is not directed at children under 16 years of age. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact privacy@briefklar.de immediately and we will delete it.

13. AI Analysis Disclaimer

Important Limitation of AI Analysis

  • Briefklar provides AI-powered document analysis for informational purposes only.
  • This is not legal advice.
  • For matters with significant legal consequences, please consult a qualified lawyer (Rechtsanwalt).
  • AI analysis may contain errors. You are responsible for verifying important information.
  • Briefklar does not establish a lawyer-client relationship of any kind.

14. Changes to This Policy

We may update this Privacy & Security Policy from time to time. When we make material changes, we will:

  • Display a prominent notice in the app dashboard
  • Send an email notification to all registered users
  • Update the “Last Updated” date at the top of this document
  • Maintain previous versions accessible at briefklar.de/legal/archive

Continued use of Briefklar after the effective date of changes constitutes acceptance of the updated policy. If you do not agree with changes, you may close your account at any time.

15. Contact & Data Requests

General Privacyprivacy@briefklar.de
Data Protection Officerdpo@briefklar.de
Partner Programpartner@briefklar.de
Security Vulnerabilitiessecurity@briefklar.de
General Supportsupport@briefklar.de
Websitebriefklar.de
Imprintbriefklar.de/imprint

German Supervisory Authority

Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)

Website: bfdi.bund.de · Husarenstraße 30, 53117 Bonn, Germany

BRIEFKLAR APP

Privacy & Security Policy — Version 1.0 · Effective 1 February 2026 · Governing Law: Germany · GDPR Compliant