PricingBrief Privacy Policy

Effective date: 2026-06-04 Last updated: 2026-06-04

1. Who we are

PricingBrief is a Forethought Studios project operated from the United States ("we", "us", "PricingBrief"). The data controller for the personal data described in this Policy is the PricingBrief operator.

Privacy questions and rights requests go to privacy@pricingbrief.com. Unsubscribe requests go to unsubscribe@pricingbrief.com or the unsubscribe link in any issue. The physical postal address required for newsletter compliance is printed in each issue footer.

2. What we collect

We deliberately collect as little as possible. The complete list of personal data PricingBrief stores about a subscriber today is below.

2a. Required: your email address

Without this we cannot send you the newsletter. We collect it when you submit it through the signup form at https://pricingbrief.com/subscribe.

2b. Subscription metadata

For every subscriber we durably record:

• The signup source label and any referral or campaign value submitted with the signup form.
• The timestamps of lifecycle events: signup, confirmation, unsubscribe, bounce, and complaint.
• The confirmation token issued when you sign up, until you confirm the address. The token is single-use and is cleared from your record on confirmation.
• The subscription status: pending, confirmed, unsubscribed, or bounced.
• Optional unsubscribe, bounce, or complaint reason strings when available, such as a mail-provider SMTP code or the unsubscribe source that triggered the state change.

The schema for subscriber records lives at src/types/subscriber.ts in the PricingBrief project repository. If it changes, this Policy will be updated to match.

2c. Website and edge event data

When you use the public website, Cloudflare may process standard request data needed to serve and protect the site: IP address, user agent, requested URL, timestamp, and related security metadata.

When you submit the signup form, click a confirmation link, click an unsubscribe link, or use email-client one-click unsubscribe, the Cloudflare Worker writes a short intent record to Cloudflare KV. That intent contains the email address or token, timestamp, source, user agent, IP address, and referrer where available. The local PricingBrief poller drains those intents and applies the durable subscriber-state change.

2d. Delivery telemetry from our mail provider

When we send you an issue, our outbound mail provider records standard delivery telemetry: whether the message was accepted by your mail server, whether it bounced, and whether a complaint was reported. We use this only to retire addresses that cannot receive mail, honor complaint signals, and diagnose deliverability.

PricingBrief does not use tracking pixels for behavioral advertising, does not sell or share delivery telemetry, and does not combine it with external profiles.

2e. What we do not collect

The Service does not:

• Collect payment information. The newsletter is free today. If a paid tier launches, payment data will be handled by a payment processor and this Policy will be updated.
• Use third-party advertising or retargeting trackers.
• Drop cross-site tracking cookies.
• Collect your company name, contracts, spend, seat counts, or other procurement data in the free newsletter.
• Read, scan, or otherwise process the contents of any email you send us beyond what is necessary to respond to your message or process an unsubscribe request.

2f. Paid-tier "your stack" list, if offered later

If PricingBrief later offers a paid tier, that tier may let you supply a list of SaaS vendors you want filtered into a customized digest. That vendor list would be used only to generate your customized digest and would not be sold, shared for advertising, or used to advise vendors on pricing strategy. This Policy will be updated before that tier accepts subscriber data.

3. Why we use the data

We use subscriber data to:

• Send confirmation, welcome, weekly digest, unsubscribe, and deliverability-related messages.
• Keep the subscriber list accurate.
• Honor unsubscribe, deletion, bounce, and complaint events.
• Measure aggregate newsletter usefulness and acquisition channels.
• Protect the website and subscription flow from abuse.

We do not use subscriber data for cross-context behavioral advertising.

4. Where the data lives

Subscriber records are stored in local files under the PricingBrief data directory on the operator's machine. Website signup, confirmation, unsubscribe, bounce, and complaint intents are stored temporarily in Cloudflare KV until the local poller drains them. Outbound email is sent through the configured mail provider, currently Google Gmail SMTP for operator/testing flows and Amazon SES when configured for public subscriber delivery.

These systems may process data in the United States and other countries where their infrastructure operates. If applicable law requires a transfer safeguard for your region, we rely on the safeguards offered by the relevant service provider.

5. Service providers

PricingBrief uses these service providers to run the public site and newsletter:

• Cloudflare: DNS, hosting the public Worker, website security, and KV storage for pending subscription-related intents.
• Google Gmail SMTP: email delivery for the local/operator transport when configured.
• Amazon SES: email delivery and bounce/complaint feedback when the SES transport is configured for public subscriber sends.
• The operator's local machine: durable subscriber records, scrape snapshots, diffs, and digest generation.

Each provider receives only the data needed for its role.

6. How to unsubscribe and exercise your rights

6a. Unsubscribe

You can unsubscribe at any time and for any reason:

1. Click the unsubscribe link at the bottom of any issue.
2. Use your mail client's one-click unsubscribe button when shown.
3. Email unsubscribe@pricingbrief.com from the subscribed address.

We honor opt-outs promptly and in any event within ten (10) business days. We do not re-add unsubscribed addresses unless you explicitly opt back in through the subscription form.

We retain the minimum record needed to honor an opt-out: email address, status, timestamps, and opt-out source or reason. Keeping this record is what prevents us from accidentally resubscribing an address that opted out.

6b. Access, correction, deletion, and similar rights

If applicable law gives you the right to access, correct, delete, restrict, object to, or receive a portable copy of personal data we hold about you, email privacy@pricingbrief.com from the subscribed address. We will respond within 30 days unless a shorter period is required by law.

Deletion may be limited where we need to retain the minimum opt-out, bounce, abuse-prevention, or legal-compliance record described above.

6c. California privacy rights

PricingBrief does not sell personal data and does not share personal data for cross-context behavioral advertising, as those terms are used under California privacy law. Because there is no sale or sharing to opt out of, there is no separate "Do Not Sell or Share My Personal Information" link.

7. Children

PricingBrief is not directed at children under 16, and we do not knowingly collect personal data from them. If you believe a child has subscribed, email privacy@pricingbrief.com and we will delete the record unless we must retain a minimal suppression record to prevent future mail.

8. Security

We take reasonable technical and organizational measures to protect the data we hold:

• Subscriber records are stored on the operator's local machine.
• Access to subscriber data is limited to the operator.
• Outbound mail uses TLS in transit where supported by the receiving mail infrastructure.
• Confirmation and unsubscribe tokens are treated as bearer tokens and are scoped to subscription actions.
• The public website writes intents at the edge; the durable subscriber state changes only through the local pollers.

No system is perfectly secure. If we discover a breach involving your personal data, we will notify affected subscribers and regulators where required by law.

9. Retention

• Active subscribers: for as long as you are subscribed.
• Pending subscribers: until the confirmation window or cleanup process expires the pending record.
• Unsubscribed subscribers: the minimum record needed to honor the opt-out.
• Bounced subscribers: retained at least 90 days after the bounce for diagnosis, then either revalidated or converted to the minimum suppression record.
• Cloudflare KV intent records: up to 30 days if not drained earlier.
• Website access and security logs: retained according to Cloudflare's operational settings and used for security, abuse detection, and aggregate traffic measurement.
• Paid-tier customer data, if a paid tier launches: for the duration of the subscription plus any period required by tax, accounting, dispute, or legal obligations.

10. Changes to this Policy

We will update the "Last updated" date at the top of this page when we change this Policy. Material changes will also be announced in the next issue of the newsletter. The current version always lives at https://pricingbrief.com/privacy.

11. Contact

Privacy questions or rights requests: privacy@pricingbrief.com

Unsubscribe: unsubscribe@pricingbrief.com or the link in any issue.

Home · Sample · Archive · About · Subscribe · Privacy · Terms