Privacy Policy

Last updated: April 2026

1. About This Policy

The Prior ("the Service") is available globally. We are committed to handling personal data in accordance with applicable privacy laws, including Singapore's Personal Data Protection Act (PDPA), the EU General Data Protection Regulation (GDPR) where applicable, and India's Digital Personal Data Protection Act (DPDP Act) where applicable.

2. What We Collect

Data	How We Collect It
Name and email address	Registration
Professional role and geography	Onboarding form
Focus areas, tracked entities, decision context	Onboarding and account settings
Payment information	Processed directly by Stripe — we do not store card data
Email engagement (opens, clicks)	Via our email delivery provider (currently Resend)
Replies to briefing emails	Via your email client to our reply-to address

We do not collect sensitive personal data (health, political, religious, or financial data beyond what is needed for billing).

3. How We Use Your Data

We use your data to:

Generate and deliver your personalized daily briefing.
Process payments and manage your subscription.
Send transactional emails (welcome, billing, account notifications).
Improve the quality of briefing personalization over time.
Respond to support requests you initiate.

For EU/EEA users, we process your personal data on the following legal bases: performance of a contract (to deliver your subscription), legitimate interests (service improvement and security), and consent (where explicitly obtained).

We do not sell your data to third parties.

4. Third-Party Services

We use the following sub-processors:

Service	Purpose
Stripe	Payment processing
Resend	Email delivery
Amazon Web Services / Vercel	Cloud hosting
Anthropic	AI content generation

Each of these providers has its own privacy policy and data processing terms.

5. Data Retention

We retain your account data for as long as your account is active.
On account deletion, we delete your personal data within 30 days, except where required for legal or billing purposes.
Briefing content logs may be retained in anonymized form for service improvement.

6. Your Rights

Depending on where you are located, you may have the following rights regarding your personal data:

All users:

Access the personal data we hold about you.
Correct inaccurate or incomplete data.
Request deletion of your data (subject to legal or billing retention requirements).
Withdraw consent for processing, where processing is based on consent.

EU/EEA residents (GDPR):

In addition to the above, you have the right to data portability, the right to restrict processing, and the right to object to processing based on legitimate interests. You also have the right to lodge a complaint with your local supervisory authority.

India residents (DPDP Act):

You have the right to information about processing, the right to correction and erasure, and the right to grieve any breach of your rights under the Act.

To exercise any of these rights, contact hello@theprior.co. We will respond within 30 days.

7. Cookies and Tracking

The Service is delivered primarily via email. Standard email engagement signals (open rates, click-throughs) are collected via Resend for operational purposes only. No third-party advertising trackers are used.

8. Security

We use industry-standard measures to protect your data, including encrypted data transmission (TLS) and access controls on our infrastructure. No method of transmission over the internet is 100% secure.

9. Children

The Service is not directed at individuals under 18. We do not knowingly collect data from minors.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or data requests: hello@theprior.co