Privacy Policy

Controller Identity

Controller: Not published yet.

Authorized representative: Not published yet.

Contact Details

General legal contact: Not published yet.

Support contact: support@kirla-webservices.com

Postal address: Not published yet.

Data protection contact: Not published yet.

Processed Data Categories

We process account identity data, authentication/security metadata, profile preference data, briefing content artifacts, billing ledger metadata, and support communications.

• Account identity: name, email, account role, verification state.
• Authentication/security: session versioning, rate-limit metadata, security event logs.
• Product/profile data: topics, regions, scheduling and preference metadata.
• Briefing operations: generated briefings, delivery records, source archive metadata.
• Billing metadata: wallet movements, references, and reconciliation records.

Processing Purposes

Data is processed to operate the service, secure accounts, deliver briefings, support billing operations, and provide support/compliance responses.

• Account creation, login, password recovery, and account security.
• Briefing generation, email delivery, and user-facing archives.
• Billing balance handling and transaction transparency.
• Service abuse prevention, diagnostics, and incident investigation.

Legal Bases

Processing is generally based on contract performance, legal obligations, and legitimate interests in operating and securing the service.

Optional cookie/service categories are processed on a consent basis and remain inactive until consent is recorded.

Recipients and Processors

No subprocessors are currently published.

• Not published yet.

International Transfers

International transfer safeguards will be published before launch.

Retention and Deletion

Retention details will be published before launch.

Deletion requests are handled via support at support@kirla-webservices.com.

• Retention exceptions for deletion requests will be published before launch.
• Security and abuse-prevention records may be retained for legitimate interests and legal obligations.
• Anonymization vs deletion policy: Anonymization details will be published before launch.

Data Subject Rights

Users may request access, rectification, deletion, restriction, objection, and data portability where applicable under law.

Requests can be submitted via support contact channels listed on the contact page.

Cookies and Consent Categories

Strictly necessary cookies include `bigredbriefing_session` (authentication/session security) and `bigredbriefing_consent` (storing your consent choices and policy version).

The `brb_locale` preference cookie is only persisted after an explicit language switch and only if the preferences category has been allowed.

Cloudflare Turnstile is used as a technically necessary anti-bot security control for login, registration, contact, and password-reset forms.

One or more optional consent categories are available in this deployment and controlled through cookie settings.

Consent can be updated or withdrawn at any time via `/cookie-preferences`.

• Necessary: always enabled for core security and sign-in behavior.
• Preferences: available by consent (currently used for locale persistence).
• External services: available by consent (currently not required for Turnstile).
• Analytics: configured as inactive in this deployment.
• Marketing: configured as inactive in this deployment.

Security, Logging, Account, Billing, and Email Flows

Security events, account recovery, verification, billing reconciliation, and delivery operations generate operational logs and metadata required to run and secure the service.

• Password reset and account security events.
• Rate-limit and abuse prevention telemetry.
• Billing wallet and reconciliation event metadata.
• Email verification and delivery status records.

Complaints and Supervisory Authority

Supervisory authority: Not published yet.

You may also contact the controller or support contact first for direct resolution.