Effective date: February 8, 2025

Privacy Policy

How Briefly collects, uses, and protects your information.

Cho & Ahn ("Briefly", "we") processes personal information in accordance with the Personal Information Protection Act and related laws. This notice explains what we collect, why we use it, and how you can exercise your rights.

I. Collection and use of personal data

We collect only the minimum data needed to provide the service. If the purpose changes, we will obtain additional consent under Article 18 of the PIPA.

Purpose	Data	Retention	Legal basis
Account creation and service access	[Required] Email, authentication provider info (Apple/Google), password, name. [Optional] profile photo	Until account deletion or as required by law	Contract performance and consent
Service usage and security logs	Access logs, IP address, timestamps, service actions, cookies/unique IDs	3 months (Communications Secrets Protection Act) or until account deletion	Legal obligation and legitimate interest
Device tuning and troubleshooting	Browser/OS, device model, app version, crash reports	Until account deletion	Legitimate interest
Optional integrations you connect	Calendar or conferencing metadata (meeting title, organizer), shared files	Until you revoke the connection or delete your account	Consent

We do not use your recordings or transcripts to train foundation models. Audio and transcripts are encrypted in transit and at rest. Any manual review happens only when you explicitly request support.

II. Statutory retention

The following items are retained for the periods required by applicable law.

Record type	Retention	Law
Contracts, payments, and refunds	5 years	Act on Consumer Protection in Electronic Commerce
Customer inquiries and dispute resolution	3 years	Act on Consumer Protection in Electronic Commerce
Advertising and notifications	6 months	Act on Consumer Protection in Electronic Commerce
Connection logs (IP, access history)	3 months	Communications Secrets Protection Act, Article 15-2

When the statutory period ends, or when you request deletion where legally allowed, data is safely destroyed without delay.

III. Processors and cross-border transfers

We engage trusted processors and ensure appropriate technical and contractual safeguards.

Vercel, Inc.

Hosting and content delivery for brfl.cc

Global (primarily USA/EU)

Amazon Web Services, Inc.

Object storage, backups, and key management

USA/EU/Asia as configured

Supabase / PostgreSQL

Database, access control, and encrypted storage of account data

USA/EU as configured

Deepgram, Inc.

Speech-to-text processing of audio you upload

USA

OpenAI OpCo, LLC

AI summarization and insight generation

USA

Google LLC (Gemini)

AI summarization and insight generation

USA

Resend, Inc.

Transactional email delivery

USA

Personal data may be transferred to servers outside your country for service delivery. Standard contractual clauses or equivalent safeguards are applied to protect your data.

IV. Your rights

Request access to, correction of, or an export of your personal data.
Withdraw consent, request deletion, or stop optional integrations at any time unless retention is required by law.
Request suspension of processing where permitted and receive notice before material changes are applied.
Ask for the list of third-party recipients and the safeguards applied for overseas transfers.

V. Contact

Cho & Ahn

Privacy contact

Email: mk@brfl.cc