Privacy Policy

Last updated: January 2026

At SecondBrain, we take your privacy seriously. This policy describes how we collect, use, and protect your personal information.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (encrypted). If you subscribe to a paid plan, we collect payment information through our secure payment processor, Stripe.

Content You Provide

We store the content you capture, including thoughts, notes, and any information you input into SecondBrain. This content is essential for providing our service.

Usage Data

We collect information about how you use SecondBrain, including features used, time spent, and interaction patterns. This helps us improve our service.

2. How We Use Your Information

  • To provide and maintain our service
  • To process your captures and classify them using AI
  • To send you daily digests and weekly reviews
  • To process payments and manage subscriptions
  • To communicate with you about service updates
  • To improve and develop new features

3. AI Processing

We use artificial intelligence to classify and organize your captures. Your content is processed by AI models to determine categories (People, Projects, Ideas, or Admin), extract structured information such as names, dates, and action items, and generate daily digests and weekly reviews. Each classification includes a confidence score indicating the AI's certainty.

We do not use your personal captures to train general-purpose AI models. The system may learn from your individual corrections (e.g., reclassifications) to improve accuracy for your account only. This learning data is never shared across users or with third parties.

4. Data Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit (TLS/SSL) and at rest
  • Passwords are hashed using secure algorithms
  • Regular security audits and monitoring
  • Access controls and authentication requirements

5. Data Retention

We retain your data for as long as your account is active. Specific retention periods:

  • Free plan: Captures are accessible for 7 days, after which they are archived. Archived data is retained for 90 days.
  • Pro and Team plans: All captures are retained for the lifetime of your active subscription.
  • Account deletion: All personal data is permanently deleted within 30 days of account deletion, except where required by law.
  • Downgrade from paid to free: Data beyond 7-day history is archived and retained for 30 days, then permanently deleted.

You can export all your data at any time from Settings > Data in your dashboard. Pro and Team plan users can export in CSV or JSON format.

6. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Object to certain processing

7. Third-Party Services

We integrate with the following third-party services to provide our product:

  • Slack - Messaging integration for capture and delivery. When you connect your Slack workspace, we access only the designated #sb-inbox channel. We do not read your direct messages, other channels, or any other Slack data.
  • Google - Optional OAuth authentication for account sign-in
  • Stripe - Payment processing for paid subscriptions
  • MongoDB Atlas - Encrypted database hosting
  • Vercel - Application hosting

Additional capture channels (email forwarding, Telegram, WhatsApp) may be added in the future. Each integration will request only the minimum permissions necessary to provide the capture and delivery functionality.

8. Contact Us

If you have questions about this privacy policy or your personal data, please contact us at:

Email: contact@second-brain.io

Address: 18117 Biscayne Blvd unit 1039, Aventura, FL 33160

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.