Security

Last updated: December 31, 2024

At Daily Brief, security is our top priority. We implement industry-leading practices to protect your data.

Data Protection

Encryption

• All data encrypted at rest using AES-256
• All data encrypted in transit using TLS 1.3
• OAuth tokens encrypted with separate keys

Access Control

• Principle of least privilege for all systems
• Multi-factor authentication for team access
• Regular access reviews and audits

Privacy by Design

• We never store your email content
• Only metadata is analyzed and encrypted
• Data automatically deleted after 30 days
• You can delete your data at any time

Infrastructure Security

• Hosted on SOC 2 compliant infrastructure
• Regular security audits and penetration testing
• 24/7 monitoring and incident response
• Automated vulnerability scanning

OAuth Security

• We use Google's official OAuth 2.0 flow
• We never see or store your Google password
• Minimal required permissions only
• You can revoke access anytime from Google settings

Report a Vulnerability

Found a security issue? Please report it responsibly to mondautjonathan@gmail.com. We appreciate your help in keeping Daily Brief secure.

Questions?

For security-related questions, contact us at mondautjonathan@gmail.com.