Back to home
Privacy-first by design

Security & Privacy

Your messages deserve the highest protection.

Briefli is built to summarize the groups you choose while keeping your conversations private, secured, and under your control.

AES-256-GCM encryption
Azure Key Vault
14-day auto deletion
No human review

How We Protect Your Data

We use strong safeguards behind the scenes, but the goal is simple: keep your information protected and limit who or what can touch it.

Encryption of Credentials

Your WhatsApp connection credentials and linked-account tokens are encrypted with AES-256-GCM, using a unique key per user. Message text is held only briefly on secured infrastructure and then automatically deleted (see Data Retention).

Key Management

Encryption keys are stored in Azure Key Vault, separate from your data. That means the keys and the locked data are not kept in the same place.

Data Retention

Messages are kept for 14 days and then automatically deleted. Child-monitoring messages are kept for 7 days. Auth sessions are deleted as soon as you disconnect.

Access Controls

No employee can read your messages. Processing is handled by automated systems only, with no human review of your conversations.

What We Access

Briefli only works with the content needed to deliver summaries. We read the text of messages in the groups you select — including text inside images you share (for example, a photographed flyer or schedule); the image file itself is not stored. If something is not needed, we do not touch it.

Groups you explicitly select
Private 1:1 chats — never read or processed
Videos and voice notes
Your contacts list
Messaging your contacts on our own (we only deliver your digest to the destination you choose)

Your Control

You stay in charge of your connection and your data.

Disconnect anytime

When you disconnect Briefli, your active auth session is deleted immediately.

Export your data

Email us at [email protected] to request a copy of the data tied to your account.

Delete your account

If you no longer want to use Briefli, you can request account deletion and data removal.

Technical Details

For technical users who want the implementation overview.

Envelope encryption with per-user DEKs
Azure Key Vault-managed KEKs (RSA-OAEP-256)
CSRF protection and rate limiting
Security headers including HSTS, CSP, and X-Frame-Options
Audit logging for all vault operations

Contact

Questions? Email [email protected]

[email protected]