Privacy Policy
What we collect, why we collect it, who touches it, and how to make us delete it. Written to be read, not to protect us from you.
1. Who is responsible for your data
Responsable: Carlos Jaimes, Bucaramanga, Colombia. Contacto: privacidad@brujula.systems
Brújula Systems is operated by a natural person based in Colombia, acting as data controller under Law 1581 of 2012 (Colombia's data protection regime). If you are in the European Union, we also honor the rights the GDPR gives you, as described in section 5.
2. What we collect
- Email address — when you subscribe to the newsletter or start a trial.
- Professional role and decision horizon — if you provide them during trial signup, to personalize what you receive.
- Payment data — processed entirely by Stripe. We never see or store card numbers.
- IP address — used transiently for rate-limiting and abuse prevention.
- Technical error data — when something breaks, Sentry captures the technical context of the failure so we can fix it.
That is the full list. We do not collect browsing history, device fingerprints, or behavioral profiles.
3. What we use it for
- Sending you the daily editorial and reports you asked for.
- Personalizing content to your role and decision horizon.
- Billing and managing your subscription.
- Keeping the service secure and available.
Nothing else. In particular, see section 7.
4. Who processes it, and where it lives
We use a small set of processors, each for one job:
- Stripe — payment processing and subscription billing.
- Resend — sending transactional and editorial email.
- Sentry — error monitoring.
- VPS provider (United States) — hosting of our application and database.
International transfer: your data is stored on servers located in the United States. By subscribing you authorize this transfer, which is carried out with technical and contractual safeguards. Each processor is bound by its own data processing terms and only receives what it needs to do its job.
5. Your rights and how to exercise them
Under Colombian Law 1581 of 2012, you have the right to know what data we hold about you, to update and rectify it, to delete it, and to revoke the authorization you gave us. If you are in the EU, the GDPR additionally gives you rights of access, portability, erasure, and objection to processing.
To exercise any of these, email privacidad@brujula.systems from the address associated with your account. We respond within a maximum of 15 business days. No forms, no hoops.
6. How long we keep it
We keep your data while your subscription or newsletter signup is active, plus whatever periods the law requires us to retain (for example, billing records). If you ask us to delete your data, we delete it — except the minimum we are legally obliged to keep, which stays locked away and untouched.
7. What we never do
We do not sell your data. We do not rent it, trade it, or share it with advertisers. We do not use your data to train general-purpose AI models. Your email exists in our system to receive what you signed up for — that is its entire career.
8. Cookies and local storage
We use no third-party trackers and no advertising cookies. The only thing stored in your browser is a local preference (your language choice), kept in localStorage on your own device. It never leaves your browser and we cannot read it remotely.
9. Changes to this policy
If we change this policy in any way that matters, we will update the effective date at the top and, if the change affects your rights, notify subscribers by email before it takes effect. The current version always lives at this URL.