Privacy Policy

1. Introduction

Dose of AI (“we”, “our”, or “us”) operates the website at https://doseofai.com and provides a daily newsletter and related services about AI tools and workflows. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our website, subscribe to our newsletter, create an account, or otherwise interact with our services.

We are committed to transparency and compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable, the California Consumer Privacy Act (CCPA), and other privacy regulations. By using our services, you agree to the practices described in this policy.

2. Data We Collect

2.1 Information You Provide

• Newsletter and preferences. When you subscribe to our email newsletter, we collect your email address and, optionally, your preferences (topics of interest, email frequency, format, skill level, and timezone). We use this to send you the Daily Dose and other emails you have requested and to personalize content.
• Account registration. If you create an account (sign up), we collect your email address, a password (stored in hashed form only), and optionally your name. We use this to authenticate you and to link your newsletter preferences and saved items to your account.
• OAuth sign-in. If you sign in with Google, LinkedIn, or X (Twitter), we receive your email address and, depending on the provider, your name and profile image from that provider. We do not store your social login password.
• Saved items and collections. When you save tools, doses, or recipes and organize them into collections, we store those choices so you can access them across devices when signed in or when using your subscriber link.
• Unsubscribe and preferences. You can update your preferences or unsubscribe at any time via the links in our emails or our Unsubscribe and Preferences pages. We process these choices to update your record and stop sending emails when requested.

2.2 Information Collected Automatically

• Cookies and similar technologies. We use cookies and similar technologies to provide and secure our services:
  • Session and authentication: We use session and authentication cookies (including for account sign-in and admin access) so you can stay logged in and we can secure certain areas of the site.
  • Subscriber token: When you subscribe or sign in, we may set a secure cookie (“subscriber_token”) so we can recognize you on return visits and show your preferences and saved items without requiring you to re-enter a link from email.
  • Voting: We use an anonymous cookie (“voter_id”) to associate upvotes and downvotes with a single browser so we can avoid duplicate voting and show aggregate counts. This identifier is not tied to your email or identity.
• Usage and analytics. We use Google Analytics and Google Tag Manager to understand how visitors use our site (e.g., pages viewed, referral sources). This may include IP address, device and browser information, and approximate location. Google may use this data in accordance with its own privacy policy. You can opt out of Google Analytics using browser add-ons such as the Google Analytics Opt-out Browser Add-on.
• Rate limiting and security. For sign-up, login, and subscription forms, we may use your IP address (or similar technical data) to prevent abuse and enforce rate limits. We do not use this for profiling or marketing.

3. How We Use Your Data

We use the data we collect to:

• Deliver the newsletter and other emails you have requested
• Manage your account, preferences, and saved items
• Authenticate you and protect our site and admin areas
• Improve our website and content (e.g., via aggregated analytics)
• Comply with legal obligations and enforce our terms
• Respond to your requests (e.g., access, correction, deletion, unsubscribe)

We do not sell your personal data. We do not use your email or other personal data for third-party advertising or for building advertising profiles.

4. Third-Party Services and Data Sharing

We work with the following types of service providers, who may process your data on our behalf:

• Hosting and infrastructure. Our website and APIs are hosted on Vercel. Page requests, server logs, and API traffic may be processed by Vercel in accordance with their privacy policy.
• Database. Subscriber and account data (e.g., email, preferences, saved items) are stored in a database provided by Neon (PostgreSQL). Data may be stored in regions chosen by our configuration.
• Email delivery. We use Resend to send transactional and newsletter emails. Your email address and the content of emails we send (including personalization based on preferences) are processed by Resend. Resend’s privacy practices apply to their processing.
• Analytics. We use Google Analytics and Google Tag Manager. Google may collect and process data as described in Google’s Privacy Policy and terms. We do not pass your email or account identifiers to Google Analytics.
• OAuth. If you sign in with Google, LinkedIn, or X (Twitter), those providers process your sign-in and may provide us with your email, name, and profile image. Their privacy policies govern their use of your data.

We require our service providers to use your data only to provide services to us and in line with applicable law. We may also disclose your data where required by law, to protect our rights or safety, or with your consent.

5. Data Retention

• Account and newsletter data. We retain your account and subscriber data (email, preferences, saved items) for as long as your account or subscription is active. If you unsubscribe, we retain a minimal record (e.g., email and “unsubscribed” status) to honor your opt-out and prevent re-adding you without consent.
• Cookies. Session and authentication cookies are removed when you log out or when they expire. The subscriber token cookie is set for a defined period; you can clear it by unsubscribing or clearing your browser cookies. The anonymous voter_id cookie is long-lived to maintain vote consistency; it does not identify you personally.
• Logs and analytics. Server and analytics data are retained according to our and our providers’ policies (typically for a limited period for security and analytics purposes).

6. Your Rights and Choices

Depending on where you live, you may have the following rights:

• Access and portability. You can request a copy of the personal data we hold about you. For account and newsletter data, you can see and update much of it via the Preferences and account settings pages.
• Correction. You can update your email preferences and account details through our site. For other corrections, contact us.
• Deletion. You can request deletion of your account and/or subscriber data. We will delete or anonymize your data subject to any legal retention requirements. Unsubscribing stops further emails and you can request full deletion of your subscriber record.
• Opt-out of marketing. You can unsubscribe at any time using the link in any newsletter email or via our Unsubscribe page. We do not send marketing emails to unsubscribed addresses.
• Restriction and object. In certain jurisdictions you may have the right to restrict or object to certain processing. Contact us to exercise these rights.
• Withdraw consent. Where we rely on your consent (e.g., for optional preferences or OAuth), you can withdraw it at any time by updating settings or contacting us.
• Complaint. You have the right to lodge a complaint with a supervisory authority in your country if you believe our processing violates applicable law.

To exercise any of these rights, contact us at the email or address below. We will respond within the time required by applicable law (e.g., 30 days under GDPR/CCPA where applicable). We may need to verify your identity before processing a request.

7. Security

We use industry-standard measures to protect your data, including HTTPS, secure password hashing (we never store your password in plain text), and access controls for our systems and database. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but we work to protect your data from unauthorized access, loss, or misuse.

8. International Transfers

Our service providers (e.g., Vercel, Neon, Resend, Google) may store or process data in the United States or other countries. If you are in the European Economic Area, United Kingdom, or another jurisdiction with strict transfer rules, your data may be transferred to countries that have been deemed to provide an adequate level of protection, or we and our providers may rely on standard contractual clauses or other approved mechanisms. You can request more detail about safeguards by contacting us.

9. Children

Our services are not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and change the “Last updated” date. For material changes, we may notify you by email (where we have it) or by a notice on our website. We encourage you to review this policy periodically.

11. Contact Us

For privacy-related questions, requests (e.g., access, correction, deletion, portability), or complaints, please contact us:

• Website: https://doseofai.com
• Unsubscribe and preferences: Use the links in our emails or visit Unsubscribe and Preferences.

For all other privacy requests, please use the contact method provided on our website.