Legal

Privacy Policy

Last updated: June 2026 · Daybrain, Gloucester, UK · hello@daybra.in

Contents

Who we are
What we collect
How we use your data
Legal basis
Who we share data with
How long we keep it
Your rights
Cookies
Security
Contact

Plain English summary: We collect your email, name, and task details to run your account and deliver your jobs. We do not sell your data. Ever.

1. Who we are

Daybrain Bridge is operated by Daybrain, a sole trader based in Gloucester, UK. We are the data controller for all personal data processed through bridge.daybra.in.

You can contact us at any time at hello@daybra.in or via our main site at co.daybra.in.

2. What we collect

We collect the following categories of personal data:

Account information — your name and email address, provided at sign-in via Google or email/password.
Task and conversation data — everything you type in the Bridge chat, including task descriptions, instructions, and any files you upload.
Payment information — processed entirely by Stripe. We receive a payment confirmation and transaction reference but never your card details.
Usage data — pages visited, features used, timestamps of activity, and task status changes.
Device and browser data — browser type, operating system, screen resolution, and IP address for security and debugging purposes.
Push notification subscription — if you opt in, we store a browser push subscription token to send you task updates.

3. How we use your data

We use your data only to:

Fulfil your tasks — pass relevant details to the Daybrain agent completing your job.
Process payments — initiate and confirm Stripe transactions.
Send notifications — task status updates, quotes, and completion confirmations via push or email.
Improve the platform — identify bugs, improve AI response quality, and understand usage patterns.
Meet legal obligations — maintain records required by HMRC and UK law.

We do not use your data for advertising, profiling, or any purpose unrelated to running Daybrain Bridge.

4. Legal basis

We process your data under the following legal bases under UK GDPR:

Contract — processing your account, task, and payment data to fulfil the service you've requested.
Legitimate interests — usage analytics and security monitoring to maintain and improve the platform.
Consent — push notification subscriptions, which you can withdraw at any time.
Legal obligation — retaining financial records as required by UK law.

5. Who we share data with

We share data only with the following trusted sub-processors, and only what is necessary:

Stripe — payment processing. Stripe processes your payment and card data directly. We never see or store card details. Stripe Privacy Policy.
Google Firebase — database, authentication, and file storage. Data is stored in EU regions. Firebase Privacy.
Anthropic — AI processing. Your conversation data is sent to Anthropic's Claude API to generate responses. Anthropic does not use your data to train models by default. Anthropic Privacy Policy.
Daybrain field agents — staff from Daybrain's business arms who complete your tasks. They receive only the task details needed to do the job, and are bound by a confidentiality agreement.

We do not sell, rent, or trade your personal data with any third party for any purpose.

6. How long we keep it

Account data — retained while your account is active, plus 12 months after closure.
Conversation and task data — retained for 24 months from the date of each conversation.
Payment records — retained for 7 years as required by HMRC and UK financial regulations.
Usage logs — retained for 90 days, then deleted.

You can request deletion of your account and associated data at any time by emailing hello@daybra.in. Payment records may be retained for the statutory period even after deletion.

7. Your rights

Under UK GDPR, you have the right to:

Access — request a copy of all personal data we hold about you.
Rectification — ask us to correct inaccurate or incomplete data.
Erasure — request deletion of your personal data ("right to be forgotten").
Restriction — ask us to limit how we process your data in certain circumstances.
Portability — receive your data in a structured, machine-readable format.
Object — object to processing based on legitimate interests.
Withdraw consent — withdraw any consent-based processing (e.g., push notifications) at any time.

To exercise any of these rights, email hello@daybra.in. We will respond within 30 days.

If you believe we have not handled your data lawfully, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

We use only the cookies strictly necessary to operate the platform:

Authentication cookies — set by Firebase to maintain your signed-in session. These are essential and cannot be disabled.
Session cookies — temporary cookies that expire when you close your browser.

We do not use advertising cookies, cross-site tracking cookies, or Google Analytics. There are no third-party marketing pixels on any page.

9. Security

We take reasonable technical and organisational measures to protect your data:

All data is transmitted over HTTPS/TLS.
Firebase security rules restrict database access to authenticated users and their own data.
Payment data is handled entirely by Stripe and never passes through our servers.
Production system access is limited to authorised Daybrain personnel.

No method of transmission or storage is 100% secure. If you have concerns about a specific security issue, contact us at hello@daybra.in.

10. Contact

Daybrain
Gloucester, UK
hello@daybra.in
co.daybra.in