Privacy Policy

Overview

Bruce (“we”, “our”, “us”) is an AI-powered market intelligence platform operated at smartbruce.com. This policy explains what data we collect, how we use it, and your rights regarding that data. We keep things simple — we collect only what we need to provide the service.

Data we collect

When you use Bruce, we collect:

• Account information — email address, name, and profile details you provide when signing up.
• Project configuration — product descriptions, ideal customer profiles, competitor lists, and other context you provide to configure your radar projects.
• Feed subscriptions — the sources you subscribe to (RSS feeds, subreddits, Hacker News topics, YouTube channels, etc.) and their polling configuration.
• Signal interactions — your actions on scored signals (acted on, ignored, dismissed) and any notes or feedback you provide. These interactions are used to improve scoring accuracy for your projects.
• Usage data — basic information about how you interact with the service, such as pages visited and features used.
• API keys — if you generate API keys for external access, we store hashed versions of those keys.

Cookies

We use essential cookies required for the service to function, and analytics cookies via Google Analytics 4 to understand how the service is used. We do not use advertising cookies.

Analytics data is collected by Google Analytics 4 and is used solely to improve the service. We do not share this data with third parties for advertising purposes. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

How we use your data

• To provide, maintain, and improve Bruce.
• To authenticate your identity and manage your account.
• To score and classify signals from your subscribed feeds using AI, based on the project context you provide.
• To learn from your signal interactions (actions, dismissals, feedback) and improve future scoring accuracy for your projects.
• To deliver signals via your configured channels (email, Slack, webhooks).
• To process credit usage and billing for paid plans.
• To communicate with you about the service (e.g., security alerts, updates).

We do not sell your personal data to third parties. We do not use your data for advertising.

AI and your content

Bruce uses AI to score and classify signals from public feed sources against your project context. When scoring occurs, your project configuration (product description, ICP, competitors) and the feed item content are sent to third-party AI providers to generate scores and recommendations. We send only the data necessary for the request. We do not use your content or project data to train AI models.

Feed sources and third-party services

Bruce ingests content from publicly available sources including RSS feeds, Reddit, Hacker News, YouTube, GitHub, and others — either directly or via intermediary services like RSSHub. This content is publicly available and is fetched in the same manner as any RSS reader or news aggregator. Each third-party source has its own terms of service and privacy policy governing the content it makes available.

Outbound webhooks

If you configure outbound webhooks, Bruce will send scored signal data to the HTTP endpoints you specify. You are responsible for the security and privacy practices of your webhook endpoints. Webhook payloads are signed with HMAC-SHA256 so you can verify their authenticity. We log delivery attempts (status codes, timestamps) for reliability purposes but do not store response bodies from your endpoints.

Data retention

We retain your data for as long as your account is active. Feed items and signals are retained according to your project settings and may be automatically pruned after a configurable period. If you delete your account, we will delete your personal data, project configurations, and associated content within 30 days, except where we are required by law to retain it.

Your rights

You have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your account and associated data.
• Export your data in a portable format.

To exercise any of these rights, contact us at [email protected].

Security

We use industry-standard security measures to protect your data, including encrypted connections (TLS), secure cookie flags (HttpOnly, Secure), HMAC-signed webhook deliveries, hashed API keys, and access controls. No system is 100% secure, but we work to protect your information.

Changes to this policy

We may update this policy from time to time. If we make significant changes, we will notify you through the service. Continued use of Bruce after changes constitutes acceptance of the updated policy.