Privacy Policy

1. Who we are

Thoughtpiece is an M&A newsletter generation service operated by Amafi (the "Company", "we", "us"), a Hong Kong company. You can contact us at thoughtpiece@amafi.online.

2. What we collect

• Account data. Your name, email address, and organization when an admin creates your account.
• Authentication. A bcrypt password hash or, if you sign in with Google, your Google profile email and name.
• Newsletter content. Configurations, topics, drafts, and delivered editions you create inside the service.
• OAuth tokens. If you connect your Gmail account, we store a long-lived refresh token used to send newsletters on your behalf.
• Usage logs. Timestamps, IP address, and action names for security auditing (sign-ins, configuration edits, sends).

3. Google user data (Gmail Send)

When you connect your Gmail account, Thoughtpiece requests a single restricted scope:

https://www.googleapis.com/auth/gmail.send

This scope permits the application to send email on your behalf. We use it for exactly one purpose: to deliver the newsletter you have explicitly approved from your Gmail account, so the message carries your identity, your domain's DKIM/SPF alignment, and a correct List-Unsubscribe header.

We do not read, list, search, download, modify, delete, or forward any other message in your mailbox. We do not access labels, drafts, attachments, or contacts. The scope is the narrowest Gmail scope available and cannot be used to access incoming mail.

Thoughtpiece's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. How we store data

• All data is stored in a SQLite database on managed Azure AKS infrastructure.
• Gmail refresh tokens are encrypted at rest with a Fernet (AES-128-CBC + HMAC-SHA256) key held outside the database.
• Transport is TLS 1.2+ end-to-end.
• Backups are encrypted and retained alongside the primary database.

5. Who we share with

We do not sell or share your data with third parties for advertising, profiling, or analytics. Data passes only through the vendors required to operate the service:

• Google — when you sign in with Google or use Gmail Send.
• Perplexity, Google Gemini — AI providers used to generate topics, research, written content, and images from prompts you supply.
• Resend — transactional email delivery for callback links (topic selection, review approval).
• Microsoft Azure — cloud hosting.

Newsletter drafts and topics are sent to AI providers to generate their output, and are not used by us to train models. Gmail tokens and their contents are never sent to AI providers.

6. Retention

• Gmail tokens are deleted immediately when you click "Disconnect Gmail" on your settings page, or when your account is deleted.
• Newsletter content is retained for the life of your account.
• Activity logs are retained for 90 days.
• On full account deletion all of the above is removed within 30 days.

7. Your rights

• Disconnect your Gmail account at any time from the Settings page, which revokes the token with Google and deletes it from our database.
• Revoke our access directly on your Google account at myaccount.google.com/permissions.
• Request an export or deletion of your account data by emailing thoughtpiece@amafi.online.

8. Changes to this policy

Material changes will be emailed to the address on your account at least 14 days before taking effect. Non-material changes (clarifications, typos) may be made without notice.