Privacy Policy
Last updated: June 2, 2026 · Effective: June 2, 2026
aimode.news (“we,” “us,” or “our”), operated by aimode.news LLC, respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at https://aimode.news(the “Service”), including our technology intelligence platform, MCP server API, and subscription services.
This policy applies to all visitors, subscribers, and users of our Service, regardless of subscription tier (Free, Pro at $9/month, or Enterprise at $49/month). It is written to comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Children’s Online Privacy Protection Act (COPPA), and other applicable data protection laws.
1. Data Controller
The data controller responsible for your personal data is:
- aimode.news LLC
- Email: privacy@aimode.news
- Address: 1209 Orange Street, Wilmington, Delaware 19801, USA
For EU data subjects, our representative pursuant to GDPR Art. 27 can be reached at eu-representative@aimode.news.
2. Information We Collect
2.1 Information You Provide Directly
- Account & Subscription Data: When you subscribe to a paid tier (Pro or Enterprise), we collect your name, email address, and billing information (processed by Stripe; we store only the last four digits of your card).
- MCP Server API Credentials: If you use our MCP server for AI agent integration, we collect and store your API key, query logs, and usage metadata.
- Newsletter Sign-ups: If you subscribe to our newsletter via Buttondown, we share your email address with Buttondown LLC under a Data Processing Agreement.
- Voluntary Communications: If you contact us, we collect the content of your communication and your contact details.
2.2 Information Collected Automatically
- Usage Data & Analytics: We use Google Analytics (GA4) with IP anonymization to collect information about how you interact with our Service, including pages visited, time spent, referral source, browser type, device type, and general geographic region.
- Cookies and Tracking Technologies: See our Cookie Policy for full details.
- Server Logs: Our servers automatically log standard technical information including IP address (anonymized after 7 days), request timestamp, HTTP method, requested URL, response status code, referrer URL, and user-agent string.
- MCP Query Logs: Queries submitted to our MCP server are logged for debugging, abuse prevention, and service improvement. Logs are retained for 90 days and then automatically deleted.
- AI Crawler Visits: We log visits from AI crawlers (ChatGPT-User, ClaudeBot, PerplexityBot, GPTBot, etc.) including user-agent, path visited, and timestamp. IPs are hashed for GDPR compliance.
2.3 Information from Third Parties
- Payment Processor (Stripe): Stripe shares transaction confirmation and limited billing details with us. Stripe processes your full payment card data; we never access or store full card numbers.
- News Sources: We aggregate and publish content from a global network of news sources. We do not collect personal data from these sources unless it is embedded in publicly available news articles.
3. Legal Basis for Processing (GDPR Art. 6)
| Data Category | Legal Basis | Purpose |
|---|---|---|
| Account & subscription data | Contract performance (Art. 6(1)(b)) | Provide and manage your subscription |
| Analytics cookies | Consent (Art. 6(1)(a)) | Understand usage patterns and improve Service |
| Server logs | Legitimate interest (Art. 6(1)(f)) | Security, debugging, and abuse prevention |
| MCP query logs | Legitimate interest (Art. 6(1)(f)) | Service quality and abuse prevention |
| Newsletter email | Consent (Art. 6(1)(a)) | Send newsletter communications |
| Communication data | Legitimate interest (Art. 6(1)(f)) | Respond to your inquiries |
4. Your Rights Under GDPR (Arts. 13–22)
If you are a data subject in the EEA, UK, or Switzerland, you have the following rights:
- Right of Access (Art. 15): Request confirmation of whether we process your personal data and access to a copy. See our GDPR Rights Page.
- Right to Rectification (Art. 16): Request correction of inaccurate personal data.
- Right to Erasure (Art. 17): Request deletion of your personal data when it is no longer necessary, when you withdraw consent, or when processing is unlawful.
- Right to Data Portability (Art. 20): Receive your personal data in a structured, machine-readable format (JSON or CSV).
- Right to Object (Art. 21): Object to processing based on legitimate interest or for direct marketing.
- Right Regarding Automated Decision-Making (Art. 22): Not be subject to decisions based solely on automated processing. We do not currently engage in such automated decision-making.
- Right to Withdraw Consent (Art. 7(3)): Withdraw consent at any time without affecting prior processing lawfulness.
Email privacy@aimode.news or visit our GDPR Rights Page. We respond within 30 days (60 days for complex requests). You may lodge a complaint with the Irish Data Protection Commission.
5. Your Rights Under CCPA (§1798.100 et seq.)
If you are a California resident, see our CCPA Rights Page for full details:
- Right to Know (§1798.100): Request disclosure of categories and specific pieces of personal information collected in the preceding 12 months.
- Right to Delete (§1798.105): Request deletion of your personal information, subject to certain exceptions.
- Right to Opt-Out of Sale (§1798.120): We do not sell personal information.
- Right to Non-Discrimination (§1798.125): We will not discriminate against you for exercising your CCPA rights.
6. Children’s Privacy (COPPA)
Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such data, we will take immediate steps to delete it. See our Children’s Privacy Notice.
7. Data Retention
| Data Category | Retention Period | Reason |
|---|---|---|
| Account & subscription data | Duration of account + 30 days | Contract performance |
| Billing records | 7 years | Legal and tax compliance |
| Server logs (anonymized IP) | 90 days | Security and debugging |
| MCP query logs | 90 days | Service quality and abuse prevention |
| Analytics data (GA4) | 14 months | Service improvement |
| Newsletter subscriber data | Until unsubscribe + 30 days | Consent-based communication |
8. Data Sharing and Recipients
- Stripe, Inc.: Payment processing. PCI DSS Level 1 certified.
- Google LLC (Google Analytics): Website analytics with IP anonymization and data sharing disabled.
- Buttondown LLC: Newsletter delivery under a Data Processing Agreement.
- Cloud Infrastructure Provider: Hosting under a Data Processing Agreement.
- Law Enforcement: When required by law, court order, or governmental request.
We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.
9. International Data Transfers
Our primary operations are in the United States. For EEA/UK/Swiss data subjects, we ensure appropriate safeguards through:
- Standard Contractual Clauses (SCCs) pursuant to Commission Decision 2021/914;
- The EU-US Data Privacy Framework (DPF) where applicable;
- Supplementary measures including encryption in transit (TLS 1.3) and at rest (AES-256).
10. Data Security
- Encryption in transit via TLS 1.3 for all connections
- Encryption at rest via AES-256 for databases and storage
- Role-based access controls with least-privilege principles
- Regular security assessments and vulnerability scanning
- Incident response plan with 72-hour breach notification (GDPR Art. 33)
- API key hashing for MCP server credentials
11. Contact Information
- Email: privacy@aimode.news
- Mail: aimode.news LLC, 1209 Orange Street, Wilmington, Delaware 19801, USA
- EU Supervisory Authority: Irish Data Protection Commission
For GDPR-specific rights: GDPR Data Subject Rights Page. For CCPA-specific rights: CCPA Consumer Rights Page.