PocketIntel Privacy Policy
Effective: March 19, 2026
WeaveHub ("we," "us," or "our") operates the PocketIntel mobile application and related services (collectively, the "Service"). This Privacy Policy describes how we collect, use, store, and share information when you use PocketIntel.
By using PocketIntel, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree with the practices described here, please do not use the Service.
1. Information We Collect
1.1 Account Information
When you create a PocketIntel account, we collect:
- Email address (provided directly or through Apple Sign-In or Google Sign-In)
- Authentication identifiers provided by Apple or Google when you use their sign-in services
- Display name (if provided)
1.2 Subscription Information
When you subscribe to PocketIntel, Apple or Google processes your payment. We receive:
- Subscription status (active, expired, trial period)
- Transaction identifiers from Apple StoreKit or Google Play Billing
- Subscription start and expiration dates
We do not receive or store your credit card number, billing address, or other payment instrument details. All payment processing is handled by Apple or Google.
1.3 Preferences and Settings
We collect the preferences and settings you configure within the app, including:
- Feed preferences (selected sources, topics, vendors, and tags)
- Notification settings (CVSS severity threshold, alert categories)
- Display preferences (theme, layout options)
1.4 Reading Behavior
To personalize your feed and improve the Service, we collect:
- Articles viewed and interaction history (saved, shared, marked as read)
- Search queries performed within the app
- Time spent on articles and sections
- Custom URLs you submit for summarization
1.5 Device Information
We collect limited device information necessary to deliver the Service:
- Push notification tokens (Apple Push Notification service or Firebase Cloud Messaging tokens) to deliver alerts
- Device type and operating system version for compatibility and troubleshooting
- App version for update management and bug resolution
- Preferred language/locale
1.6 Information We Do Not Collect
- Location data. PocketIntel does not request, collect, or use your geographic location.
- Contacts. We do not access your address book or contacts.
- Photos, camera, or microphone. We do not access your device media or sensors.
- Advertising identifiers. We do not collect IDFA, GAID, or any advertising identifiers.
- Biometric data. We do not collect fingerprint, face, or other biometric information.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Provide and maintain the Service, including delivering your personalized cybersecurity intelligence feed
- Process your subscription and manage your account
- Deliver push notifications based on your configured alert preferences and CVSS severity thresholds
- Personalize your experience by learning which topics, vendors, and vulnerability types are most relevant to you
- Generate AI-powered summaries of publicly available cybersecurity content (see Section 3)
- Improve the Service through aggregated, anonymized usage analytics
- Respond to support requests and communicate important Service updates
- Detect and prevent abuse, including unauthorized scraping or redistribution of content
- Comply with legal obligations, including responding to lawful requests from public authorities
3. How We Use Artificial Intelligence
PocketIntel uses artificial intelligence (Cloudflare Workers AI and OpenAI GPT-4o-mini, accessed via Cloudflare AI Gateway) to:
- Summarize publicly available cybersecurity articles, advisories, and vulnerability disclosures
- Extract indicators of compromise (IOCs) from public security sources
- Tag and categorize content by vendor, product, vulnerability type, and severity
- Prioritize your feed based on your preferences
Important disclosures about our AI use:
- All AI-generated summaries are clearly labeled as AI-generated within the app.
- AI summaries are derivative works based on publicly available sources. PocketIntel always links to the original source so you can verify information.
- PocketIntel never reproduces full article text. Summaries are concise, original interpretations generated by AI.
- We do not use your personal data to train AI models. Your reading behavior, preferences, and account information are not used as training data for any machine learning system. AI processing is applied only to publicly available source content, not to user data.
4. Data Storage and Security
4.1 Where Your Data Is Stored
Your data is stored on Cloudflare infrastructure located in the United States, using Cloudflare D1 (database) and Cloudflare Workers (application logic). Push notification tokens are transmitted to Apple Push Notification service (APNs) or Firebase Cloud Messaging (FCM) as needed to deliver your alerts.
4.2 How We Protect Your Data
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption in transit (TLS/HTTPS) for all data transmitted between your device and our servers
- Encryption at rest for stored data on Cloudflare infrastructure
- Authentication via secure third-party identity providers (Apple Sign-In, Google Sign-In)
- Access controls limiting employee and system access to personal data on a need-to-know basis
- Regular security reviews of our infrastructure and application code
No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
5. Third-Party Services
PocketIntel integrates with the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Cloudflare Workers AI | AI entity extraction, sector tagging, and content classification | Publicly available article content only (no user data) |
| OpenAI (via Cloudflare AI Gateway) | AI summarization of cybersecurity articles | Publicly available article content only (no user data) |
| Cloudflare D1 | Database storage | Account data, preferences, reading behavior |
| Cloudflare Workers | Application backend | All Service data in transit |
| Apple Sign-In | Authentication (iOS) | Authentication tokens and email (from Apple) |
| Google Sign-In | Authentication (Android) | Authentication tokens and email (from Google) |
| Apple StoreKit | Subscription management (iOS) | Transaction and subscription status (from Apple) |
| Google Play Billing | Subscription management (Android) | Transaction and subscription status (from Google) |
| Apple Push Notification service (APNs) | Push notifications (iOS) | Device push tokens and notification content |
| Firebase Cloud Messaging (FCM) | Push notifications (Android) | Device push tokens and notification content |
Each third-party service is governed by its own privacy policy. We encourage you to review:
6. Advertising and Data Sales
- PocketIntel does not display advertisements. We do not integrate any advertising SDKs or networks.
- We do not sell your personal information. We have never sold personal information, and we have no plans to do so.
- We do not share your personal information with data brokers or any third parties for their marketing purposes.
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service.
- Account data: Retained until you delete your account.
- Reading behavior and preferences: Retained until you delete your account. You may clear your reading history at any time through the app settings.
- Push notification tokens: Retained while your account is active and notifications are enabled. Tokens are removed when you disable notifications or delete your account.
- Subscription records: Transaction identifiers and subscription status may be retained for up to 3 years after account deletion for financial record-keeping and dispute resolution, as required by applicable law.
Account Deletion
You may delete your account at any time through the app settings or by contacting us at legal@weavehub.app. When you delete your account:
- Your personal information (email, preferences, reading history) will be permanently deleted within 30 days.
- Aggregated, anonymized data that cannot be used to identify you may be retained for analytical purposes.
- Backup copies may persist for up to 90 days before being purged from backup systems.
8. Children's Privacy
PocketIntel is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at legal@weavehub.app and we will take steps to delete that information promptly.
If we learn that we have collected personal information from a child under 13 without verification of parental consent, we will delete that information as quickly as possible.
9. Your Privacy Rights
9.1 All Users
Regardless of your location, you may:
- Access your personal data through your account settings
- Update or correct your account information and preferences at any time
- Delete your account and associated personal data
- Opt out of push notifications through your device settings or app preferences
- Clear your reading history through app settings
9.2 California Residents (CCPA/CPRA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
- Right to Know. You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business purpose for collecting it, and the categories of third parties with whom we share it.
- Right to Delete. You have the right to request deletion of your personal information, subject to certain exceptions.
- Right to Correct. You have the right to request correction of inaccurate personal information.
- Right to Opt-Out of Sale or Sharing. We do not sell or share your personal information for cross-context behavioral advertising. No opt-out is necessary, but you may still contact us to confirm.
- Right to Non-Discrimination. We will not discriminate against you for exercising your privacy rights.
Categories of personal information collected (as defined under the CCPA):
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Email address, account ID | Yes |
| Internet or network activity | Reading behavior, search queries, interaction history | Yes |
| Commercial information | Subscription status, transaction records | Yes |
| Inferences | Feed personalization preferences | Yes |
| Geolocation data | Precise or approximate location | No |
| Audio, electronic, visual, or similar information | Photos, recordings | No |
| Biometric information | Fingerprints, face scans | No |
| Sensitive personal information | Financial accounts, precise geolocation, racial/ethnic origin | No |
Categories of personal information sold: None. We do not sell personal information.
Categories of personal information shared for cross-context behavioral advertising: None.
To exercise your CCPA rights, contact us at legal@weavehub.app or use the account deletion feature in the app. We will verify your identity using the email address associated with your account. We will respond to verifiable requests within 45 days.
9.3 European Economic Area (EEA) Residents
If you are located in the EEA, you may have additional rights under the General Data Protection Regulation (GDPR), including the right of access, rectification, erasure, restriction of processing, data portability, and the right to object. To exercise these rights, please contact us at legal@weavehub.app.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top of this document
- Notify you through the app or by email if the changes are significant
- Provide at least 30 days' notice before material changes take effect, where required by law
Your continued use of PocketIntel after changes take effect constitutes your acceptance of the updated Privacy Policy.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
WeaveHub
Email: legal@weavehub.app
For data protection inquiries, please include "Privacy" in your subject line.