Privacy Policy

1. Who We Are

24Pulse is an AI-powered news intelligence platform built and operated by QNgin. We monitor global news sources, analyze articles using artificial intelligence, and deliver relevant alerts and daily briefings to your team.

This privacy policy explains what data we collect, why we collect it, and how we keep it safe. We believe in being straightforward — no legal jargon, just clear information about your data.

2. Personal Data We Collect

When your organization sets up your 24Pulse account, we collect the following personal information:

• Your name — So we know who you are and can personalize your experience.
• Your email address — To send you alerts, daily briefings, and important service updates.
• Language preference — So we can deliver alerts and briefings in your preferred language.
• Notification settings — Your choices about which alerts you receive and at what severity level.
• Interest categories — The news topics and sectors you want to follow, so we can personalize the content you receive.

3. Non-Personal Data We Collect

In addition to personal data, we collect and process information that is not tied to individual users:

• News articles — We automatically gather articles from publicly available RSS feeds and news websites. This includes article titles, content, publication dates, and source information. All of this is publicly available information.
• AI-generated analysis — Our AI produces summaries, categorizations, sentiment scores, severity ratings, and relevance assessments for each article. This analysis is generated content, not personal data.
• Organization data — Your organization's name, country, region, timezone, and topics of interest, used to tailor news monitoring.

4. How We Use Your Data

We use the data we collect for the following purposes:

• Delivering alerts — When a news article matches your organization's interests, we send you a notification with a summary of what happened and why it matters.
• Creating daily briefings — Each morning, we compile a personalized intelligence briefing based on your interests and language preference.
• Personalizing content — Your language preference, interest categories, and notification settings help us tailor what you see and receive.
• Improving the service — We use aggregated usage data (such as email delivery rates and system performance) to keep 24Pulse running smoothly and make it better over time.

5. Legal Basis for Processing

We process personal data based on the following legal grounds under the General Data Protection Regulation (GDPR):

• Contractual necessity — To provide and operate our services as agreed with your organization.
• Legitimate interests — To improve our services, ensure security, and prevent fraud.
• Consent — For marketing communications and optional features, where required.
• Legal obligations — To comply with applicable laws and regulations.

6. AI Processing

24Pulse uses artificial intelligence extensively. Here is how your data interacts with AI:

• Article analysis — News article text is sent to OpenAI's language models for categorization, sentiment analysis, severity scoring, and summarization.
• Personalization context — Your organization's name, country, and topics of interest are included in AI requests so the system can determine what is relevant to you.
• Briefing generation — When creating daily briefings, your language preference is used so the AI generates content in your preferred language.
• Alert summaries — Alert emails include AI-generated descriptions tailored to your organization's context and your language preference.

AI processing is automated and no human reviews individual AI requests. The AI providers we use do not retain your data for training purposes.

7. Email Communications

We send the following types of emails:

• Alert emails — Sent when a news article matches your organization's monitoring criteria. Frequency depends on news activity and your severity threshold.
• Daily briefing emails — Sent once per day with a comprehensive overview of the previous 24 hours of relevant news.

You are always in control of what you receive. You can manage your email preferences at any time:

• Turn alerts on or off
• Set your minimum alert severity (Info, Warning, Urgent, or Critical)
• Turn daily briefings on or off
• Change your preferred language

To update your preferences, contact your organization's administrator. If you want to stop all emails from 24Pulse, you can opt out by contacting us at post@24pulse.io.

8. Third-Party Services

We work with trusted technology providers to deliver our service:

• OpenAI — Provides the AI language models we use to analyze articles and generate summaries, alerts, and briefings. Article content and organization context is processed by OpenAI's API.
• Qdrant (Vector Database) — Hosted in the EU, used to power intelligent article search and relevance matching through semantic similarity.
• Email delivery via SMTP — Alert and briefing emails are sent through a secure SMTP email gateway.

9. Data Storage & Security

We implement appropriate technical and organizational measures to ensure a high level of security:

• Server location — Our servers are located in Germany, within the European Union.
• Encryption — All connections to 24Pulse are encrypted using HTTPS/TLS. Sensitive data is encrypted at rest.
• Password hashing — Passwords are securely hashed and never stored in plain text.
• Access controls — Access to the platform and data is controlled through role-based permissions, ensuring people only see what they need to.
• Monitoring — We implement continuous monitoring and logging of systems and user activities to detect anomalies, prevent unauthorized access, and support incident investigations.
• Database backups — Regular backups are maintained for disaster recovery.
• Two-factor authentication — Optional 2FA is available for additional account security.

10. Cybersecurity Governance

We implement and maintain a comprehensive cybersecurity framework aligned with applicable EU requirements, including the NIS2 Directive. This includes:

• Continuous risk assessments of systems, infrastructure, and data processing activities
• Implementation of technical and organizational security measures, including encryption, access control, and monitoring
• Regular testing, auditing, and improvement of our security controls
• Defined roles and responsibilities for security governance at management level

11. Security Incident Response

In the event of a significant security incident, we will:

• Notify relevant supervisory authorities within 72 hours of becoming aware of a personal data breach, as required by GDPR
• Notify affected users without undue delay if the breach is likely to result in a high risk to their rights and freedoms
• Document the incident, its effects, and the remedial actions taken
• Take immediate steps to contain and mitigate the impact of the incident

12. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes described in this policy:

• Account data — Retained for the duration of the customer relationship. You may request deletion of your account and personal data at any time. Upon request, your member profile and associated personal information will be deleted within 30 days.
• News articles and AI analysis — Retained for the ongoing operation of the service, as they form the intelligence database that powers search, alerts, and briefings. These do not contain personal data.
• Internal operational data — System logs, email delivery records, and service performance data are retained for operational, security, and auditing purposes. This data is used internally and is not shared externally.
• Legal data — Retained as required by applicable law.

When personal data is no longer needed, it is securely deleted or anonymized.

13. Your Rights Under GDPR

As our servers are in the EU, you benefit from the protections of the General Data Protection Regulation (GDPR). You have the right to:

• Access — Request a copy of the personal data we hold about you.
• Rectification — Ask us to correct any inaccurate or incomplete personal data.
• Erasure — Request that we delete your personal data (the "right to be forgotten").
• Restriction — Ask us to temporarily stop processing your personal data.
• Portability — Request your personal data in a structured, commonly used format so you can transfer it elsewhere.
• Object — Object to the processing of your personal data for specific purposes.

To exercise any of these rights, contact us at post@24pulse.io. We will respond to your request within 30 days.

14. EU Data Act

In accordance with evolving EU data regulations, including the EU Data Act, users may request access to data generated through their use of the service, subject to applicable legal and contractual limitations.

This includes data generated by the platform during the course of providing services to your organization, such as alert history, briefing records, and usage analytics. To request access to your generated data, contact us at post@24pulse.io.

15. Cookies

24Pulse uses minimal cookies:

• Session cookies — Used to keep you logged in while you use the platform. These are essential for the service to work and expire when you close your browser or your session ends.

We do not use tracking cookies, advertising cookies, or any third-party analytics cookies. No cookie consent banner is needed because we only use cookies that are strictly necessary for the service to function.

16. Children

24Pulse is a professional news intelligence service designed for organizations and their teams. The service is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children under 16. If we discover that we have inadvertently collected data from a child under 16, we will delete it promptly.

17. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will notify active users via email and update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Continued use of 24Pulse after changes are published constitutes acceptance of the updated policy.

18. Contact Us

If you have questions about this privacy policy, your personal data, or want to exercise any of your rights, get in touch: