Privacy & Cookie Policy

Last updated: March 2026

1. Who we are

FeedLynx is an RSS feed aggregator with AI-powered briefings. For questions about your data, contact us at loading....

2. Data we collect

  • Account information — email address, display name, and hashed password.
  • RSS feed configuration — feed URLs you add, categories, and reader credentials (stored encrypted).
  • Articles & briefings — fetched article metadata and AI-generated briefings.
  • Preferences — language, timezone, notification settings, theme, LLM provider keys (stored encrypted).
  • Notification details — Telegram Chat ID (if configured).

3. How we use your data

  • To fetch articles from your configured RSS feeds.
  • To generate AI briefings using the LLM provider you selected.
  • To send notifications (email, Telegram) when configured.
  • To authenticate your account and maintain your session.

We do not sell, share, or transfer your data to third parties for marketing purposes.

4. Third-party services

Depending on your configuration, data may be sent to:

  • LLM providers (Anthropic, OpenAI, Google, or your local instance) — article content for briefing generation.
  • Telegram API — your Chat ID and briefing content for notifications.
  • Email provider (SMTP/Resend) — your email and briefing content for delivery.
  • Google Fonts — the Inter font is loaded from Google servers.

5. Data retention

  • Articles are automatically deleted after 30 days.
  • Briefings are kept for 90 days (max 10 per user).
  • System logs are purged after 30 days.
  • You can delete your account at any time — all associated data will be permanently removed.

6. Cookies

FeedLynx uses only essential cookies:

Cookie Purpose Duration
session Keeps you logged in and stores flash messages Browser session

No analytics, advertising, or tracking cookies are used. No consent is required for strictly necessary cookies under GDPR/ePrivacy regulations.

7. Your rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access — request a copy of your data.
  • Rectification — correct inaccurate data via Settings.
  • Erasure — delete your account and all data.
  • Data portability — export your data.
  • Object — stop processing by deleting your account.

8. Security

Passwords are hashed with bcrypt. Sensitive credentials (API keys, reader passwords) are stored securely. All connections use HTTPS in production. The database is not accessible from the public internet.

9. Changes

We may update this policy occasionally. Continued use of the service after changes constitutes acceptance.