Privacy Policy
Effective Date: March 1, 2026
This Privacy Policy describes how Loomworks ("we," "us," or "our") collects, uses, and protects your information when you use The Gist (the "Service"). We are committed to safeguarding your privacy and handling your data with transparency.
1. Information We Collect
We collect the following categories of information:
1.1 Account Information
When you create an account, we collect your email address. This is the only piece of personally identifiable information required to use the Service.
1.2 Feed Subscriptions
We store the RSS and Atom feed URLs you subscribe to in order to build your personalized newspaper edition.
1.3 Reading Signals
We collect data about your interactions with articles, including reads, clips (bookmarks), thumbs-up, and thumbs-down signals. These reading signals are used solely to personalize your newspaper and improve article relevance scoring.
1.4 Technical Data
We may collect standard server log data such as IP addresses, browser type, and access timestamps for security and operational purposes.
2. How We Use Your Information
Your information is used exclusively for the following purposes:
- Authentication: Your email address is used to send magic link sign-in emails and to identify your account.
- Personalization: Feed subscriptions and reading signals are used to curate your daily newspaper edition and rank articles by relevance.
- Service operation: Technical data is used to maintain the security, stability, and performance of the Service.
3. Data Sharing
We do not sell, rent, or share your personal information with third parties for marketing purposes. Your data may be disclosed only in the following circumstances:
- To comply with legal obligations or respond to lawful requests from public authorities.
- To protect the rights, property, or safety of Loomworks, our users, or the public.
- With service providers who assist in operating the Service (e.g., email delivery), subject to confidentiality obligations.
4. Cookies and Session Management
The Service uses a single HTTP-only session cookie (gist_session)
containing a JSON Web Token (JWT) for authentication. This cookie expires after
30 days. We do not use tracking cookies, advertising cookies, or third-party
analytics cookies.
5. Data Retention
We retain your account data and reading signals for as long as your account is active. If you request account deletion, we will remove your personal data within 30 days of receipt of your request.
6. Data Security
We implement appropriate technical and organizational measures to protect your data, including encrypted authentication tokens, secure session management, and access controls. However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.
7. Your Rights
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your account and associated data.
- Export your feed subscriptions.
To exercise any of these rights, contact us at privacy@loomworks.io.
8. Third-Party Services
The Service fetches content from third-party RSS and Atom feeds. When you click through to read a full article, you will be directed to the original publisher's website, which is governed by that publisher's own privacy policy. We are not responsible for the privacy practices of third-party publishers.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this page periodically.
10. Contact
For questions or concerns about this Privacy Policy or our data practices, contact us at privacy@loomworks.io.