Privacy Notice

Last updated: March 17, 2026

Who we are

Brehon provides an API, documentation, website and related services for querying structured privacy regulation and AI governance data. This notice covers the Brehon API, the dashboard at dashboard.brehon.dev, and the brehon.dev website. If you have questions about this notice, contact us at privacy@brehon.dev.

What we collect

• Email address — provided when you create an API key, used for account communication.
• API key name — a label you choose to identify your key.
• API keys — stored securely and used to authenticate your requests.
• Usage statistics — request counts and timestamps, used for rate limiting and service operation.
• IP addresses — used for rate limiting only and not stored long-term.

Why we collect it

We use this data for API key management, rate limiting, and abuse prevention. We do not sell your data or use it for advertising.

Cookies and tracking

The Brehon API does not use cookies or third-party trackers. No analytics scripts run on API endpoints.

Authentication (Clerk)

The Brehon admin dashboard uses Clerk for authentication. When you sign in to the dashboard, Clerk's privacy policy applies to the authentication data they process. The API itself does not use Clerk.

Data retention

• API keys are retained until you revoke them.
• Usage statistics are retained as needed for service operation.
• IP addresses are used transiently for rate limiting and are not stored long-term.

Your rights

You can request deletion of your account and associated data at any time by emailing privacy@brehon.dev. We will respond within 30 days.

Changes

We may update this notice from time to time. Material changes will be communicated via the email address associated with your API key.

Governing law

This notice is governed by the laws of England and Wales. The courts of England and Wales shall have exclusive jurisdiction, except where mandatory local data protection or consumer protection laws require otherwise.