Privacy Policy
Last updated: 25 April 2026
This policy explains how Slow News ("we", "us", "our") collects, uses, and protects your personal data in accordance with UK GDPR and the Data Protection Act 2018. If you access the service from outside the UK, your use is still governed by this policy under UK data protection law.
1. Who we are
Slow News is operated as a sole trader in England and Wales. For data protection queries, contact us at hello@slownews.email.
2. Data we collect
- Account data: email address and hashed password when you sign up.
- Profile data: your stated interests, digest preferences, location, region, and timezone preferences to personalise your digest.
- Payment data: billing is handled entirely by Stripe. We store only your Stripe customer ID and subscription status. We never see or store your card details.
- Usage data: server logs may record your IP address and request timestamps for security and debugging purposes.
3. How we use your data
- To deliver your digest emails (contractual necessity).
- To personalise content based on your stated interests (contractual necessity / legitimate interest).
- To process payments and manage your subscription (contractual necessity).
- To send transactional emails such as email verification and password resets (legitimate interest).
- To maintain the security and reliability of the service (legitimate interest).
We do not sell your data to third parties or use it for advertising.
4. Third-party processors
- Stripe: payment processing. Stripe Privacy Policy.
- Resend: transactional email delivery. Resend Privacy Policy.
- Render: cloud hosting (servers located in the EU/US). Render Privacy Policy.
- Anthropic: AI pipeline used to generate digest content. Inputs are news articles, not your personal data.
5. Data retention
We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes (e.g. payment records for 6 years under UK tax law).
6. Account deletion
To delete your account and all associated personal data, email hello@slownews.email from the email address registered on your account. We will process your request and confirm deletion within 30 days. If you have an active paid subscription, it will be cancelled as part of the deletion.
7. Your rights
Under UK GDPR you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Request erasure of your data ("right to be forgotten").
- Object to or restrict processing in certain circumstances.
- Data portability (receive your data in a machine-readable format).
To exercise any of these rights, email hello@slownews.email. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).
8. Cookies
We use a single session cookie to keep you logged in. We do not use tracking or advertising cookies.
9. Security
Passwords are stored as bcrypt hashes. All data in transit is encrypted via HTTPS. We take reasonable technical measures to protect your data but cannot guarantee absolute security.
10. Changes to this policy
We may update this policy from time to time. We will notify you by email of material changes. Continued use of the service after notification constitutes acceptance.