How we protect your data
Security and privacy are foundational to Newsmill. Every claim on this page is backed by our published privacy policy and terms of service.
Data encryption
All data is encrypted in transit (TLS 1.2+) and at rest. API keys and credentials are managed through secure credential stores, never stored in source code.
Access & authentication
All platform access requires authentication. API access is scoped via tokens. Team accounts support role-based access controls. Sessions expire automatically after periods of inactivity.
Privacy & compliance
GDPR: right to access, correct, delete, and port your data. CCPA: California residents have additional privacy rights. Analytics powered by Plausible — cookie-free, no personal data collected, fully GDPR/CCPA/PECR compliant. No advertising or tracking cookies.
Data ownership
Content generated through Newsmill belongs to you. Source configurations, templates, and pipeline settings are your data. Account data is retained for 30 days after termination, then permanently deleted. Export your data at any time.
Responsible disclosure
If you discover a security vulnerability, report it to [email protected]. We acknowledge reports within 48 hours. We will not take legal action against researchers acting in good faith.
Questions?
Contact us at [email protected] for any security-related inquiries. For our full data handling practices, see the Privacy Policy.