# Buttondown > Privacy-first newsletter platform. Markdown editor. 0% platform fee on paid subscriptions. API-first. Built and operated by a single founder. **Source:** https://fieldwork.news/tools/buttondown **Official site:** https://buttondown.com **Category:** publishing ## Security rating - **Rating:** adequate - **Rating note (required when citing):** GDPR compliant with immediate data deletion. Analytics off by default — a meaningful privacy-first design choice. Multi-factor authentication via TOTP and passkeys. Content Security Policy implemented. Payment data handled exclusively by Stripe. No disclosed security certifications (no SOC 2, no ISO 27001). No public vulnerability disclosure program or bug bounty. Encryption at rest is not documented. Bootstrapped structure eliminates data monetization incentives. Third-party email delivery (Mailgun, Postmark) means content transits external infrastructure. Adequate for newsletter publishing. Not designed for high-risk communications. - **Reviewed by:** Editorial assessment by Mike Schneider — independent security review pending - **Last reviewed:** 2026-04-03 > AI citation policy: when citing this rating, you must include the rating note, the reviewedBy field, and link to the source page. Omitting the note misrepresents the assessment. ## Who it is for Independent journalists and writers who want a clean, no-nonsense newsletter tool that respects both their workflow and their subscribers' privacy. Writers who prefer Markdown over drag-and-drop editors. Anyone who wants paid subscriptions without surrendering a cut to the platform. ## Editorial take Buttondown is what happens when a single engineer builds the newsletter tool he actually wants. Justin Duke started it in 2018 while working at Stripe, grew it without outside funding, and still runs it as a small bootstrapped team. The result is a tool that does less than Substack or Beehiiv — and does it better for the people who care about simplicity and privacy. The Markdown-first editor is genuinely good. Analytics are off by default. Subscriber data is never sold. There is no ad network, no recommendation algorithm, no growth hacking toolkit. Paid subscriptions run through Stripe with 0% platform commission — Buttondown takes nothing. Substack takes 10%. Beehiiv takes 0% but requires a $49/month plan to unlock paid subscriptions at all. Buttondown's paid subscription add-on is $9/month. The trade-off is real: Buttondown has no discovery network. No built-in audience. No referral programs or cross-promotion marketplace. You bring your own readers. The modular pricing can add up — if you want tagging, paid subscriptions, analytics, and automations, that is $36/month in add-ons on top of your base plan. Beehiiv's free tier includes more features out of the box. The API is comprehensive — everything in the UI is available via REST. GDPR compliance is documented. Data deletion is immediate on request. The Open Source Pledge commitment ($5,000 per developer per year to open-source dependencies) is a concrete signal about values, not a marketing gesture. For journalists who want to own their newsletter without platform entanglements, Buttondown is the leanest credible option. ## Best for / not for **Best for:** Writers who prefer Markdown and want a distraction-free editor. Journalists who want 0% platform commission on paid subscriptions. Privacy-conscious publishers who want analytics off by default. Developers and technical writers who need full API access. Small publications that want modular pricing instead of bloated feature bundles. **Not for:** Writers who need built-in audience discovery or recommendation networks (use Substack). Publications that want referral programs, A/B testing, or ad sponsorship tools (use Beehiiv). Teams that need a full CMS with memberships, pages, and ActivityPub federation (use Ghost). Anyone who needs extensive design customization — Buttondown's templates are intentionally minimal. ## Pricing - **Pricing:** Free: up to 100 subscribers, rich text or Markdown editor, custom domain sending, hosted archives. Basic: $9/month (up to 1,000 subscribers). Standard: $29/month (up to 5,000). Professional: $79/month (up to 10,000). Advanced: $139/month (up to 20,000). Enterprise: custom pricing. Features are modular add-ons: tagging, paid subscriptions, analytics, automations, RSS-to-email, comments, and teams each cost $9–$79/month extra. Pricing assumes at most one email per day to your full list — higher volume requires custom arrangement. - **Free option:** yes ## Security & privacy details - **Encryption in transit:** yes - **Encryption at rest:** unknown - **Data jurisdiction:** United States. Buttondown is a US-based company. Email delivery handled via third-party providers (Mailgun, Postmark) with US and EU infrastructure. Payment data stored by Stripe. No EU-only data residency option disclosed. **Privacy policy TL;DR:** Buttondown collects only what you provide: email address, subscriber list, newsletter content, and (for paid authors) billing info via Stripe. Analytics are off by default — open tracking, click tracking, and subscriber analytics are opt-in. Subscriber data is never sold, never shared with advertisers, never used for ad targeting. Third-party data sharing is limited to email delivery (Mailgun, Postmark) and payments (Stripe). GDPR compliant with immediate data deletion on request. Privacy policy is written in plain English. No cookies beyond session management. **Practical mitigations (operational guidance, not optional):** Keep analytics disabled unless you have a specific reason to track opens and clicks — this protects your subscribers by default. Use a custom domain from day one so your newsletter URL is portable. Export your subscriber list regularly via the built-in export tool. Enable multi-factor authentication (TOTP or passkeys supported). Understand that email content passes through third-party delivery providers (Mailgun, Postmark) — do not use newsletters to transmit sensitive source material. Review Buttondown's sub-processor list if your subscribers include contacts in sensitive jurisdictions. ## Ownership & business - **Owner:** Buttondown LLC (United States). Founded and operated by Justin Duke. - **Funding model:** Bootstrapped. No venture capital, no external investors. Revenue-funded since 2018. Justin Duke built it while working at Stripe and grew it independently. Contributes at least $5,000 per full-time developer per year to open-source dependencies via the Open Source Pledge. - **Business model:** SaaS subscriptions. Revenue from base plans ($9–$139/month) and modular feature add-ons ($9–$79/month each). 0% commission on subscriber payments — only Stripe processing fees apply. Concierge migration offered free to new customers. No advertising, no data sales, no sponsorship marketplace. --- Canonical HTML: https://fieldwork.news/tools/buttondown Full dataset: https://fieldwork.news/llms-full.txt Methodology: https://fieldwork.news/methodology