Privacy Policy

Last updated: May 9, 2026

Keep Reader (“we”, “us”, the “service”) is a personal reading library that lets you collect RSS feeds, newsletters, web clippings, PDFs, books, and notes in one place, with optional AI-generated summaries. This policy describes what data we collect, why, and how to delete it.

What we collect

• Account information. Username, email address, and (if you sign in with Google) your Google account’s basic profile fields. We use this only to authenticate you and let you reset your password.
• Content you add. The RSS feeds you subscribe to, newsletter emails forwarded to your unique inbox address, web pages you clip or share, PDFs and books you upload, and notes you write. This content is private to your account.
• Reading state. Which items you have read, saved for later, archived, or promoted to your knowledge library; tags and collections you create; highlights and annotations you make.
• AI configuration. If you provide your own OpenAI or Anthropic API key, we store it encrypted at rest and use it only to generate summaries and embeddings on your behalf.
• Operational data. Standard server logs (IP address, user agent, request timestamps), session cookies, and a small UI-preference cookie (organize_mode). We do not run third-party advertising or analytics trackers.

How we use it

• To provide the service: store your library, fetch the feeds you subscribe to, render the pages you request.
• To generate AI summaries and semantic search embeddings, when you trigger those features. Text is sent to the AI provider you select (OpenAI or Anthropic) using either your API key or, as a fallback, ours. AI providers process the text under their own terms; we do not train models on your data.
• To send service email (account verification, password reset, important notices). We do not send marketing email.

Sharing

We do not sell your data. We share data only with the infrastructure providers needed to run the service:

• Heroku (application hosting and PostgreSQL database).
• Cloudflare R2 (file storage for PDFs and books).
• OpenAI and/or Anthropic (only when you trigger an AI summary or embedding).
• Google (only if you sign in with Google).
• Amazon SES (AWS), our inbound email provider, which receives newsletters at your unique forwarding address and hands them to the service.
• Stripe (payment processing for Pro subscriptions; if you never upgrade, no data is shared with Stripe).
• Sentry (server-side error reports for diagnostics; we send stack traces and request paths, not request bodies).

Retention and deletion

Your content is kept until you delete it or close your account. Items in your “Read” bucket from RSS feeds may be automatically purged once they fall outside the rolling history window you configure in settings; everything else is retained until you remove it.

To delete your account and all associated data, sign in and visit your account settings, or email us at the address below and we will remove your account within 30 days. Deletion is permanent.

Security

All traffic to and from Keep Reader is encrypted in transit via HTTPS. Passwords are stored hashed; AI API keys are encrypted at rest. No system is perfectly secure, but we follow standard practices and apply security updates promptly.

Children

Keep Reader is not directed at children under 13 and we do not knowingly collect data from them.

Changes to this policy

If we make material changes, we will update the date above and, where appropriate, notify you by email. Continued use of the service after a change means you accept the updated policy.

Contact

Questions, deletion requests, or privacy concerns: support@keepreader.com.