Privacy Policy
Last updated: February 5, 2026
Readio (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our book tracking application and related services (collectively, the “Service”).
Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.
Table of Contents
1. Data We Collect
1.1 Information You Provide
- Account Information: Name, email address, and password when you create an account
- Profile Information: Profile picture, favorite genres, and display preferences
- Library Data: Books you add, reading progress, ratings, reviews, and notes
- Reading Sessions: Start and end times, pages read, and session duration
- AI Interactions: Messages sent to our AI assistant and generated responses
- Payment Information: Billing address and payment method details (processed by Stripe)
1.2 Information Collected Automatically
- Device Information: Browser type, operating system, device type
- Usage Data: Features used, pages visited, time spent on pages
- Log Data: IP address, access times, referring URLs
- Cookies: Session cookies for authentication (see our Cookie Policy)
1.3 Information from Third Parties
- Book Metadata: Title, author, cover images, and descriptions from Google Books, Open Library, and WorldCat
- Payment Status: Subscription status and billing events from Stripe
2. How We Use Your Data
We use the information we collect for the following purposes:
| Purpose | Data Used |
|---|---|
| Provide and maintain the Service | Account info, library data, reading sessions |
| Process subscriptions and payments | Payment info, email, account info |
| Provide AI-powered features (chat, summaries, recommendations) | Library data, AI interactions, reading history |
| Personalize your experience | Preferences, reading history, genres |
| Send transactional emails | Email address, name |
| Improve and analyze our Service | Usage data, log data |
| Prevent fraud and ensure security | IP address, device info, usage patterns |
| Comply with legal obligations | All data as required by law |
3. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we process your personal data based on the following legal grounds:
Contract Performance
Processing necessary to provide you with the Service, including account management, book tracking features, and subscription services.
Consent
When you explicitly consent to specific processing activities, such as receiving marketing communications or enabling optional AI features.
Legitimate Interests
Processing for purposes such as improving our Service, preventing fraud, ensuring security, and understanding how users interact with our platform. We balance these interests against your rights and freedoms.
Legal Obligation
Processing required to comply with applicable laws, regulations, or legal proceedings.
4. Data Retention
We retain your data for as long as necessary to fulfill the purposes outlined in this Privacy Policy:
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion |
| Library and reading data | Until account deletion |
| AI chat history | 90 days (automatically deleted) or until account deletion |
| Payment records | 7 years (legal/tax requirements) |
| Server logs | 30 days |
| Search cache | 24 hours |
After account deletion, we may retain certain data in anonymized form for analytics purposes or as required by law.
5. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
Right of Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data (“right to be forgotten”).
Right to Data Portability
Receive your data in a structured, machine-readable format.
Right to Restrict Processing
Request limitation of processing in certain circumstances.
Right to Object
Object to processing based on legitimate interests.
Right to Withdraw Consent
Withdraw consent at any time where processing is based on consent.
Right to Lodge a Complaint
File a complaint with your local data protection authority.
To exercise these rights, please visit your Privacy Settings or contact us at privacy@readio.app.
6. Third-Party Services
We use trusted third-party services to operate our platform. These providers process data on our behalf under strict contractual obligations:
Stripe
Purpose: Payment processing and subscription management
Data shared: Email, name, payment method details, billing address
Privacy policy: stripe.com/privacy
OpenRouter (AI Services)
Purpose: AI-powered chat, book summaries, and personalized recommendations
Data shared: AI chat messages, book titles, reading history (for recommendations)
Privacy policy: openrouter.ai/privacy
Cloudflare
Purpose: Content delivery, DDoS protection, search caching, and image storage
Data shared: IP addresses, usage patterns, uploaded images (book covers, avatars)
Privacy policy: cloudflare.com/privacypolicy
Book Data APIs
Services: Google Books API, Open Library API, WorldCat API
Purpose: Book metadata and cover images
Data shared: Search queries (not linked to your identity)
7. California Privacy Rights (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):
Categories of Personal Information Collected
- Identifiers: Name, email address, IP address, account ID
- Commercial information: Subscription history, payment records
- Internet activity: Browsing history within the Service, search history
- Inferences: Reading preferences, genre interests derived from usage
Your CCPA Rights
- Right to Know: Request disclosure of the categories and specific pieces of personal information collected
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt out of the “sale” of personal information
- Right to Non-Discrimination: You will not be discriminated against for exercising your rights
Do Not Sell My Personal Information
Readio does not sell your personal information to third parties. We do not exchange your data for monetary consideration. Data sharing with our service providers (as described above) is for operational purposes only and is not considered a “sale” under the CCPA.
To submit a CCPA request, email us at privacy@readio.app or use our Privacy Settings. We will verify your identity before processing your request.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption in transit: All data transmitted via HTTPS/TLS
- Encryption at rest: Sensitive data encrypted in our database
- Password security: Passwords are hashed using industry-standard algorithms
- Access controls: Limited access to personal data on a need-to-know basis
- Regular audits: Security practices reviewed and updated regularly
- DDoS protection: Cloudflare provides protection against attacks
While we strive to protect your data, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
9. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence, including the United States. These countries may have different data protection laws.
When we transfer data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Transfers to countries with adequacy decisions
- Data processing agreements with our service providers
10. Children's Privacy
Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@readio.app. We will take steps to delete such information.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the new Privacy Policy on this page
- Updating the “Last updated” date at the top
- Sending an email notification for significant changes (if you have an account)
We encourage you to review this Privacy Policy periodically for any changes.
12. Contact Us
If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:
Email: privacy@readio.app
Subject line: Privacy Inquiry - [Your Request Type]
We aim to respond to all legitimate requests within 30 days. In some cases, we may need additional information to verify your identity before processing your request.