Privacy Policy

Read Master is operated by the Read Master team (2108 N St Ste N, Sacramento, CA 95816, USA). This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our reader, AI study tools, and related services. By using Read Master you accept the practices described here.

We collect the following categories of data:

• Account data. Email address, display name, and locale captured through Clerk when you sign up or sign in.
• Reading data. Books you upload or import, reading positions, highlights, annotations, and progress. Stored privately to your account and never shared with other users.
• AI interaction data. The text passages you select or have us analyze, the prompts we construct and send to Anthropic, and the AI-generated artifacts (guides, assessments, flashcards) we cache for your reuse.
• Usage and analytics data. Aggregated, anonymized product usage data via PostHog — only collected when you grant Analytics consent in the cookie banner.
• Payment data. Billing information processed entirely by Stripe. We never see or store your full card number.
• Error and diagnostic data. Anonymized crash reports and performance traces via Sentry, used only to improve service stability.

We use the data above strictly to operate Read Master:

• Render books and persist your reading progress and annotations across devices.
• Generate pre-reading guides, post-reading assessments, and spaced-repetition flashcards via Anthropic Claude.
• Process subscription payments via Stripe.
• Send transactional and lifecycle emails (account confirmations, billing notices, feature announcements) via SendGrid — only when you have not unsubscribed.
• Monitor service health and diagnose errors via Sentry and our infrastructure providers.
• Improve the product using aggregated, anonymized analytics — only when you have given consent.

We do not sell your personal data, use it for advertising, or share it with third parties for their own marketing purposes.

Books, documents, and other content you upload or import are private to your account. Read Master personnel do not read your uploaded content in the ordinary course of business. Authorized personnel may access your content only in the following limited circumstances:

• Customer support. When you contact us with a specific support request and the resolution requires inspecting your content.
• Security and abuse prevention. To investigate suspected security incidents, unauthorized access, or violations of our Terms of Service that we have reasonable cause to believe involve your account.
• Legal compliance. When we receive a valid legal order, subpoena, or court order requiring disclosure, or when disclosure is necessary to protect the rights, property, or safety of Read Master, our users, or the public.
• Service operation and quality. To diagnose technical failures directly affecting your account (for example, a failed import or corrupted file) when no anonymized diagnostic path is available.

Any personnel access is logged and subject to confidentiality obligations. We do not permit access beyond these purposes.

Read Master routes certain content to third-party AI providers to generate the features you request. We send the minimum amount of content necessary for each feature:

• Anthropic (Claude). When you request a pre-reading guide, post-reading assessment, flashcards, or an "Explain this" answer, we transmit the relevant passage or chapter text — along with contextual metadata — to Anthropic's API. Anthropic processes this content to generate the response we return to you. Prompts to Anthropic are wrapped as untrusted user content; we do not pass your account credentials or payment information.

We do not currently use any other external AI providers for content generation. If we add a new AI processor, we will update this policy and, where required, notify you in advance.

Model training. Based on our current understanding of Anthropic's API terms, content submitted via the API is not used to train Anthropic's models by default. However, this is subject to Anthropic's policies and our contractual arrangement, and we cannot make an absolute guarantee on their behalf. If you have specific concerns about AI training, please contact us at [email protected].

We retain different categories of data for different periods:

• Uploaded book originals (PDF, EPUB, DOCX, etc.). Stored in Cloudflare R2 and retained while your account is active. Deleted within a reasonable period after you remove the book from your library or delete your account. Orphaned files (no corresponding library entry) are purged by a periodic automated job.
• Normalised book content (BookContent). The processed, indexed text extracted from your upload. Retained with the book; removed when the book is deleted or your account is deleted.
• URL-imported content. The retrieved body of URL-imported articles is subject to a cold-storage purge after approximately 90 days of inactivity, consistent with our content-freshness policy. Metadata and your annotations are retained while the library entry exists.
• AI-generated artifacts (guides, assessments, flashcards). Retained while your account is active. Deleted when you delete the relevant book, or when you delete your account.
• Account and reading data. Retained while your account is active. After account deletion, removed from primary databases within 30 days.
• Backup snapshots. Database backups may retain a copy of your data for up to 90 days after primary deletion, after which backups containing your data are purged. Backup access is restricted and audited.
• Anonymised and aggregated analytics. Not subject to deletion timelines (no personal data).

You can request export or deletion of your data at any time from Settings → Privacy, or by emailing [email protected].

We share the minimum necessary data with the following vetted subprocessors to operate the service:

• Anthropic — AI text generation. Receives passage and chapter text when you use AI features. Processes data under Anthropic's API terms.
• Clerk — Authentication and identity management. Receives your email address and display name.
• Stripe — Payment processing. Receives billing and subscription data when you subscribe or manage a plan. We never see your full card number.
• SendGrid — Transactional and lifecycle email. Receives your email address and name for delivery of account and billing communications.
• Cloudflare R2 — File storage. Stores your uploaded book originals and processed audio files (Pro TTS feature) using server-side encryption.
• Neon — Managed Postgres database. Stores all structured account, library, reading, and AI artifact data. Data is encrypted at rest by Neon.
• Upstash — Redis cache and rate-limiting queue. Stores short-lived session and rate-limiting data; does not receive book content.
• Railway — Application hosting and deployment infrastructure.
• PostHog — Product analytics. Receives anonymized, aggregated usage events only when you have given Analytics consent.
• Sentry — Error monitoring and performance tracing. Receives anonymized crash reports and stack traces; personally identifiable content is scrubbed before transmission.
• Trigger.dev — Background job orchestration. Orchestrates long-running jobs (e.g. book import, AI generation) and may transiently hold job input payloads (book IDs, user IDs) during processing.

Each subprocessor is bound by contractual data-protection obligations and processes data only as directed by us for the purpose listed above. If we add a new subprocessor that materially affects your data, we will update this list and, where required by applicable law, notify you.

Read more in our Cookie Policy. You can change your cookie preferences at any time from the cookie banner or via the footer link.

Under the GDPR (EU/UK) and CCPA (California), and as a matter of our general policy for all users, you have the right to:

• Access. Request a copy of the personal data we hold about you.
• Portability. Export your reading data, annotations, and AI artifacts in a structured, machine-readable format from Settings → Privacy.
• Correction. Ask us to correct inaccurate personal data.
• Deletion. Delete your account and associated data from Settings → Privacy, or by contacting us. See Data retention above for applicable timelines.
• Restriction and objection. Object to or request restriction of certain processing activities where permitted by applicable law.
• Withdraw consent. Where processing is based on consent (e.g. analytics), withdraw it at any time without affecting the lawfulness of prior processing.

We act on verifiable requests within 30 days (or as required by applicable law). Submit requests from Settings → Privacy or by emailing [email protected].

Our infrastructure operates primarily in the United States and European Union. When your data is transferred across jurisdictions, we rely on appropriate safeguards — such as Standard Contractual Clauses approved by the European Commission — to maintain GDPR-equivalent protection. Specific transfer mechanisms for each subprocessor are available on request.

Read Master is not directed at children under 13 years old (16 in the European Union). We do not knowingly collect personal data from children below these ages. If you believe a child has created an account, please contact us at [email protected] and we will promptly delete the account.

We may update this Privacy Policy from time to time. Material changes will be announced via email or an in-app banner at least 30 days before they take effect. The date at the top of this page reflects the date of the most recent revision. Continued use of Read Master after a change takes effect constitutes acceptance of the updated policy.

Privacy questions and data-subject requests go to [email protected]. We read and respond to every email.

For DMCA notices, see our DMCA Policy.

For postal correspondence and formal legal notices:
2108 N St Ste N, Sacramento, CA 95816, USA