Privacy Policy

1. Information We Collect

Account Information

When you create an account, we generate a unique Account ID and Inbox ID. You may optionally provide:

  • Display name — used to personalize your paper
  • Email address — used for paper delivery and account recovery

We do not collect passwords (authentication is via Account ID).

Content Source Configuration

We store the URLs and settings for your configured content sources (RSS feeds, calendar URLs, email addresses, URL patterns). This data is used solely to generate your daily paper.

Generated Content

We store your generated papers in secure cloud storage (Digital Ocean Spaces) for download. Papers are associated with your account and are not accessible to other users.

Usage Data

We collect minimal operational metrics (request counts, error rates, processing times) for service reliability. These metrics are aggregated and not linked to individual users.

2. How We Use Your Information

Your information is used exclusively to:

  • Generate and deliver your daily papers
  • Provide account recovery if you have set an email address
  • Send service notifications (delivery confirmations, errors)
  • Maintain and improve service reliability

We do not sell, rent, or share your personal information with third parties. We do not use your data for advertising or profiling.

3. Data Storage and Security

Your data is stored in PostgreSQL databases and Digital Ocean Spaces (for paper files). All data is encrypted in transit (TLS). Session cookies are encrypted with AES-256.

OAuth tokens for third-party integrations (e.g., Nextcloud WebDAV delivery) are encrypted at rest using AES-256-GCM before storage.

4. Third-Party Services

The Service fetches content from URLs you configure. When fetching content, your configured source URLs are accessed from our servers — your IP address is not exposed to content providers.

If you connect third-party integrations (e.g., Nextcloud for paper delivery), we store encrypted OAuth tokens to access those services on your behalf. You may revoke these connections at any time.

5. Your Rights

You have the right to:

  • Access — view all data associated with your account
  • Export — download a complete archive of your data (sources, preferences, delivery history, and papers)
  • Delete — request permanent deletion of your account and all associated data
  • Correct — update your display name, email, and source configuration at any time

6. Data Retention

Active account data is retained as long as your account exists. Generated papers are retained for download access.

When you delete your account, there is a 30-day grace period during which deletion can be cancelled. After the grace period, all data is permanently removed including:

  • Account information and preferences
  • All content source configurations
  • Queue entries and processing history
  • Delivery records and integration connections
  • Generated paper files from cloud storage

7. Cookies

We use a single encrypted session cookie (tern_session) for authentication. We do not use tracking cookies, analytics cookies, or third-party cookies.

8. Changes to This Policy

We may update this Privacy Policy when our practices change. Updates will be reflected in the version number and effective date. You will be notified of changes when you next log in.

9. Contact

For privacy-related questions or to exercise your data rights, please reach out via our support page.