Privacy Policy
Last updated June 24, 2026.
FocusReader is built by a solo developer. This policy is written by the same person who writes the code — there's no legal team translating things into jargon. If anything here is unclear, tell me and I'll fix it.
What we collect
- Your account: email address, name (optional), and a hashed password. We use bcrypt; we never see your plaintext password.
- Your library: the books, PDFs, EPUBs, and articles you upload. These are stored in a private Cloudflare R2 bucket scoped to your account.
- Your reading state: which book you're on, which page, your highlights, your typography and timer preferences. Stored in our Neon Postgres database.
- Analytics: page views, sign-ups, upgrades, and feature usage via Google Analytics 4 and Meta Pixel. We don't track what you read — only that you opened a book.
What we don't collect
- The contents of your books, articles, or highlights are not used to train any AI model — ours or anyone else's.
- We don't sell your data. Ever. There is no business model where that would help us.
- We don't have a data warehouse beyond what's needed to make the product work.
Third parties we use
- Cloudflare R2 — stores your uploaded files.
- Neon — hosts our Postgres database.
- Vercel — hosts the web app.
- Razorpay — processes Pro plan payments. We never see your card details.
- DeepSeek — cleans up parsed URL articles before showing them to you. Sent only the article text, not your account.
- Google Analytics 4 and Meta Pixel — page-level analytics. No file contents shared.
Your rights
You can delete your account at any time — this wipes your books from R2, your data from Postgres, and any cached files. You can request a copy of everything we have on you by emailing the contact address. We comply with GDPR, CCPA, and the spirit of every "give me my data" law.
Cookies
We use a session cookie (fr_session) to keep you signed in for 30 days. Google Analytics and Meta Pixel set their own cookies; you can block these with any standard tracking blocker without breaking the app.
Security
All connections are HTTPS-only with HSTS. Files in R2 are accessed via presigned URLs that expire. Database connections use TLS. Sessions are HttpOnly + Secure.
Children
FocusReader is not intended for children under 13. Please don't sign up if you're under 13.
Changes to this policy
If we change anything material, we'll update the "Last updated" date at the top and email Pro subscribers.
Contact
Questions about privacy? Get in touch.