diff --git a/src/app/(public)/privacy/page.tsx b/src/app/(public)/privacy/page.tsx
index aa47b64..66f615e 100644
--- a/src/app/(public)/privacy/page.tsx
+++ b/src/app/(public)/privacy/page.tsx
@@ -48,6 +48,11 @@ export default async function PrivacyPage() {
) : null}
+ {/* Claim audit
+ Code-verified: consent/GPC analytics handling, analytics toggle, export/delete controls, US geo-gate, AES256 storage headers.
+ Deployment-dependent: processing/storage region and exact provider infrastructure locations.
+ Operator-statement: OpenReader does not sell personal information.
+ */}
On this page
@@ -87,18 +92,22 @@ export default async function PrivacyPage() {
- 3. Sharing and service providers
+ 3. Service providers and analytics
- OpenReader does not sell personal information. Limited processing may be delegated to infrastructure
- or model providers as required to run the service.
+ OpenReader does not sell personal information. We use service providers only to run product
+ infrastructure and user-initiated features.
+
+ Optional analytics is controlled by your consent choice, and Global Privacy Control (GPC) opt-out
+ signals are honored.
+
{isRichardrDevProductionInstance ? (
<>
Hosting: Vercel for application hosting, edge runtime, and performance analytics.
Database: Neon PostgreSQL for account and document metadata storage.
File storage: Railway S3-compatible object storage for encrypted uploaded documents and audio artifacts.
- TTS processing: DeepInfra or configured OpenAI-compatible providers, only when initiated by user actions.
+ TTS processing: User-initiated TTS is handled by shared providers: Kitten TTS FastAPI (self-hosted on a local Pi cluster) and Replicate.
>
) : (
<>
@@ -132,8 +141,20 @@ export default async function PrivacyPage() {
5. Retention and security
- Account data and uploaded files are retained while your account remains active. Documents are stored
- encrypted at rest. When account deletion completes, active database and storage records are removed.
+ Account data and uploaded files are retained while your account remains active. Data is encrypted at
+ rest in storage. OpenReader does not currently provide end-to-end encryption.
+
+
+ The owner of this instance may be able to access stored metadata and uploaded files needed to operate
+ the service.
+
+
+ Passwords are not stored as readable plaintext; the authentication system stores credential values as
+ non-plaintext verification data.
+
+
+ Account deletion triggers removal of active account records and associated storage artifacts as part
+ of the deletion flow.
@@ -141,8 +162,8 @@ export default async function PrivacyPage() {
6. Processing location
{isRichardrDevProductionInstance ? (
- For the official instance, processing and storage occur in the United States. By using this service,
- you acknowledge that data is handled in the US and that availability may be limited to US users.
+ For the official instance, access is restricted to users in the United States. Processing location
+ depends on the configured infrastructure and providers used by this deployment.
) : (
diff --git a/src/app/(public)/public.css b/src/app/(public)/public.css
index 7681f31..9736a5f 100644
--- a/src/app/(public)/public.css
+++ b/src/app/(public)/public.css
@@ -567,6 +567,7 @@
.policy-section h2 {
margin: 0;
font-size: 1.05rem;
+ font-weight: 700;
letter-spacing: -0.01em;
}
@@ -580,6 +581,8 @@
.policy-list {
margin: 0.72rem 0 0;
padding-left: 1rem;
+ list-style: disc;
+ list-style-position: outside;
display: grid;
gap: 0.38rem;
}
diff --git a/src/components/CookieConsentBanner.tsx b/src/components/CookieConsentBanner.tsx
index 1b3f57c..b62a0fd 100644
--- a/src/components/CookieConsentBanner.tsx
+++ b/src/components/CookieConsentBanner.tsx
@@ -49,8 +49,8 @@ export function CookieConsentBanner() {
🍪 We use cookies
- We use strictly necessary cookies for authentication and optional cookies for anonymous analytics
- to improve the app. See our Privacy Policy for details.
+ We use strictly necessary cookies for authentication. Optional analytics is enabled only when you consent.
+ See our Privacy Policy for details.
diff --git a/src/components/PrivacyModal.tsx b/src/components/PrivacyModal.tsx
index dbf0567..b462a32 100644
--- a/src/components/PrivacyModal.tsx
+++ b/src/components/PrivacyModal.tsx
@@ -29,7 +29,20 @@ function PrivacyModalBody({ origin }: { origin: string }) {
We value your privacy. This application uses strictly necessary cookies for authentication
- and anonymous analytics to improve performance. Your documents are stored securely and encrypted at rest.
+ and optional analytics only when consent allows it. Your documents are stored encrypted at rest.
+
+
+
+ OpenReader does not currently provide end-to-end encryption.
+
+
+
+ The owner of this instance may be able to access stored metadata and uploaded files needed to operate the
+ service.
+
+
+
+ Passwords are not stored as readable plaintext.