From e3818db2947ba0c7aa28e4e665763934ba14673e Mon Sep 17 00:00:00 2001 From: Richard R Date: Sun, 31 May 2026 14:28:59 -0600 Subject: [PATCH] refactor(privacy): restructure policy sections and clarify provider, analytics, and encryption details Reorganize privacy policy content to improve clarity on service provider roles, analytics consent, and encryption limitations. Update section headings and descriptions for accuracy. Enhance CookieConsentBanner and PrivacyModal to reflect optional analytics and clarify storage, operator access, and password handling. Improve CSS for policy section headings and lists for better readability. --- src/app/(public)/privacy/page.tsx | 37 ++++++++++++++++++++------ src/app/(public)/public.css | 3 +++ src/components/CookieConsentBanner.tsx | 4 +-- src/components/PrivacyModal.tsx | 15 ++++++++++- 4 files changed, 48 insertions(+), 11 deletions(-) diff --git a/src/app/(public)/privacy/page.tsx b/src/app/(public)/privacy/page.tsx index aa47b64..66f615e 100644 --- a/src/app/(public)/privacy/page.tsx +++ b/src/app/(public)/privacy/page.tsx @@ -48,6 +48,11 @@ export default async function PrivacyPage() { ) : null} + {/* Claim audit + Code-verified: consent/GPC analytics handling, analytics toggle, export/delete controls, US geo-gate, AES256 storage headers. + Deployment-dependent: processing/storage region and exact provider infrastructure locations. + Operator-statement: OpenReader does not sell personal information. + */}
diff --git a/src/components/PrivacyModal.tsx b/src/components/PrivacyModal.tsx index dbf0567..b462a32 100644 --- a/src/components/PrivacyModal.tsx +++ b/src/components/PrivacyModal.tsx @@ -29,7 +29,20 @@ function PrivacyModalBody({ origin }: { origin: string }) {

We value your privacy. This application uses strictly necessary cookies for authentication - and anonymous analytics to improve performance. Your documents are stored securely and encrypted at rest. + and optional analytics only when consent allows it. Your documents are stored encrypted at rest. +

+ +

+ OpenReader does not currently provide end-to-end encryption. +

+ +

+ The owner of this instance may be able to access stored metadata and uploaded files needed to operate the + service. +

+ +

+ Passwords are not stored as readable plaintext.