Privacy Policy

Privacy Policy

Your privacy is our top priority. Protecting your personal data is fundamental to everything we do. By using Readoku, you understand how your data is collected, processed, and used in accordance with this Privacy Policy.

Data Controller

Readoku is operated by Readoku Einzelunternehmen – Ali Cagatay Desteli, Theodor-Heuss-Str. 26, Germany. Email: contact@readoku.com. For users in the EU/EEA, we act as the Data Controller within the meaning of the GDPR.

Personal Information

We collect only the minimum personal data necessary to operate the Services. When you sign up via Auth0, we receive your name, email address, and Auth0 user ID. Passwords are never stored by us. We do not sell personal data or share it for advertising purposes. Technical information such as IP address, approximate location, device information, browser type, and login timestamps may be processed for authentication, security, fraud prevention, and service reliability.

Infrastructure and Data Storage

Readoku uses trusted cloud providers for hosting, authentication, database services, analytics, and secure file storage. Infrastructure may be located within the EU and in third countries such as the United States. PDF files uploaded for features such as the Readoku Reader may be stored securely to enable ongoing reading and organization until deleted by the user or upon account deletion. All processing is performed in accordance with GDPR and applicable data protection laws.

International Data Transfers

Where personal data is processed outside the EU/EEA, such transfers are protected by appropriate safeguards, including Standard Contractual Clauses (SCCs), the EU–US Data Privacy Framework, or equivalent GDPR-compliant mechanisms.

Legal Bases for Processing

Personal data is processed on the following legal bases under GDPR: performance of a contract (Art. 6(1)(b)), compliance with legal obligations (Art. 6(1)(c)), legitimate interests such as security and service improvement (Art. 6(1)(f)), and consent where required for optional features (Art. 6(1)(a)).

Account and Authentication Data

Authentication is provided via Auth0. We receive basic account information such as name, email address, and Auth0 user ID. Auth0 may also process technical authentication data including IP address, device type, browser information, and timestamps for security and fraud prevention purposes. This data is not used for marketing or advertising.

User Files, Highlights, and Reader Data

Readoku allows users to upload PDF files, extract highlights, create notes, and use the Readoku Reader feature. PDF files may be stored securely to allow continued access, reading, and organization. Highlights, notes, and minimal metadata associated with these files are stored until deleted by the user or upon account deletion. User content is never used for advertising, profiling, or AI training.

Payments and Subscriptions

Payments are processed securely by Stripe. Stripe acts as an independent data controller for payment-related data. Readoku does not store full payment details such as credit card numbers or banking information. Stripe Privacy Policy: https://stripe.com/privacy.

Analytics and Usage Monitoring

Readoku uses Microsoft Clarity to understand how users interact with the platform and to improve usability and performance. Clarity collects pseudonymized usage data such as page interactions, scrolling behavior, session duration, and device information. This data is used solely for analytics and service improvement. Microsoft may process this data in the United States under appropriate GDPR safeguards. More information is available at https://privacy.microsoft.com.

Artificial Intelligence (AI) Processing

Readoku offers optional AI-powered features that may use third-party services such as Google AI Gemini (aistudio.google.com). AI processing is activated only after explicit user consent. If consent is given, uploaded files or extracted content may be transmitted to the AI provider solely to deliver the requested feature. Such processing may involve data transfers outside the EU/EEA under appropriate GDPR safeguards. User content is not used by Readoku to train its own AI models.

Email Communication

Your email address is used for essential account-related communication such as login verification, security notifications, subscription updates, and support responses. Marketing or promotional emails are sent only if you have provided explicit consent.

Data Retention

User files, highlights, notes, and related data are retained until deleted by the user or upon account deletion. Inactive accounts may be deleted after a prolonged period of inactivity. When an account is deleted, all associated personal data and user content are permanently erased within a reasonable technical timeframe.

Security

We use HTTPS with HSTS, encryption at rest and in transit where supported by infrastructure providers, restricted access controls, and regular security monitoring. In the event of a personal data breach, affected users will be notified within 72 hours where required by GDPR.

Cookies

Readoku uses essential cookies required for authentication and core platform functionality. Analytics tools such as Microsoft Clarity may use cookies or similar technologies to collect usage data. Where required by law, user consent is obtained before analytics cookies are activated.

Your Rights Under GDPR

You have the right to access your personal data, request correction or deletion, restrict or object to processing, and request data portability. You may withdraw consent at any time where processing is based on consent. Requests can be submitted to contact@readoku.com.

Automated Decision-Making

Readoku does not engage in automated decision-making or profiling that produces legal or similarly significant effects.

Changes to This Policy

We may update this Privacy Policy from time to time. The most recent version is always available at https://readoku.com/privacy. Continued use of the Services after updates constitutes acceptance of the revised policy.

Contact

For privacy-related questions or requests, contact contact@readoku.com.

Deutsche Version

German Version

Datenschutzerklärung

Der Schutz Ihrer personenbezogenen Daten hat für uns höchste Priorität. Diese Datenschutzerklärung informiert darüber, wie Readoku personenbezogene Daten verarbeitet.

Verantwortlicher

Verantwortlich für die Datenverarbeitung ist Readoku Einzelunternehmen – Ali Cagatay Desteli, Theodor-Heuss-Str. 26, Deutschland. E-Mail: contact@readoku.com.

Personenbezogene Daten

Wir verarbeiten nur personenbezogene Daten, die für den Betrieb der Dienste erforderlich sind. Bei der Anmeldung über Auth0 erhalten wir Name, E-Mail-Adresse und eine Auth0-User-ID. Passwörter werden nicht von uns gespeichert. Eine Weitergabe zu Werbezwecken erfolgt nicht.

Infrastruktur und Speicherung

Readoku nutzt vertrauenswürdige Cloud-Anbieter innerhalb und außerhalb der EU. PDF-Dateien können zur Nutzung des Readoku Readers gespeichert werden, bis sie gelöscht oder das Konto beendet wird. Die Verarbeitung erfolgt DSGVO-konform.

Rechtsgrundlagen

Die Verarbeitung erfolgt auf Grundlage von Vertragserfüllung, gesetzlichen Pflichten, berechtigtem Interesse sowie – sofern erforderlich – Einwilligung gemäß DSGVO.

Analyse und Nutzungsverhalten

Zur Verbesserung der Dienste verwenden wir Microsoft Clarity. Die erfassten Daten sind pseudonymisiert und dienen ausschließlich der Analyse und Optimierung der Plattform.

Verarbeitung durch Künstliche Intelligenz (KI)

Readoku bietet optionale KI-Funktionen, die Drittanbieter-Dienste wie Google AI Gemini (aistudio.google.com) nutzen können. Die KI-Verarbeitung erfolgt nur nach ausdrücklicher Einwilligung. Bei Zustimmung können hochgeladene Dateien oder extrahierte Inhalte ausschließlich zur Bereitstellung der angeforderten Funktion an den KI-Anbieter übermittelt werden. Dabei kann es zu Datenübermittlungen außerhalb der EU/EWR unter geeigneten DSGVO-Schutzmaßnahmen kommen. Inhalte werden von Readoku nicht zum Training eigener KI-Modelle verwendet.

Ihre Rechte

Sie haben das Recht auf Auskunft, Berichtigung, Löschung, Einschränkung der Verarbeitung, Widerspruch und Datenübertragbarkeit. Anfragen richten Sie bitte an contact@readoku.com.

Kontakt

Kontakt für Datenschutzanfragen: contact@readoku.com.