readaily
Download

Legal

Privacy Policy

Last updated: May 2026 · Karteado Tecnologia LTDA (DUNS: 650506382)

Karteado Tecnologia LTDA ("Karteado", "we") is committed to protecting your privacy. This policy explains what data we collect, how we use it, when we share it, how we protect it, and your rights and choices. By using Readaily, you agree to this policy.

Scope: This policy applies to the Readaily mobile apps (iOS and Android) and any related websites, APIs, or services that reference it. Additional notices for specific features take precedence in case of conflict.

1. Information We Collect

We only collect information that is necessary to provide, protect, and improve the Service.

A. Information You Provide

  • Account data: email address, hashed password, and optional profile fields (display name, avatar, language, timezone).
  • Reading data: books you add, notes or tags, start and completion dates, reading progress, goals, session records, statistics, and stored content.
  • Support and communications: messages you send via support, feedback forms, or survey responses.

B. Information Collected Automatically

  • Usage and diagnostics: app screens and features accessed, timestamps, performance metrics, crash logs, and basic device data (OS version, device model, app version, language, approximate location inferred from IP for country or region). Signals are designed without direct identifiers where possible and are aggregated or anonymized.
  • Notification settings: push reminder status, frequency, and related preferences.
  • Book club and sync data: if you use Book Clubs or cross-device sync, we store and sync your club memberships, reading progress shared within clubs, and activity history via Supabase (our database provider).

C. Information from Third Parties

  • Authentication (Clerk): We use Clerk to manage user authentication. Clerk processes your email address and credentials to create and verify your account. If you sign in via Apple or Google, Clerk facilitates that social login on our behalf. We receive only the authorization token and email necessary to identify your account.
  • App store platforms: Apple App Store and Google Play share subscription status, transaction receipts, and premium access rights. We never receive your complete payment details.

Children

The Service is not directed at children under 13. We do not knowingly collect data from anyone under 13. If we discover such data, we will delete it promptly.

2. Why We Use Your Information

  • Providing core features — library storage, progress tracking, streak calculations, statistics, and device sync for signed-in accounts. Legal basis (GDPR/LGPD): contract performance; legitimate interests.
  • Operating and improving the app — usage analytics, performance monitoring, debugging, and feature development. Legal basis: legitimate interests.
  • Account and subscription management — authentication via Clerk, entitlement verification via RevenueCat, and access issue resolution. Legal basis: contract performance; legitimate interests.
  • Communications — transactional notices, service announcements, security alerts; optional product emails with explicit opt-in. Legal basis: contract performance; legitimate interests; consent where required.
  • Security, protection, and compliance — fraud prevention, legal dispute defense, and Terms compliance. Legal basis: legitimate interests; legal obligation.

We do not perform automated decision-making that produces legal or similarly significant effects without human involvement.

3. How We Share Information

We do not sell personal information. Sharing occurs only in the following cases:

  • Service providers (processors): Supabase (database and real-time sync), Clerk (authentication), RevenueCat (subscription management), Firebase (analytics, crash reporting, remote config), and Sentry (error tracking). All are contractually obligated to follow our instructions and protect your data.
  • Platform operators: Apple App Store and Google Play receive purchase and renewal data you initiate. Their treatment of that data follows their own terms and policies.
  • Business transfers: data may transfer in a merger, acquisition, or asset sale, subject to this policy or equivalent protections.
  • Legal requirements and safety: to comply with law, court orders, or to protect the rights, property, or safety of users, Karteado, or third parties.
  • Aggregated or anonymized data: statistics that cannot reasonably identify you may be published (for example, average monthly reading streak across users).

4. Data Retention

We retain personal information only for as long as necessary for the stated purposes and to meet legal obligations.

  • Account data: retained while your account is active; deleted upon a verified deletion request, except where legal obligations exist (e.g., fiscal records maintained by app stores).
  • Reading data: retained while you use the app; you may delete it at any time from within the app.
  • Diagnostics and logs: retained only for the period necessary for analysis and troubleshooting, then aggregated or deleted.

5. Security

We adopt administrative, technical, and organizational measures to protect your personal data, including encryption at rest and in transit, least-privilege access controls, and vulnerability management. No method is 100% secure; we continuously improve our protections.

6. Your Rights and Choices

Depending on your jurisdiction (GDPR in EEA/UK, LGPD in Brazil, CCPA/CPRA in California), you may have rights to:

  • Access or know what personal data we maintain about you.
  • Correct or rectify inaccurate data.
  • Delete or erase your data (subject to legal exceptions).
  • Receive a structured, machine-readable copy of your data (portability).
  • Object or opt out of certain processing (e.g., consent-dependent analytics).
  • Withdraw consent where applicable.
  • Non-discrimination for exercising your rights (CCPA/CPRA).

How to exercise: Use in-app tools where available, or email us at hello@readaily.app. We may ask you to verify your identity. Authorized agents may submit requests with proper documentation.

Marketing and notifications: Manage push reminders via device and app settings. Email preferences can be changed via unsubscribe links or by contacting us directly.

7. International Data Transfers

We operate globally. Your data may be processed in Brazil and other countries — including the United States — where we or our service providers operate. International transfers implement adequate safeguards such as Standard Contractual Clauses or equivalent mechanisms, plus technical and contractual protections ensuring consistent levels of protection.

8. Third-Party Links and Integrations

The Service may contain links to third-party websites or permit integration activations. Use of those services is governed by their own policies and terms. We are not responsible for their privacy practices. We always communicate clearly before any integration is activated and what data will be exchanged.

9. Policy Changes

This policy may be updated to reflect legislative, technological, or service changes. Revised versions will be published with an updated date. Material changes will be noted prominently via in-app message or email where possible.

10. Contact

Karteado Tecnologia LTDA (Readaily)
Email: hello@readaily.app

For EEA/UK users: if you believe your rights have been violated, you may file a complaint with your local supervisory authority. We encourage you to contact us directly first.