Success
Table of Contents
- Data Controller
- Data We Collect
- How We Use Your Data
- Legal Basis for Processing (GDPR)
- Cookies and Tracking Technologies
- Third-Party Service Providers
- Data Sharing and Disclosure
- International Data Transfers
- Data Retention
- Data Security
- Your Rights Under GDPR
- Your Rights Under CCPA/CPRA (California Residents)
- CalOPPA Compliance
- Children’s Privacy
- Do Not Track Signals
- Changes to This Privacy Policy
- Contact Us
This Privacy Policy explains how justRead.app (“we,” “us,” or “our”), operated by Petr Jahoda, collects, uses, shares, and protects your personal information when you use our website at justread.app and our mobile application (collectively, the “Service”). We are committed to transparency and to protecting your privacy in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the California Online Privacy Protection Act (CalOPPA), and other applicable privacy laws.
1. Data Controller
The data controller responsible for your personal data is:
Petr Jahoda
justRead.app
Email: support@justread.app
If you have any questions about how your data is processed, or if you wish to exercise your rights, please contact us using the details above.
2. Data We Collect
We collect only the minimum data necessary to provide and improve the Service. Below is a complete overview of the categories of data we collect:
| Category | Data Collected | Source | Purpose |
|---|---|---|---|
| Email Address | Your email address | Provided by you when joining the waitlist | Waitlist management and product updates |
| Usage Analytics | Page views, feature interactions, app performance metrics, general usage statistics | Collected automatically via PostHog (website & app) | Service improvement and product development |
| Pseudonymized Device Identifier | A unique device identifier that is transformed into an anonymous pseudonym (e.g., “beardy beaver”) | Generated automatically in the app for feature voting via VoteFirst.app | Enabling anonymous feature voting without collecting personal data |
IP Anonymization: We have IP anonymization enabled in PostHog. Your full IP address is never stored. PostHog is hosted in the European Union (EU), meaning your analytics data does not leave the EU.
Data We Do Not Collect
We do not collect names, phone numbers, physical addresses, payment information, precise location data, advertising identifiers (IDFA/GAID), or biometric data. We do not use session replay or screen recording. We do not create individual user profiles that could identify you personally.
3. How We Use Your Data
We use the data we collect for the following purposes:
- Service Improvement: Understanding how users interact with the Service to identify bugs, improve features, and enhance the user experience.
- Product Development: Using aggregated and anonymized usage patterns to inform our development roadmap and prioritize features.
- Feature Flagging: Delivering and testing new features for specific user groups via PostHog feature flags.
- Waitlist & Communications: Sending you product updates, launch notifications, and other communications related to the Service.
- Feature Voting: Enabling you to vote on features and view the development roadmap through VoteFirst.app.
- Technical Support: Diagnosing and resolving technical issues.
We do not use your data for advertising, profiling, automated decision-making, or selling to third parties.
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), the United Kingdom, and Switzerland, we process your personal data based on the following legal grounds under Article 6(1) of the GDPR:
| Legal Basis | Applies To | Details |
|---|---|---|
| Consent (Art. 6(1)(a)) | Email address collection; analytics cookies on the website | You provide your email voluntarily when joining the waitlist. Analytics cookies are set only after you consent via our cookie banner. You may withdraw consent at any time. |
| Legitimate Interest (Art. 6(1)(f)) | Anonymized and pseudonymized analytics; feature flags; feature voting | We have a legitimate interest in understanding how the Service is used and improving it. Because analytics data is IP-anonymized and aggregated, the impact on your privacy is minimal. We have conducted a balancing test and determined our interest does not override your rights. |
5. Cookies and Tracking Technologies
Website
Our website uses PostHog analytics, which sets first-party cookies to understand how the site is used. These cookies are set only after you provide consent through our cookie banner. No cookies are placed for advertising, retargeting, or cross-site tracking purposes.
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
| PostHog analytics cookies | First-party | Usage analytics, feature flags, site performance | Up to 1 year |
If you decline cookies via the cookie banner, no analytics cookies will be set. You may also manage cookies through your browser settings at any time. Disabling cookies may affect certain features of the website.
Mobile App
The mobile app uses the PostHog SDK for analytics and feature flags. This does not use browser cookies but may store a local anonymous identifier on your device. You can opt out of analytics collection at any time through the app settings.
6. Third-Party Service Providers
We use the following third-party services to operate the Service. Each acts as a data processor on our behalf:
PostHog (Analytics & Feature Flags)
- What it does: Collects anonymized usage analytics and manages feature flags across our website and mobile app.
- Data processed: Page views, feature interactions, performance metrics. IP addresses are anonymized and never stored in full.
- Hosting: PostHog Cloud, hosted in the European Union (EU).
- Privacy policy: posthog.com/privacy
Sender (Email Communications)
- What it does: Manages our waitlist and sends product update emails.
- Data processed: Your email address.
- Privacy policy: sender.net/privacy-policy
VoteFirst.app (Feature Voting)
- What it does: Allows users to vote for features on our roadmap and see what is being worked on.
- Data processed: A pseudonymized device identifier (transformed into an anonymous pseudonym). No personal data is sent to VoteFirst.app.
- Privacy policy: votefirst.app
7. Data Sharing and Disclosure
We do not sell, rent, or trade your personal data. We do not share your data with advertisers. We only share data with the third-party service providers listed above, and only to the extent necessary for them to provide services on our behalf.
We may disclose your data if required by law, regulation, legal process, or enforceable governmental request, or to protect the rights, property, or safety of justRead.app, our users, or the public.
8. International Data Transfers
Our analytics data is processed by PostHog within the European Union, so no transfer of analytics data outside the EEA occurs.
Your email address stored with Sender and data sent to VoteFirst.app may be processed outside the EEA. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on an adequacy decision, to protect your data in accordance with GDPR requirements.
9. Data Retention
| Data Type | Retention Period |
|---|---|
| Email address | Retained for as long as you remain on our waitlist or are an active user. You may request deletion at any time. |
| Analytics data | Retained in anonymized/aggregated form for as long as necessary to improve the Service. Because this data cannot identify you, GDPR data subject rights do not apply to it. |
| Pseudonymized device identifier (VoteFirst) | Retained for as long as the feature voting functionality is active. The identifier cannot be traced back to you. |
10. Data Security
We implement appropriate technical and organizational measures to protect your data, including:
- SSL/TLS encryption for all communications between your device and our servers.
- IP anonymization to prevent storage of full IP addresses.
- Use of EU-hosted infrastructure for analytics data.
- Limiting access to personal data to only those who need it to operate the Service.
Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data to the best of our ability.
11. Your Rights Under GDPR
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights regarding your personal data under the GDPR:
- Right of Access (Art. 15) — You have the right to request a copy of the personal data we hold about you.
- Right to Rectification (Art. 16) — You have the right to request correction of inaccurate or incomplete personal data.
- Right to Erasure (Art. 17) — You have the right to request deletion of your personal data, subject to applicable legal exceptions.
- Right to Restriction of Processing (Art. 18) — You have the right to request that we restrict the processing of your personal data in certain circumstances.
- Right to Data Portability (Art. 20) — You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Object (Art. 21) — You have the right to object to processing based on legitimate interests at any time. We will cease processing unless we demonstrate compelling legitimate grounds.
- Right to Withdraw Consent (Art. 7(3)) — Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.
- Right to Lodge a Complaint — You have the right to lodge a complaint with your local data protection supervisory authority. In the Czech Republic, this is the Office for Personal Data Protection (ÚOOÚ).
To exercise any of these rights, please contact us at support@justread.app. We will respond to your request within 30 days.
12. Your Rights Under CCPA/CPRA (California Residents)
If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), provides you with specific rights regarding your personal information.
Categories of Personal Information Collected
In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:
| CCPA Category | Collected | Examples |
|---|---|---|
| Identifiers | Yes | Email address, pseudonymized device identifier |
| Internet or network activity | Yes | Pages visited, feature interactions, app usage data |
| Commercial information | No | — |
| Geolocation data | No | — |
| Biometric information | No | — |
| Sensitive personal information | No | — |
Your CCPA/CPRA Rights
- Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collecting it, and the categories of third parties with whom we share it.
- Right to Delete: You may request that we delete the personal information we have collected about you, subject to certain exceptions.
- Right to Correct: You may request that we correct inaccurate personal information.
- Right to Opt-Out of Sale or Sharing: We do not sell or share your personal information as defined by the CCPA/CPRA. Therefore, there is no need to opt out.
- Right to Limit Use of Sensitive Personal Information: We do not collect sensitive personal information as defined by the CCPA/CPRA.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
To submit a request, email us at support@justread.app. We will verify your identity before processing any request and respond within 45 days.
Notice at Collection: We collect identifiers (email) and internet activity data (analytics) for the purposes of providing and improving the Service. We do not sell your personal information. We do not use or disclose sensitive personal information beyond what is necessary to provide the Service.
13. CalOPPA Compliance
In accordance with the California Online Privacy Protection Act (CalOPPA), we make the following disclosures:
- Users can visit our website anonymously if they decline analytics cookies.
- This Privacy Policy is linked from our home page and is accessible from every page of the website via the footer.
- Our Privacy Policy link includes the word “Privacy” and can be easily found on the pages of our website.
- Users will be notified of any privacy policy changes on this page, with the “Last updated” date revised accordingly.
- Users can change their personal information by emailing us at support@justread.app.
14. Children’s Privacy
Our Service is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have inadvertently collected personal information from a child under 13, we will take prompt steps to delete that information. If you believe that a child under 13 has provided us with personal information, please contact us at support@justread.app.
15. Do Not Track Signals
Some browsers transmit “Do Not Track” (DNT) signals. As required by CalOPPA, we disclose that our Service does not currently respond to DNT signals. However, you can opt out of analytics tracking by declining cookies on our website or disabling analytics in the mobile app settings.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, our Service, or applicable laws. When we make material changes, we will update the “Last updated” date at the top of this page. We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.
17. Contact Us
If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or have concerns about how your data is handled, please contact us:
Petr Jahoda
justRead.app
Email: support@justread.app
We aim to respond to all inquiries within 30 days.