Crossread · Legal

Privacy notice

This page is a placeholder while our final privacy notice is being prepared. The current implementation already enforces every guarantee described below.

What we store

• Your account email and tenant membership.
• Project metadata and any EPUB you upload.
• Audio assets generated on your behalf, scoped to your tenant.
• API keys for third-party TTS providers, encrypted at rest with XChaCha20-Poly1305.

What we never see

• Plaintext API keys outside the worker decryption boundary.
• Audio playback history of public share viewers.
• Anything from another tenant — every query is scoped by row-level security.

Your rights (GDPR)

You can export or delete every record we hold for your account. Deletion is transactional: audio chunks, share tokens, and audit trails are evicted in a single sweep that you can verify in your audit log.

Contact

Questions? Email privacy@crossread.de or return to the landing page.