Last updated: May 17, 2026
Account information. You can sign up with an email and password, with an email magic link, or with Google OAuth. For Google sign-in we receive only your name and email address from Google — we never receive or store your Google password. For email sign-up we store your email address and a securely hashed password (handled by Supabase Auth).
Content you save (stored). The following is stored in our database for as long as your account is active, until you delete it: saved vocabulary words and the example sentences they came from, your chat questions and answers with the Milo tutor, books or text you import, PDFs you upload, the spaced-repetition review stories generated for you, and your learning stats, streaks, CEFR level, and reading preferences.
Content processed but not stored. When you look up or translate a word, the specific word and its surrounding sentence are sent to our AI provider (Groq) to generate the explanation. This text is not written to our database — it is held only in a short-lived in-memory cache that is cleared automatically.
Technical data. Your IP address is used only for real-time rate limiting (abuse prevention). It is held in memory for a few minutes and is not stored in our database. Our hosting providers (Railway, Cloudflare) keep standard request logs.
Cookies and local storage. We use browser local storage to keep you signed in (your Supabase session) and to save app preferences (such as settings and onboarding/tour progress). Our analytics provider (PostHog) sets a cookie to attribute product events to your account. We do not use advertising cookies or cross-site tracking.
We do not sell your personal information. We do not use your data for advertising.
ImmerRead's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
We use Google OAuth solely to authenticate you — we request only your basic profile (name and email). We do not access your Gmail, Google Drive, contacts, calendar, or any other Google data. The information received from Google is used only to create and maintain your ImmerRead account and is never shared with third parties for any other purpose.
We share data with the following third parties only as necessary to operate the service:
| Service | Purpose | Data shared |
|---|---|---|
| Supabase | Authentication & database | Account identity and all stored user content (vocabulary, chat Q&A, imported books, stats, preferences) |
| Groq | AI language processing (LLM) | The text you submit or click — sentences, words, chat questions, and vocabulary lists for story generation. Used only to generate responses; not stored by us. |
| Cloudflare | Frontend hosting (Pages) & file storage (R2) | Uploaded PDFs for OCR, technical request logs |
| Railway | Backend API hosting | Transient request data during processing |
| Hugging Face | Premium OCR processing | Uploaded PDFs (processed ephemerally, not retained) |
| Polar.sh | Payment processing for Pro subscriptions | Your email and subscription/billing status. We never see or store your card numbers. |
| Google OAuth 2.0 | Sign-in authentication | Name and email only |
| PostHog | Product analytics & error tracking | Explicit feature events tied to your user ID, email, and name. No session recording, no autocapture, no cross-site tracking. |
These providers are bound by their own privacy policies and data processing agreements. We do not share your data with any other third parties.
We offer an optional browser extension, ImmerRead Lookup, that lets you click a German word on the pages you visit to get an instant translation and explanation.
The extension only reads page content when you actively click a word. At that moment it reads that word and its surrounding sentence and sends them to our backend and to Groq to produce the lookup. It does not crawl, scan, bulk-collect, or continuously monitor pages, and the clicked text is not saved to our database.
The extension stores only an on/off preference flag locally in your browser and reuses your existing ImmerRead login session — it does not create any separate account or collect any data unless you trigger a lookup.
Content you save (vocabulary, imported books, chat Q&A, spaced-repetition stories, stats and preferences) is retained for as long as your account is active. You can delete individual items in-app at any time — including saved vocabulary words, imported books, and saved Q&A.
To delete your account entirely, email us at support@immerread.com. We will remove your personal data from our active systems within 30 days; some data may remain in encrypted backups for up to 90 days before being purged.
The sentences and words you click for lookups or translations are not retained — they are held only in a short-lived in-memory cache that is cleared automatically. IP addresses used for rate limiting are not retained beyond a brief in-memory window. Uploaded PDFs stored in Cloudflare R2 are routinely purged, and premium OCR processing via Hugging Face is ephemeral — files are not stored after processing completes.
You have the right to:
To exercise any of these rights, email us at support@immerread.com. We will respond within 30 days.
We use industry-standard security measures including encrypted connections (HTTPS), secure authentication via Supabase, and access controls on all stored data. However, no system is 100% secure — if you believe your account has been compromised, contact us immediately.
ImmerRead is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with their data, please contact us and we will delete it promptly.
ImmerRead is operated from India. Our infrastructure and sub-processors (Supabase, Railway, Cloudflare, Groq, Hugging Face, Polar.sh, and PostHog) process data primarily in the United States and the European Union. By using our service, you consent to your data being transferred to and processed in these countries. We comply with applicable data protection laws including GDPR principles for EU/UK users.
We may update this policy from time to time. When we do, we will update the "Last updated" date at the top. For significant changes, we will notify you via email or an in-app notice.