Privacy

Privacy Policy

Last updated: May 21, 2026

Readnauts is a family reading tracker. It is built to be private, ad-free, and safe for children. This policy explains what we collect, why, and the choices you have. It is written for the grown-up who creates the account, the parent or guardian who is responsible for the readers in the household.

1. Who runs Readnauts

Readnauts is operated by Readnauts ("we", "us"). For any privacy question, or to exercise any right below, contact us:

• Email: support@readnauts.com

2. The short version

• We collect the minimum needed to track your family's reading.
• We never sell your data, never show ads, and use no third-party advertising or tracking.
• We do not store children's birthdates, only a coarse reading stage.
• A grown-up sets up and manages the account; children may use the app on the family's device under that account, and only the grown-up can change or delete the family's data.
• You can export or permanently delete everything at any time, from inside the app.

3. What we collect

From the account holder (the grown-up), at sign-in:

• Your name and email address, from Google Sign-In (the only way to log in).
• An optional 4-digit "grown-up" PIN, which we store only as a salted, hashed value, never as the digits you typed.

About the readers in your family, entered by you:

• A first name or nickname, an avatar, and a color.
• A reading stage (e.g. "learning to read") used to keep scoring fair across ages. We do not ask for or store a child's date of birth.
• The books each reader logs: title, page count, format, the date read, and any optional rating or note you add.

We do not collect a child's contact information, precise location, or photos, and children do not log in or have their own accounts. Children may use the app on the family's device under the grown-up's account. While the app is in use, ordinary technical identifiers (the device's IP address and the grown-up's sign-in session) are processed solely to operate and secure the service (what COPPA calls "support for the internal operations" of the site). We never use them for advertising, profiling, or tracking across other sites.

4. Children's privacy & COPPA

Readnauts is designed to be operated by a parent or guardian. The grown-up account holder is the only person who creates readers and enters information about them. When you add a child reader, you are providing that information as their parent or guardian and consenting to its use as described here.

Consistent with the U.S. Children's Online Privacy Protection Act (COPPA), we practice data minimization (no birthdates, no contact info, no location), we do not condition a child's participation on disclosing more than is reasonably necessary, and we give the parent full control to review, export, and delete a child's information at any time. Beyond the technical identifiers described in section 3 (used only to operate and secure the service), we do not collect personal information directly from children: they provide no contact information and create no accounts. If you believe a child has provided us information directly, contact support@readnauts.com and we will delete it.

5. How we use the data

Only to provide the service: to show your library, compute fair scores and streaks, run the challenges you create, and sync across your devices. We do not use your data for advertising or profiling, and we do not sell or rent it to anyone.

6. Who we share it with (sub-processors)

We share data only with the infrastructure providers needed to run the app:

• Google Firebase (Authentication, Firestore database, Hosting) stores your account and family data on Google Cloud and handles sign-in.
• Open Library (openlibrary.org, a service of the Internet Archive): when you look up a book, the title you type is sent to fetch the cover, author, and page count. No name, reader, or account data is attached to that lookup.
• Google Fonts: the app and site load their typefaces from Google's font servers, which receive the device's IP address as part of serving the fonts.

We do not use any analytics, advertising, or social-media tracking SDKs.

7. How we protect it

Data is encrypted in transit (HTTPS) and at rest (Google Cloud). Each family's data is access-scoped so that one account can never read another family's readers, books, or settings. The grown-up PIN is stored only as a salted hash.

8. How long we keep it & deletion

We keep your family's data for as long as your account is active. You can permanently delete individual books, individual readers, or your entire account and all associated data at any time from Settings → Privacy & Data in the app. Account deletion removes your profile, your family's readers, and their logged books from our live database promptly, and from routine backups within 30 days.

9. Your choices & rights

• Access & export: download all of your family's data as a file from Settings → Privacy & Data.
• Correct: edit any reader or book in the app.
• Delete: remove any book, any reader, or your whole account at any time.
• Revoke consent: deleting a reader or your account withdraws consent for that data.

10. Where data is stored

Data is processed and stored on Google Cloud infrastructure. If you use Readnauts from outside the United States, you consent to your data being processed where our infrastructure operates.

11. Changes to this policy

If we make material changes, we will update the date above and, where appropriate, notify you in the app. Continued use after a change means you accept the updated policy.

12. Contact

Questions, requests, or concerns: support@readnauts.com.