Sign in Start free
Privacy

Privacy policy.

Last updated · June 2026 · Effective · June 2026

Privacy-first private feeds

This policy explains how Readcast ("we", "our", "us") collects, uses, and protects personal information, including private RSS and audio bearer links.

Data controller

Readcast
Email: privacy@readcast.com
Data Protection Officer: privacy@readcast.com

Information we collect

Personal information you provide

Information we collect automatically

Legal basis for processing

How we use your information

Data sharing and third parties

Third-party processors

  • ElevenLabs: text-to-speech processing
  • Google (Gemini API): text-to-speech processing when the Gemini voice provider is selected, and image-description processing when enabled
  • OpenAI: title, narration, summary, and performance processing when enabled
  • Anthropic: Autopilot briefing/research agent processing when enabled
  • Google OAuth: sign-in for accounts that choose Google authentication
  • Stripe: payment processing and billing portal
  • Cloudflare: CDN, Workers, and R2 storage for generated audio
  • Grafana Cloud: monitoring and operational logs when configured

We use contractual, security, and configuration controls appropriate to each processor. We do not sell personal information.

We do not sell your data

We never sell, rent, or trade your personal information to third parties for marketing purposes.

Data retention

Your privacy rights

Under GDPR, you have the right to:

  • Access: request a copy of all personal data we hold about you
  • Rectification: correct any inaccurate or incomplete data
  • Erasure: request deletion of your personal data ("right to be forgotten")
  • Portability: receive your data in a machine-readable format
  • Restriction: limit how we process your data
  • Object: opt out of processing based on legitimate interest
  • Withdraw consent: revoke consent for consent-based processing

To exercise these rights, contact privacy@readcast.com. We aim to respond promptly and within timeframes required by applicable law.

Data security

Private RSS and audio links

Podcast apps need direct links to fetch episodes. Readcast uses unguessable RSS and audio tokens for that purpose. These links work like passwords: anyone with the exact URL may be able to fetch the private feed or audio until you rotate or revoke the relevant token.

Cookies and tracking

Essential cookies (no consent required)

Optional cookies (consent required)

Manage cookie preferences via the consent banner or your browser settings.

International data transfers

Some service providers are located outside the EU. We ensure adequate protection through:

Children's privacy

Our service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we discover such data, we delete it promptly.

Changes to this policy

We may update this policy to reflect changes in our practices or legal requirements. We will notify you of material changes by email or through the service. The updated policy is effective immediately upon posting.

Contact us

For privacy-related questions, data requests, or to exercise your GDPR rights:

Right to lodge a complaint

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local supervisory authority. EU residents can find their authority at edpb.europa.eu.

This privacy policy was last updated on June 1, 2026.