Privacy Policy
Last updated: 2026-07-06
1. Introduction
This Privacy Policy explains how Epoche collects, uses, and protects your personal information when you use our service.
2. Information We Collect
We collect: (a) account information (email, username, profile data); (b) usage data (pages visited, features used); (c) content you upload; (d) device and browser information; (e) reading activity (reading position, bookmarks, and reading-time statistics shown on your dashboard); (f) AI assistant conversations — stored so you can revisit them, and automatically deleted after 90 days of inactivity or beyond your 200 most recent conversations. Recitation (read-aloud) practice uses your browser's built-in speech recognition: we receive and score only the recognized text — your voice audio is never uploaded to or stored on our servers.
3. How We Use Your Information
We use your information to: provide and improve the service; restore your reading position and show your reading statistics; personalize your experience; process AI features; send service notifications; ensure platform security; and comply with legal obligations. We do not sell your personal information.
4. Cookies and Tracking
We use three categories of cookies: (a) Essential — required for authentication, session management, locale preference, and CSRF protection; cannot be disabled. (b) Analytics — aggregated usage measurement so we can improve features; off by default. (c) Advertising and affiliate — Google AdSense (ad personalization, frequency capping, anti-fraud) and Amazon Associates (purchase attribution from book recommendations); off by default. You can change these choices at any time from the Cookie settings link in the footer.
5. Third-Party Services
We use third-party services including: (1) Google Cloud / Vertex AI / Cloud Run (AI generation, TTS audio synthesis, infrastructure hosting); (2) Supabase (authentication, database, file storage); (3) Stripe (subscription payments — Stripe.js drops cookies on checkout pages once you proceed to payment, governed by Stripe's privacy policy at stripe.com/privacy); (4) Google AdSense (ad serving on Free-tier pages — see policies.google.com/technologies/ads); (5) Amazon Associates (affiliate links to amazon.com / amazon.co.jp etc. — Amazon places its own cookies on the destination site); (6) jsDelivr / Cloudflare (KaTeX and code-highlight CDN — no personal data sent); (7) your browser's speech-recognition service for recitation practice (Web Speech API — audio is processed by your browser vendor, e.g. Google for Chrome or Apple for Safari, under their privacy policies; our servers never receive the audio); (8) external image hosts — book-cover images from Amazon and author portraits from Wikimedia Commons load directly from their servers, which therefore see your IP address like any embedded web image. For users in the EEA, UK, and Switzerland, advertising and analytics cookies are loaded only after explicit consent (your choices are signalled to Google via Consent Mode v2). California residents may exercise their CCPA rights via the "Do Not Sell or Share My Personal Information" link in the footer. You can opt out of personalized advertising at any time via Google Ads Settings (https://adssettings.google.com) or www.aboutads.info.
6. Data Security
We implement industry-standard security measures including encryption, access controls, and regular security audits to protect your data.
7. Your Rights
You have the right to: access your personal data; correct inaccurate data; delete your account and data; export your data; opt out of non-essential data processing.
8. Children's Privacy
Epoche is not intended for children under 13. We do not knowingly collect personal information from children under 13.
9. Changes to This Policy
We may update this policy periodically. We will notify you of significant changes and request renewed consent when required.
10. Contact Us
For privacy-related inquiries, please contact us at support@epoche.app.