Effective Date: January 14, 2026
Last Updated: January 14, 2026
1. Introduction
Welcome to Readdit Later, a Chrome extension designed to help you save, organize, and enhance your Reddit experience.
This Privacy Policy explains how we collect, use, store, and protect your information when you use our extension and its features.
Transparency First: Readdit Later uses both local browser storage and secure server storage.
This policy clearly explains what data is stored where, why we store it, and how you can control or delete it at any time.
2.1 Account Information
When you use Readdit Later, we collect:
- Email Address: Used for subscription management and account recovery
- Reddit Username: To identify your account and enable cross-device data sync
- OAuth Tokens: Access and refresh tokens for Reddit API authentication (stored locally only)
2.2 Reddit Content
We access and process:
- Saved Posts: Titles, content, URLs, subreddit names, scores, and metadata
- User Labels: AI-generated or custom labels you assign to posts
- Personal Notes: Notes you add to saved posts
- Read Status: Which posts you've marked as read or unread
2.3 Subscription Information
- Subscription status, tier, and expiration dates
- Payment provider IDs (Dodo Payments customer/subscription IDs)
- Trial usage tracking
- First installation date
2.4 What We Do NOT Collect
- Your Reddit password or login credentials
- Private messages or direct communications
- Posts you haven't explicitly saved
- Your browsing history outside of Reddit
- Location data or device fingerprinting
- Credit card or payment information (handled by Dodo Payments)
3. Server-Side Data Storage
⚠️ Important: Server Storage Disclosure
Unlike purely local extensions, Readdit Later stores certain data on our secure servers (Supabase)
to enable premium features like cross-device sync and persistent data storage.
3.1 What Data is Stored on Our Servers
The following data is stored in our Supabase database:
User Accounts Table:
- Email address (unique identifier)
- Reddit username (for cross-device sync)
- Subscription status, tier, and expiration dates
- Dodo Payments customer and subscription IDs
- Trial usage tracking (whether trial was used)
- Account creation and update timestamps
- First installation date
User Labels Table:
- Reddit username (to link labels to your account)
- Reddit post IDs
- AI-generated or custom labels (stored as JSON array)
- Creation and update timestamps
User Notes Table:
- Reddit username
- Reddit post IDs
- Your personal notes for each post
- Creation and update timestamps
User Read Status Table:
- Reddit username
- Reddit post IDs
- Read/unread status (boolean)
- Creation and update timestamps
3.2 Why We Store Data on Servers
Server storage enables:
- Cross-Device Sync: Access your labels, notes, and read status across multiple browsers and computers
- Data Persistence: Retain your organization data even if you reinstall the extension
- Account Recovery: Automatically restore your data when signing in with your Reddit username
- Subscription Management: Verify premium features and manage billing
3.3 What is NOT Stored on Servers
These remain local to your browser only:
- Reddit OAuth tokens (access/refresh tokens)
- Cached Reddit posts content
- Extension settings and preferences
- AI embeddings cache
- Local search history
4. AI Features and Data Processing
🤖 AI Features Information: Our AI-powered features process your post content
to provide summaries, sentiment analysis, and auto-labeling. Post content is sent to our server
and then to AI providers (OpenRouter/OpenAI) for processing.
4.1 AI-Powered Features
- AI Summaries: Automatic post summarization using GPT-4o-mini
- Sentiment Analysis: Emotion and tone detection
- Auto-Labeling: Automatic categorization
- Natural Language Search: Semantic search using embeddings
- Subreddit Analysis: Community insights
4.2 AI Data Flow
When you use AI features:
- Post content is sent from your browser to our server (reddit-later-server.vercel.app)
- Our server sanitizes and processes the request
- Content is sent to OpenRouter API (using OpenAI's GPT-4o-mini model)
- AI response is returned through our server to your browser
- No data is permanently stored by AI providers or our processing server
4.3 Data Minimization
To protect your privacy:
- Long posts are truncated (max 2000-4000 characters depending on feature)
- Personal identifiers are removed when possible
- Only necessary context is sent (title, subreddit, content)
- User account information is not included in AI requests
5. How We Use Your Information
5.1 Core Extension Functions
- Display and organize your saved Reddit posts
- Synchronize labels, notes, and read status across devices
- Provide search and filtering capabilities
- Manage subscription and premium features
5.2 Subscription Management
- Verify premium subscription status
- Process trial activations
- Handle subscription renewals and cancellations
- Link accounts for automatic restoration after reinstall
5.3 AI Enhancement
- Generate summaries of lengthy posts
- Analyze sentiment and emotional tone
- Automatically categorize and label posts
- Provide semantic search capabilities
6. Third-Party Services
6.1 Reddit API
We use Reddit's official API for:
- User authentication via OAuth 2.0
- Retrieving saved posts and profile information
- Performing save/unsave operations
Governed by Reddit's Privacy Policy.
6.2 Supabase (Database Storage)
We use Supabase for secure database storage:
- PostgreSQL database for user accounts and synced data
- Encrypted connections (HTTPS/TLS)
- Row-level security policies
- Regular automated backups
Governed by Supabase's Privacy Policy.
6.3 AI Services
- OpenRouter API: Gateway for accessing AI models
- OpenAI (GPT-4o-mini): Text analysis and generation
- Processing: Via our secure server (reddit-later-server.vercel.app)
Governed by OpenAI's Privacy Policy.
6.4 Payment Processing
- Dodo Payments: Handles all payment processing
- We never see or store your credit card information
- We only receive customer/subscription IDs for verification
6.5 Notion Integration (Optional)
If you enable Notion integration:
- OAuth authentication with Notion required
- Data exported directly from your browser to Notion
- No data passes through our servers during export
- Revocable through Notion's integration settings
7. Data Storage and Security
7.1 Security Measures
- Encryption in Transit: All data transmission uses HTTPS/TLS
- Database Security: Supabase provides encrypted storage and row-level security
- OAuth 2.0: Secure authentication without password storage
- Content Security Policy: Prevents unauthorized script execution
- Rate Limiting: API request throttling prevents abuse
- Minimal Permissions: Only necessary browser permissions requested
7.2 Data Access Control
- Server access restricted to service roles only
- No manual access to user data without explicit request
- All database operations logged for security auditing
- Regular security updates and monitoring
8. Your Rights and Data Control
8.1 Access Your Data
- View Locally: All stored information accessible through extension interface
- Export Data: Download your labels, notes, and posts in JSON/CSV format
- Server Data: Request complete copy of your server-stored data
8.2 Modify Your Data
- Edit or remove labels and notes at any time
- Change privacy and feature preferences
- Update account email or disconnect Reddit account
- Delete specific posts or categories
8.3 Control Third-Party Access
- Reddit: Revoke extension access via Reddit's authorized apps
- Notion: Disconnect integration through Notion settings
- AI Features: Can be disabled in extension settings
9. Data Deletion and Account Removal
Right to Erasure (GDPR Article 17): You have the right to request complete deletion
of all your personal data from our servers at any time, for any reason.
9.1 How to Delete Your Data
You can delete your data in two ways:
Option 1: Through the Extension
- Open Readdit Later extension
- Go to Settings → Privacy & Data
- Click "Delete My Data" button
- Confirm deletion (irreversible action)
- All server-stored data will be permanently deleted within 24 hours
Option 2: Contact Us Directly
- Email: sanjhaiprakash18@gmail.com
- Subject: "Data Deletion Request - Readdit Later"
- Include your Reddit username or email address
- We will process your request within 30 days
9.2 What Gets Deleted
When you delete your data, we permanently remove:
- Your user account record (email, Reddit username)
- All subscription information
- All synced labels, notes, and read status
- Any server logs containing your identifiable information
9.3 What Remains
- Local Data: Data stored in your browser remains until you uninstall the extension or clear browser data
- Anonymized Analytics: Aggregate usage statistics (no personal identifiers)
- Legal Records: Minimal billing records may be retained for tax/legal compliance (typically 7 years)
9.4 Data Export Before Deletion
Before deleting your data, you can:
- Export all your labels and notes as JSON/CSV
- Download a complete copy of your server-stored data
- Save your data locally or transfer to another service
10. Data Retention
10.1 Active Account Data
- User Accounts: Retained while your subscription is active or for 1 year after cancellation
- Synced Data: Labels, notes, and read status retained indefinitely while account is active
- Inactive Accounts: Accounts inactive for 2+ years may be deleted after email notification
10.2 Temporary Data
- OAuth Tokens: Stored locally until logout or expiration
- AI Processing: No permanent retention by AI services
- Server Logs: Automatically purged after 30 days
- Cache Data: Cleared periodically based on usage patterns
10.3 Legal Retention
- Financial Records: Subscription payment records retained for 7 years (tax compliance)
- Legal Disputes: Data may be retained if involved in legal proceedings
11. Children's Privacy
Readdit Later is not intended for children under 13 years of age. Since the extension requires a Reddit account,
users must meet Reddit's minimum age requirements (13+ in most jurisdictions, 16+ in some regions).
We do not knowingly collect personal information from children. If you believe we have inadvertently
collected data from a child, please contact us immediately.
12. Policy Updates
We may update this Privacy Policy to reflect:
- Changes in our data practices
- New features or services
- Legal or regulatory requirements
- Industry best practices
12.1 Notification of Changes
- The "Last Updated" date will be revised
- Significant changes highlighted in extension update notes
- In-app notification for material privacy changes
- Email notification for major changes (if email provided)
12.2 Your Consent
- Continued use after updates constitutes acceptance
- Material changes may require explicit re-consent
- You can always request clarification via email
Technical Details
Chrome Permissions Explained
Our extension requests these specific Chrome permissions:
- storage: Store your data and preferences locally
- tabs: Open Reddit links and manage extension interface
- alarms: Schedule background synchronization
- identity: Handle secure Reddit OAuth authentication
- sidePanel: Display extension interface in Chrome's side panel
Host Permissions
We request access to these domains:
- https://www.reddit.com/*: Interact with Reddit website
- https://oauth.reddit.com/*: Reddit OAuth authentication
- https://api.reddit.com/*: Access Reddit's API
- https://reddit-later-server.vercel.app/*: Our server for AI processing and data sync
- https://api.notion.com/*: Optional Notion integration
- https://api.openai.com/*: AI features (via our server)
- https://openrouter.ai/*: Alternative AI models (via our server)
- https://www.redditstatic.com/*: Load Reddit static assets and images
- https://styles.redditmedia.com/*: Load Reddit stylesheets and media
- https://preview.redd.it/*: Display Reddit image previews
- https://i.redd.it/*: Display Reddit-hosted images
Legal Compliance
GDPR Compliance (European Users)
Under the General Data Protection Regulation (GDPR), you have:
- Right to Access: Request copies of your personal data
- Right to Rectification: Correct inaccurate data
- Right to Erasure: Request deletion of your data
- Right to Restriction: Limit how we process your data
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to certain processing activities
CCPA Compliance (California Users)
Under the California Consumer Privacy Act (CCPA), you have:
- Right to Know: What personal information we collect
- Right to Delete: Request deletion of your information
- Right to Opt-Out: Opt out of data "sales" (we don't sell data)
- Right to Non-Discrimination: Equal service regardless of privacy choices
Data Processing Legal Basis
We process your data based on:
- Contract Performance: Providing the extension service and premium features
- Legitimate Interest: Improving service quality and security
- Consent: AI features and optional integrations
- Legal Obligation: Compliance with tax and financial regulations
Transparency Commitment: We believe in complete transparency about data collection.
This policy honestly discloses all data we collect, where it's stored, and how you can control it.
We will never sell your personal data to third parties.
Acknowledgments
By using Readdit Later, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.
Your use of premium features (AI processing, cross-device sync) constitutes consent for the server-side data storage
described in this policy. If you disagree with any part of this policy, you may discontinue use and request data deletion.