Privacy Policy
Last updated: 10 June 2026
The data you give us is a private conversation, and we treat it that way. This page explains — in plain language — exactly what happens to it.
The short version
- No account, no sign-up. The only time we ask for an email address is if you claim a reward on the Free Reads page — and it's used only to administer that claim.
- Your messages are used once, to create your analysis, then deleted from our database the moment the analysis completes (if an analysis fails, they are purged within 24 hours). Only the result is kept.
- If you don't pay, your whole session is automatically purged within 24 hours.
- Paid results are kept for 30 days so you can come back to them, then deleted.
- We never see your card details — payment is handled by Stripe.
1. Who we are
The Read is operated by Euan Cox (sole trader, United Kingdom), who is the data controller for the data described here. Privacy contact: privacy@theread.chat (postal address available on request via that email).
2. What we collect
- Your uploaded WhatsApp export (.txt or .zip): the messages, display names and timestamps inside it.
- Which participant you are — you pick your name after upload.
- Derived results: statistics (message counts, response times, the Down Bad Score) and, if you pay, the AI-written analysis.
- Payment confirmation from Stripe: a reference that your payment succeeded. Your card details go to Stripe directly and never reach our servers.
- Basic technical logs and privacy-light analytics (see section 8).
- Reward claims (only if you submit one): the link to your post, your email address, and any note you add. Used solely to verify the claim and send you your code (lawful basis: performing the reward agreement with you), then deleted within 90 days of the claim being settled.
3. The other person in your chat
A chat is two-sided: your upload necessarily contains the other person's messages too, and they haven't agreed to anything with us. That shapes this policy: we only let you upload conversations you were a participant in(you confirm this before analysis), we process the other person's messages only to produce your analysis (our lawful basis is legitimate interests), we delete the raw messages immediately after analysis, and the other person has the same rights as you — see section 9. Share cards generated by the app label the other person as "Them", not by name.
4. Sensitive content and your consent
An analysis of dating and relationship dynamics can touch on special-category data (for example a person's sex life, sexual orientation, or wellbeing). Because of that we ask for your explicit consent— the un-ticked checkbox you confirm before uploading — before any analysis runs. You can withdraw consent at any time by deleting your session (section 9); withdrawal doesn't affect processing that already happened.
5. Who processes your data for us
We use a small number of named providers: OpenAI (and Anthropic as a fallback) generate the analysis — both process API data in the United States, do not train on API data by default, and retain it only briefly for abuse monitoring; Supabase (EU/London region) stores sessions; Railway hosts the app; Cloudflare provides DNS; Stripe handles payment; PostHog (EU) provides our privacy-light analytics and error monitoring. Transfers to US providers rely on the UK–US Data Bridge or the UK International Data Transfer Agreement.
6. How long we keep things
- Raw and parsed messages: deleted from our database immediately after your analysis completes; if an analysis fails, they are purged within 24 hours.
- Unpaid sessions: purged automatically within 24 hours of upload.
- Paid results (the analysis, scores and statistics — not the messages): kept for 30 days after upload so you can return to them, then deleted automatically. The retained result refers to the other person by the display name that appeared in your export. You can delete your results sooner at any time (section 9).
- Payment records: held by Stripe for as long as tax and accounting law requires (around 6 years).
7. Automated processing
The analysis is generated by AI and is entertainment, not fact. It can be wrong, and it makes no decision with legal or similarly significant effects about you or anyone else. Don't rely on it for decisions about your relationship or wellbeing — see the Terms for the full disclaimer.
8. Analytics, storage and cookies
We use no advertising trackers and set no analytics cookies. The app uses strictly necessary browser storage (sessionStorage and localStorage) to move you through the upload → pay → results flow. We use PostHog (hosted in the EU) for privacy-light product analytics: events live in per-tab storage that is cleared when the tab closes, we record no message content and no participant names, and we honour your browser's "Do Not Track" and Global Privacy Control signals — if either is on, analytics never loads. Error reports (no chat content) go to the same EU PostHog project so we can fix crashes.
9. Your rights
You can ask for access, correction, erasure, restriction, portability, or object to processing — email privacy@theread.chatand we'll respond within one month. Deleting is also self-service: your session (including results) can be erased on request at any time, and everything not already deleted disappears on the schedules in section 6. If you're the other person in someone's chat, you have the same rights — though because raw messages are deleted right after analysis and we hold no account data, there is often nothing left to act on by the time you contact us; we'll tell you either way.
10. Age — 18 and over
The Read is for adults. You must be 18 or over to use it, and you confirm this before uploading. If you become aware a chat involves someone under 18, don't upload it — and if you already have, contact us so we can delete it.
11. Security and complaints
Traffic is encrypted (HTTPS), data at rest lives with established providers, access is restricted, and if a breach ever risks your rights we'll notify the ICO within 72 hours and affected people where the risk is high. If you're unhappy with how we've handled your data, contact us first at privacy@theread.chat — we acknowledge complaints within 30 days. You can also complain to the ICO at any time: ico.org.uk · 0303 123 1113.
12. Changes
We'll post any changes here and update the date at the top. We hold no contact details for past users, so we can't notify you directly — check back if you use the service again.