Unread 1 Privacy Policy

This was the privacy policy for Unread version 1.9.13. It is archived here for reference. Please see the privacy policy for the current shipping version of Unread for current information.

We take customer privacy seriously. We do not sell or monetize customer data.

1. Feed Service Accounts

Unread works with Unread Cloud accounts, Local accounts, and external feed service accounts.

1a. Unread Cloud Accounts and Local Accounts

We maintain web services to efficiently retrieve articles ahead of time for Unread Cloud accounts and Local accounts.

We store the following information for each Local account and each Unread Cloud account:

  • A list of subscribed feeds with subscription-specific webpage text options and subscription-specific settings such as the customer-specified title.
  • Tag names and the set of subscriptions associated with each tag.
  • The date and time at which the customer subscribed to each feed.
  • Articles and other content from feeds to which customers subscribe. Under some circumstances article content will be augmented by additional content from the website publishing the article.

In addition we store the following for each Unread Cloud account:

  • An Apple-generated anonymous Apple account identifier.
  • Which articles have been read or marked read, and the history of when articles are marked read and unread.
  • Article-specific webpage text options, and the history of when article-specific webpage text options are set.
  • Which articles are saved, and the history of when an article is saved or unsaved.

Unread always interacts with our servers via HTTPS.

Customers log into Unread Cloud accounts via Sign in with Apple.

When removing an Unread Cloud account from Unread on a device, Unread will ask the customer whether to just remove the account from the device or to destroy the account. If the account is destroyed we will delete all traces of the account from our servers as soon as possible. Syncing to that account will then stop working from any other device logged into it. Similarly after deleting a Local account from Unread on a device, we will destroy that account on our servers as soon as possible.

We may continue to store a feed’s URL, articles, or other feed content after all customers have unsubscribed from a feed or after accounts with subscriptions to that feed have been destroyed. We may build a public directory of feeds. We reserve the right to incorporate feeds that we discover based on customer subscriptions into such a directory. We will not release information about who has subscribed to what feeds.

1b. External Feed Service Accounts

When used with an external feed service account, Unread needs to interact with that feed service. That interaction is subject to the privacy policy of that service:

Fever does not have a published privacy policy, but it runs on a server under the customer’s control. Its source code is available to its customers.

Unread stores your feed service account credentials securely in the Keychain.

It is possible for a feed service to inject links or embedded objects such as images into articles. Such embedded objects may be served via HTTP. Any content injected by a feed service is subject to the terms of Section 8: Websites.

2. Webpage Text

Unread’s webpage text features require our servers. Specifically:

  • Our servers are used to determine whether specific feeds serve truncated articles or full article content.
  • Our servers provide webpage text content for truncated articles.
  • When a customer changes the default setting for a feed from feed text to webpage text or vice-versa, we may store that information to improve our detection of feeds that contain only summaries.

In some cases our log files will reflect that a user from a specific IP address requested feed information for a specific feed URL or requested webpage text for a specific webpage URL. Requests related to the webpage text feature do not include account identifiers or personal identifiable information.

3. Analytics

We collect some anonymous usage information and use it for the sole purpose of improving Unread. Usage information that we collect includes:

  • Settings, such as whether “Mark Read on Open” is enabled.
  • Whether certain features of Unread are used.
  • Which feed services are used.
  • The volume of data that Unread is storing such as the number of accounts, number of articles, and number of feed subscriptions.

We do not collect any of the following information:

  • Account identifiers or credentials for external feed service accounts.
  • URLs of external self-hosted feed service accounts.

4. Support File Uploads

In an effort to troubleshoot a customer support issue we may ask a customer for their Unread log files and database files, and provide a way for the customer to submit them. That submission will happen via our servers because the files can be too big to reliably send via email. Those files contain information about feeds to which the customer subscribes and articles that the customer reads with Unread. We will treat these files as confidential information, will use them for no purpose beyond addressing the customer support issue, and will delete these files once the issue is resolved. This will only ever happen after we request those support files and the customer explicitly agrees to provide them.

5. Configuration

Unread may retrieve configuration information from our servers such as:

  • Application-wide authentication keys for feed services.
  • In-app purchase availability.
  • Announcements that should be presented to customers.
  • Lists of suggested feeds for new Unread Cloud accounts and Local accounts.

6. Article Actions

Unread allows you to share an article directly to Instapaper, Pinboard, Pocket, Raindrop.io, or to Safari Reading List. That is subject to the privacy policy of the associated service:

6a. Instapaper

Instapaper has the concept of a private bookmark. Unread does not make bookmarks it saves to Instapaper accounts private.

6b. Pinboard

Pinboard bookmarks saved by Unread are shared unless the Pinboard “save all bookmarks as private” setting is enabled.

7. Apple

Because Unread is distributed through the App Store and runs on iOS/iPadOS, use of Unread is also subject to the Apple Privacy Policy.

Occasionally, either at the request of a customer or at our request and with consent of the customer, a customer might beta test an unreleased version of Unread. When that happens, we will provide the customer’s name and email address to Apple. That process is subject to the TestFlight Terms and Conditions. Beta releases may incorporate changes to the privacy policy that have not yet been published to the Golden Hill Software website or announced on the Golden Hill Software blog.

8. Websites

Displaying webpage text and displaying articles with embedded objects such as images requires making HTTP and HTTPS requests to third party websites. In the same way that a website can track direct visitors, a website may be able to track Unread customers when retrieving embedded objects and webpage text, when opening a link from an article, and when opening an article on the web.

9. Web-Based Login Processes

Some feed services and article action services have web-based login processes. Unread allows you to log into those services with an in-app Safari view. Unread has no ability to ensure that the entire login process happens via HTTPS. Under some circumstances the login process will end with a temporary account authorization code being sent to our servers. Our servers just send the authorization code back to Unread. Our servers do not log or otherwise use these authorization codes.

10. Customer Support Email

Our email is hosted with FastMail, and is therefore subject to the FastMail Privacy Policy. We may retain email indefinitely in order to provide context for future conversations.

Unread contains the ability to email a customer support request to us. Unread adds information about the device and installation to customer support messages by default. On a device that uses standalone (Unread Cloud or Local) accounts, this includes account identifiers. We can use an account identifier to locate account information described in Section 1a and associate that with the message sender. This helps to provide context around customer inquiries. We treat that as confidential information. If desired the customer can remove that information before sending a message.

11. Beyond this Product

Actions performed by share sheet extensions or by other apps with data copied to the clipboard are beyond the scope of this privacy policy.

We may use third party content delivery services on our website.

When necessary for maintenance and security purposes, we may log requests to our website. Information logged may include visitor IP addresses. That information will be used for the sole purpose of maintaining the website and will be stored for no longer than necessary.

Any correspondence via social network such as Twitter is subject to the privacy policy of that social network and is beyond the scope of this privacy policy.

This privacy policy does not apply to other Golden Hill Software products or to versions of Unread prior to version 3.0

12. Sharing of Data

We are a United States company. When legally required to do so, we will provide information to government authorities. Beyond that, we will never share customer data. We make a point of minimizing the customer information we have.

13. Contact

Any questions or concerns about this privacy policy should be sent to John Brayton at support@goldenhillsoftware.com.

13. Changes to this Policy

Future versions of Unread may require an update to this policy. Any changes will be noted on the Golden Hill Software blog.