Back

Privacy Policy

Back to Home

Privacy Policy

Last updated: November 6, 2025

Privacy-First Architecture

Blogs Are Back is built with privacy as a core principle. Feed content is cached locally in your browser and never transmitted to or stored on our servers. We only store minimal metadata necessary for the service to function.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted)
  • Account creation and last login timestamps

1.2 Subscription Metadata

We store metadata about your blog subscriptions:

  • Blog URLs and feed URLs
  • Blog titles and descriptions
  • Subscription timestamps
  • Tags you assign to blogs
  • Feed health status (last fetch time, error counts)

1.3 Reading Activity Metadata

To sync your reading status across devices, we store:

  • Post GUIDs (unique identifiers) you've marked as read
  • Post GUIDs you've starred/favorited
  • Post GUIDs you've saved to read later
  • Last visit timestamps

Important: We only store post identifiers (GUIDs), not the actual content of the posts you read.

1.4 User Preferences

Your personalization settings are stored both locally (in your browser) and on our servers:

  • Theme preferences (light/dark mode)
  • Reader customization settings (font, size, spacing)
  • Sidebar and panel layout preferences
  • Text-to-speech voice and speed preferences

1.5 Usage Analytics

We collect minimal, anonymized analytics data to improve the service:

  • Page views and navigation patterns (anonymized)
  • Error logs and performance metrics
  • Feature usage statistics (aggregated, non-identifying)

2. What We Do NOT Collect

We explicitly do not collect or store:

  • Feed content: Blog posts you read are cached only in your browser's IndexedDB storage
  • Reading history content: We don't know what articles you've read, only their identifiers
  • Personal information from feeds: Any personal data in blog content stays in your browser
  • Tracking cookies: We don't use third-party tracking or advertising cookies
  • Device fingerprints: We don't create device fingerprints for tracking

3. How We Use Your Information

We use the collected information solely to:

  • Provide and maintain the Service
  • Sync your subscriptions and reading status across devices
  • Authenticate your account and prevent unauthorized access
  • Monitor feed health and provide error notifications
  • Respond to your support requests
  • Improve and optimize the Service
  • Send service-related notifications (e.g., account changes, security alerts)

We do not:

  • Sell, rent, or share your personal data with third parties
  • Use your data for advertising or marketing purposes
  • Share your reading habits or preferences with anyone
  • Track your behavior across other websites or services

4. Data Storage and Security

4.1 Client-Side Storage

Feed content and full post text are stored exclusively in your browser's IndexedDB storage with:

  • 30-minute cache TTL (time-to-live)
  • Automatic cleanup of stale content
  • Complete local control - you can clear this data anytime via browser settings

4.2 Server-Side Storage

Account data and subscription metadata are stored on secure servers provided by Supabase with:

  • Encryption at rest and in transit (TLS/SSL)
  • Regular automated backups
  • Access controls and authentication
  • Industry-standard security practices

4.3 Security Measures

We implement multiple security measures:

  • Password encryption using industry-standard hashing
  • HTTPS encryption for all data transmission
  • Rate limiting to prevent abuse
  • SSRF (Server-Side Request Forgery) protection
  • XSS (Cross-Site Scripting) protection via content sanitization
  • Regular security updates and monitoring

5. Third-Party Services

We use the following third-party services:

5.1 Supabase (Database and Authentication)

Account data and metadata are stored on Supabase. Review their privacy policy.

5.2 Edge TTS (Text-to-Speech)

When you use the text-to-speech feature, text is sent to our server for audio generation. We do not store this text or the generated audio beyond temporary processing.

5.3 reCAPTCHA (Bot Protection)

Public forms use Google reCAPTCHA to prevent spam. Review Google's privacy policy.

6. Cookies and Local Storage

We use cookies and local storage for essential functionality only:

  • Authentication cookies: To keep you logged in (essential)
  • Theme preference: To remember your light/dark mode choice
  • User preferences: To persist your customization settings
  • Feed cache: IndexedDB storage for feed content (client-side only)

We do not use advertising, tracking, or analytics cookies from third parties.

7. Your Rights and Choices

You have the following rights regarding your data:

  • Access: Request a copy of your personal data
  • Correction: Update or correct your account information
  • Deletion: Request deletion of your account and all associated data
  • Export: Export your subscription list in OPML format
  • Portability: Take your data to another service

To exercise these rights, contact us at our contact page or through your account settings.

8. Data Retention

We retain your data as follows:

  • Account data: Retained while your account is active
  • Client-side cache: Automatically expired after 30 minutes
  • Deleted accounts: All associated data is permanently deleted within 30 days
  • Backups: Backup data is retained for 90 days for disaster recovery

9. Children's Privacy

Blogs Are Back is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws and that your data receives adequate protection.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date
  • Sending you an email notification (for significant changes)

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at our contact page.

We are committed to resolving any privacy concerns you may have.