A few words on privacy 🍃

TL;DR

Put simply, Freshreader stores your random 16-digit account number and the list of URLs you saved, which are deleted automatically 7 days after being saved (for real!). When you delete your account, it is immediately deleted from the database along with your remaining saved URLs (again, for real!).


A non-technical overview

Hi, I'm Maxime. I made Freshreader. I'm a performance- and privacy-conscious software developer, and in an age where privacy-greedy applications are commonplace, I aim to build software that requires as little information as necessary from the people using it to function properly.

I don't need your email address, nor your name or even an arbitrary username, nor a picture of you, nor your location, or anything of that matter for Freshreader to do its job, so I simply don't ask for it. I think it's better for everyone this way: you don't have to worry about what I'm doing with this information, and I don't have to worry about mishandling your personal information.

Sure, the application may feel a bit "dry" because it's not particularly "personalized to your taste", but I think that's an acceptable downside considering the privacy win for everyone.

Feedback is always welcome, either on GitHub or Twitter. ✌️


The techy bits

Freshreader is a really simple Rails-based web application backed by only 2 database tables: users and articles. Here's a short explanation of the database schema as of 2020-05-03:

articles table

  • id: the internal unique identifier of your saved article
  • url: the URL of the page you saved
  • title: the title of the page when you saved it
  • created_at: the time & date at which you saved the page
  • updated_at: the time & date at which the record is updated (not used)
  • user_id: the internal identifier for your Freshreader account

users table

  • id: the internal unique identifier of your Freshreader account
  • account_number: your random and unique 16-digit account number
  • title: the title of the page when you saved it
  • created_at: the time & date at which you created your account
  • updated_at: the time & date at which you last updated your account
  • api_auth_token: a random token generated for use with the upcoming Android app
  • api_auth_token_expires_at: the expiration time & date of the API token

As for cookies, Freshreader uses a single cookie named _freshreader_session to keep your Freshreader session active (otherwise you'd have to type in your account number every time you'd want to see your list, or save an article). This cookie is only used on the freshreader.app domain, and expires when you close your browser. I don't track you across other websites, because I think that's wrong, and because Freshreader doesn't need this to work.


In a way, this application is a bit naive, and that's how I want it to be. No shadow profiles, no "soft-deleted" records, no shady practices. Just clear intentions and open source implementation.

I hope Freshreader is adding value to your life. I'm always available to chat on Twitter, and feedback is welcome on GitHub. 👋