[autoexec]

> The privacy policy says we _may_ share _anonymized_ reading data, aggregated across many users. Even that, we have never done, but needed to have in the policy to cover our asses legally.

Why would you legally need to specify that you might send data to advertisers and publishers? Even the examples you provided like "We may tell an advertiser or publisher that X number of people imported Z annotations from a particular book." suggests that even if you haven't done it already, you anticipate selling data to publishers and advertisers about what people are reading.

That's not a bad thing, in fact it's exactly the sort of thing I'd expect from a service like this (along with making recommendations to users based on their reading history), but it seems weird to dismiss that as something you only put in there for legal CYA reasons.

Please understand the position I'm in. I have no way to know if you've sold data to advertisers and publishers. I can only know what you tell me that you do, or "may" do, in your privacy policy (in context of a privacy policy "may" should be assumed to mean "will").

You may actually be the most privacy respecting SaaS company that has ever existed, who never has and never will make a single dime on anything but subscription fees. I can't know that. I can only go by what your privacy policy says. To me, that policy makes your service look like it will capitalize on the data you collect from your users and that it depends on third parties like amazon, google, facebook, and mixpanel for things that you consider to be essential to your service. Your privacy policy says that you may share anonymized data, yet anonymized data is often trivial to deanonymize, and even aggregated data is not always sufficient to protect people's privacy.

From the information that I have, my assessment is that it's reasonable to expect that in addition to subscription fees my interactions with your service will likely be used to generate profit for you.

If that's wrong today, then I'm happy to have been wrong about that. If you never intend to make a single penny from anything other than subscription fees and you have carefully taken every precaution to the point where you can ensure that user's reading lists and interests couldn't, in any way, be revealed to third parties like Google, Amazon, or Mixpanel then I sincerely apologize for by assumptions, and I'd suggest that you could do a lot more to make that clearer in the information you provide. I'd even open with your intentions to only accept money from subscription fees in your privacy policy.

[antiframe]

A reason I won't use a SaaS for my data is that even if today the policy is that they do not sell my data, tomorrow they might change their policy to do just that. Even if I stop using it before that change, they already have my data and are unlikely to allow me to completely delete it.

[azeirah]

> are unlikely to allow me to completely delete it

They're legally obliged to do so for European customers, if requested, no? They'll lose a lot of customers if they don't support deleting all data.

[brainchild-adam]

In theory, yes. In practice it seems this might be, once again, relatively easy to avoid or restrict. Simply put up identification barriers that are so high none but the most determined pursue this.

"Oh, so you want [a copy of your data/to delete all your data]? Please prove you are who you claim to be, first."

This is at least the impression I got in general. Not saying Readwise would necessarily do that.

[antiframe]

It's unclear from their terms if Readwise deletes all your data. I found no mention of the GDPR or an easy place to request a GDPR right to be forgotten request.

To their credit, they do mention "You shall have the ability to delete your Account at any time at https://readwise.io/delete." in their terms, but that page is behind an account login (so I can't see what it says unless I already agree to this term). Does account mean login credentials or all data? That's not clear to me up front.