Keepli
Sign in
Back to home

Privacy Policy

Last updated: January 6, 2025

At Keepli ("we", "us", "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our bookmark management service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address - Used for account identification, authentication, and important communications
  • Password - Stored securely using bcrypt hashing (we never store plain-text passwords)

1.2 Bookmark Data

When you save bookmarks, we collect:

  • URLs - The web addresses you save
  • Page titles - Automatically fetched from saved pages
  • Page descriptions - Meta descriptions from saved pages
  • Favicons - Website icons for visual identification
  • Page content - Text content for reader mode (stored locally, processed for AI tagging)

1.3 AI-Generated Data

Our AI features automatically generate:

  • Categories - Automatic classification (Tech, Design, Business, etc.)
  • Tags - Relevant keywords for organization

This AI processing uses OpenAI's API. Page titles and descriptions (not full content) may be sent to OpenAI for classification. See OpenAI's privacy policy for their data handling practices.

1.4 Usage Data

We automatically collect:

  • View counts - How often you access each bookmark
  • Last accessed dates - When you last visited a bookmark
  • Error logs - Technical errors for debugging (via Sentry)

1.5 Payment Information

Payments are processed by Lemon Squeezy. We do not store your credit card details. Lemon Squeezy handles all payment processing and stores payment information according to their privacy policy.

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Keepli service
  • Process your bookmarks and generate AI classifications
  • Authenticate your account and secure your data
  • Send important service updates (security alerts, policy changes)
  • Process payments and manage subscriptions
  • Improve our service based on usage patterns
  • Debug technical issues and prevent abuse

3. Data Storage and Security

3.1 Where Your Data is Stored

  • Primary database - PostgreSQL hosted in Europe (Germany)
  • Cache - Valkey (Redis-compatible) for performance optimization
  • Backups - Encrypted daily backups retained for 30 days

3.2 Security Measures

  • All data transmitted over HTTPS (TLS 1.3)
  • Passwords hashed with bcrypt (cost factor 10)
  • JWT tokens for authentication (7-day expiry)
  • HttpOnly cookies to prevent XSS attacks
  • Regular security updates and monitoring

4. Data Sharing

We do not sell your personal data. We share data only with:

  • OpenAI - For AI classification (page titles/descriptions only)
  • Lemon Squeezy - For payment processing
  • Sentry - For error tracking (anonymized technical data)
  • Legal authorities - If required by law

5. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access - Request a copy of all your data
  • Rectification - Correct inaccurate personal data
  • Erasure - Request deletion of your account and all data
  • Portability - Export your bookmarks in standard format
  • Restriction - Limit how we process your data
  • Objection - Object to certain types of processing

To exercise these rights, contact us at privacy@keepli.app or use the account settings in the app.

6. Data Retention

  • Active accounts - Data retained while your account is active
  • Deleted accounts - All data permanently deleted within 30 days
  • Backups - Purged from backups within 30 days of deletion
  • Logs - Technical logs retained for 90 days maximum

7. Cookies

We use only essential cookies:

  • Authentication cookie - Keeps you logged in (HttpOnly, Secure)

We do not use tracking cookies, advertising cookies, or third-party analytics that track individual users.

8. Children's Privacy

Keepli is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us.

9. International Transfers

Your data is primarily stored in the European Union. If data is transferred outside the EU (e.g., to OpenAI in the US), we ensure appropriate safeguards are in place (Standard Contractual Clauses).

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the service after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights:

This privacy policy is designed to comply with GDPR (EU), and general best practices for data protection. If you have questions about your rights, please contact us.