पोथी
साइन इन
Home

Privacy Policy

Last updated: June 2025

1. Who we are

Pothi ("we", "our", or "us") is a daily Marathi spiritual reading app. We provide tools to read devotional texts, track your parayan, and build a consistent daily reading practice.

If you have questions about this policy, you can contact us at hello@pothi.app.


2. Information we collect

We collect the following categories of information:

  • Account information: When you sign in with Google OAuth or email OTP, we receive your email address and a unique identifier from the identity provider. We do not receive or store passwords.
  • Reading activity: We store which pothis you are reading, your current reading position (adhyay/ovi), check-in history, and any reading plans (parayan) you create.
  • Preferences: Your preferred language (Marathi or English), reminder times, and timezone are stored to personalise your experience.
  • Usage data: Standard server logs may include your IP address, browser type, and page requests. These are used solely for monitoring and improving the service.

3. How we use your information

We use your data to:

  • Provide, maintain, and improve the Pothi service
  • Save and sync your reading progress across devices
  • Send daily reading reminders you opt into
  • Send transactional emails (e.g., sign-in verification codes, editor invite notifications)
  • Monitor for abuse and ensure platform integrity

We do not sell your personal data to third parties. We do not use your data for advertising.


4. Data storage and security

Your data is stored securely on Convex, a managed database platform. Uploaded audio and image assets are stored on Cloudflare R2. Both providers maintain industry-standard security controls.

All data is transmitted over HTTPS. We use short-lived, server-side authentication tokens rather than storing long-lived credentials in the browser.


5. Cookies and local storage

Pothi uses browser local storage to remember your language preference and cached application state. We do not use third-party advertising or tracking cookies.

Authentication state is managed through secure HTTP-only session tokens set by our authentication service.


6. Third-party services

We use the following third-party services to operate Pothi:

  • Google OAuth — for "Sign in with Google". Google may process your email address per Google's Privacy Policy.
  • Resend — for transactional emails (OTP codes, invite notifications).
  • Convex — our backend database and serverless function platform.
  • Cloudflare — for hosting, CDN, and object storage.

7. Your rights

You have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — ask us to correct inaccurate data
  • Deletion — request that we delete your account and associated data
  • Portability — receive your reading history in a machine-readable format

To exercise any of these rights, email hello@pothi.app. We will respond within 30 days.


8. Children's privacy

Pothi is not directed at children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.


9. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of Pothi after changes are posted constitutes your acceptance of the revised policy.