Privacy Policy

Last updated: 28 May 2026

podstow converts text into podcast episodes for your personal listening. You can submit web articles, or text directly (including from an AI assistant via our MCP integration). This policy explains what data we collect, why, and what happens to it. We've kept it short and in plain English.

What we collect

• Account information — your email address and how you signed in (email/password or Google).
• Content you submit — the URLs and text you send us (and the article text we extract from any URLs), so we can convert it to audio.
• Audio files — the podcast episodes we generate from your articles, stored in your personal feed.
• Usage data — how many articles you've converted in the current billing period, so we can apply plan limits.
• Feed access data — when your podcast feed or audio files are fetched, we record the requesting IP address, user-agent, and time. We use this to detect misuse (such as feed sharing) and enforce our personal-use policy.
• Operational logs — standard request logs for our other websites, APIs, and extensions (IP address, user-agent, request path, time, response status), kept for security, abuse prevention, and debugging.
• Payment information — if you subscribe to a paid plan, our payment processor (Stripe) handles your card details. We store your Stripe customer ID but never see or store your card number.

Why we collect it

We use your data to:

• Provide the service — convert your articles and text to audio, generate your podcast feed, manage your account, and process payments.
• Detect and prevent misuse — such as feed sharing in violation of our personal-use policy, and general security and abuse prevention across the service.
• Fix problems — diagnose errors and improve the service.
• Comply with the law — respond to legal requests where required.

We don't sell your data, we don't serve ads, and we don't share your data with advertisers. We may look at how you use podstow to send you the occasional in-product nudge.

Apps, extensions, and integrations

Our browser extensions (Chrome, Firefox), mobile share target, and MCP integration only send podstow the URL or text you submit, along with your account credentials. The browser extensions don't read the web page or track your browsing.

Third-party services

We use the following categories of third-party service to run podstow. Each handles data only as needed to provide their part of the service:

• Cloud infrastructure (AWS) — hosting, storage, compute, and authentication.
• OAuth providers — handle sign-in when you choose to use a third-party account.
• Email delivery — sends transactional emails (account verification, billing notices, support replies).
• Content extraction — fetches the article text from URLs you submit.
• Text-to-speech — converts text into audio.
• AI / language models — process submitted text for things like summarisation, categorisation, and translation.
• Payment processing (Stripe) — handles subscriptions and billing.

Cookies and tracking

podstow does not use third-party trackers, advertising scripts, or analytics scripts, and does not set tracking or analytics cookies.

We do keep our own first-party logs of a small set of product events on our servers so we can understand how podstow is used and measure the visit → sign-up → first-article funnel. The events we record are:

• Server-side events — when you sign up, submit an article, or complete a checkout, we record the event type, the time, your signed-in user ID, and a small set of event-specific properties (such as your subscription tier or the amount of a completed checkout).
• Page-view events — when you visit a page on podstow.com or podstow.app, your browser sends us the path you visited (e.g. /, /settings), the time, and an anonymous session identifier (see below). If you're signed in, your user ID is included as well.

Alongside each event we record the country your request came from (derived from your IP address at our CDN edge, then the raw IP is discarded before the event is stored), and a coarse browser-family token derived from your User-Agent header (e.g. Chrome, Firefox, Safari — not the full User-Agent string).

The anonymous session identifier is a random UUID generated by your browser on your first visit and stored in your browser's local storage (not a cookie). It has no expiry and is not tied to your identity in any way; clearing your browser's site data removes it. We use it only to count distinct visitors in the funnel ratios and to link a sign-up back to the visit it originated from.

We don't record the contents of form fields, your raw IP address, or any third-party identifiers, we don't share this data with anyone outside podstow, and no third-party scripts run on any podstow page.

Data retention

We keep your data for as long as you have an account. Your articles and audio files remain in your feed until you delete your account. Operational logs are retained for 90 days.

Deleting your data

You can request account deletion by emailing support@podstow.com. We may ask you to verify your identity before processing the request. We'll delete your account, feed, articles, and audio files from our active systems. Copies in automated backups may persist for a short time before being purged. Payment records held by Stripe are subject to their own retention policies.

Children

podstow is not intended for children under 13 (or under 16 in the EEA and UK). We don't knowingly collect data from anyone in this age group. If you believe a child has given us data, contact us at support@podstow.com and we'll delete it.

Legal basis for processing (GDPR)

If you're in the European Economic Area or the UK, here's the legal basis we rely on for each type of processing:

• Contract — processing your articles and other submitted content, generating your feed, managing your account, and processing payments are necessary to provide the service you signed up for.
• Legitimate interest — detecting misuse, fixing bugs, keeping the service secure, and sending you the occasional in-product nudge.
• Consent — where you've explicitly opted in (for example, to an optional feature).
• Legal obligation — where we need to comply with applicable law.

Your rights (EEA, UK, and California)

Depending on where you live, you may have additional rights regarding your data:

• Access and portability — you can ask us for a copy of the data we hold about you.
• Correction — you can ask us to fix inaccurate data.
• Deletion — you can ask us to delete your account and data (see "Deleting your data" above).
• Restriction and objection — you can ask us to limit or stop certain processing in some circumstances.
• Withdraw consent — where we rely on consent, you can withdraw it at any time.

We do not sell or share your personal information as defined by the California Consumer Privacy Act (CCPA). To exercise any of these rights, email support@podstow.com. If you're in the EEA or UK, you can also lodge a complaint with your local data protection authority.

Changes to this policy

If we make material changes, we'll update the date at the top of this page and notify you (for example, by email or an in-app message) before they take effect. Continued use of podstow after a change means you accept the updated policy.

Contact

Questions about this policy? Email support@podstow.com.