Privacy

How LoreKeep collects, uses, and protects your data.

LoreKeep handles account data, reading metadata, library content, browser extension requests, and security protections. This page explains what is collected, how it is used, and where stronger privacy modes do and do not apply.

Web appExtensionUpdated 2026-05-27

LoreKeep may update this privacy policy as the product, security measures, legal obligations, or data handling practices change.

Create account Open feedback

Account data

What LoreKeep collects about your account

These are the practical data categories LoreKeep relies on to operate.

Account basics such as your email address, verification state, and the password hash needed to sign you in.

Session and security state needed to keep you signed in, protect the app from misuse, and support account recovery.

Profile settings, library preferences, and browser-extension configuration tied to your account.

Product data

What you save inside LoreKeep

These are the practical data categories LoreKeep relies on to operate.

Libraries, fields, entries, notes, progress values, scores, links, and other tracking data you create in the app.

Feedback, support reports, update interactions, and other content you intentionally submit to public, private, or account-linked product surfaces.

Extension requests that save or update an entry on your behalf when you use LoreKeep Quick Save.

Page metadata

What the extension reads from supported pages

These are the practical data categories LoreKeep relies on to operate.

When you use the extension on a supported page, LoreKeep may read page metadata such as title, source URL, chapter number, cover image, synopsis, genres, tags, and similar reading-page details.

When cover capture is enabled, the extension may also send a detected cover image or a temporary visible-page screenshot crop so LoreKeep can attach a stable cover when a remote cover URL cannot be reused.

This happens so LoreKeep can suggest a library, create an entry, update progress, recover covers, or continue where you left off.

The extension also stores local settings such as the selected app URL in development, page-detection preferences, floating-button preferences, cover-capture preferences, selected library state, and similar popup state in browser extension storage.

Support

What support reports collect

These are the practical data categories LoreKeep relies on to operate.

When you submit a support request, LoreKeep collects the email address, category, subject, message, optional name, browser, extension version, affected URL, and optional screenshot URL you provide.

If you are signed in when submitting support, the report may be linked to your account so the team can understand account-specific issues.

Internal support status, priority, assignment, and notes are visible only to authorized developer/admin users inside LoreKeep.

Use of data

Why LoreKeep uses this information

LoreKeep uses data to operate the product and its extension, not to sell browsing behavior.

Operate your account, libraries, entries, browser-extension features, and public product surfaces.

Authenticate you, secure sessions, verify account ownership, and prevent abuse or unauthorized access.

Send transactional emails such as password-reset and email-verification messages when those flows are used.

Receive, triage, and respond to support reports, bug reports, and account-help requests.

Save and update reading progress from supported pages when you choose to use Quick Save.

Store, normalize, recover, and display cover images or cover candidates for entries where supported.

Maintain logs and operational records needed to keep the service working, investigate issues, and improve reliability.

Sharing

How data is shared

LoreKeep shares data only where it is needed to run the service or where disclosure is legally required.

LoreKeep does not sell your personal data.

LoreKeep may use service providers such as hosting, database, object storage, email-delivery, bot-protection, and infrastructure vendors to operate the product.

Transactional email is sent through configured email providers such as Resend, bot checks may use Cloudflare Turnstile, and stored media may use Cloudflare R2 or another configured storage provider.

LoreKeep may disclose information when required by law, to enforce terms, or to protect users, the product, or the public.

Encryption

How LoreKeep handles encrypted libraries

LoreKeep supports more than one privacy model. They should not be confused with each other.

Standard encrypted libraries protect entry payloads with encryption, but they are not zero-knowledge. The server still participates in parts of the unlock and session workflow.

End-to-end encrypted libraries use a stronger zero-knowledge style flow. Your browser derives the password-based key material, decrypts protected entry data locally, and stores the unlocked library key in browser session storage for a short period so you do not have to re-enter the password every click.

Zero-knowledge protection applies to the protected entry payload, not to every piece of product data. Account records, some library metadata, operational records, and other non-protected app data can still exist on LoreKeep servers.

LoreKeep clears browser-side zero-knowledge unlock keys on logout and treats them as short-lived local state rather than permanent server secrets.

Retention and deletion

How long data stays and what deletion means today

This separates current behavior from things that are still planned rather than already live.

LoreKeep keeps account and product data while your account is active so the service can function. Some operational and security records may be retained for reliability, abuse prevention, or legal reasons.

Support reports, internal support notes, feedback discussions, cover-recovery evidence, and media records may be retained while they are useful for support, reliability, abuse prevention, or product maintenance.

LoreKeep does not yet provide a live self-service account deletion workflow. Until that exists, deletion requests should be handled manually through LoreKeep support channels.

Planned direction: LoreKeep may later add a first-class account deletion flow. If that ships, this policy will be updated with the exact deletion timeline, cancellation rules, and any backup or security-retention windows.

Your choices

What you can control

LoreKeep already gives users meaningful privacy choices, and more may be added later.

You can choose whether a library is unencrypted, standard encrypted, or created in the stronger end-to-end encrypted mode where supported.

You can clear browser-side zero-knowledge unlock state by logging out or closing the session window that stores those short-lived keys.

You can choose whether to use the browser extension, the floating quick-save button, and related browser features at all.

Contact

Questions about privacy or account data

Privacy, support, and account requests can be sent directly to the LoreKeep support inbox.

For privacy questions, support requests, or manual deletion requests, email support@lore-keep.com.

Email support See product Open feedback