Your email, your asset, your account.
Coldread is hosted-only: you sign in with email, your first run is free, and paid tiers start at $19 / month via Stripe. This page describes exactly what is stored where, and what we (PeachStateAI) can and cannot see.
Account data, when you sign in
The minimum we need to honor "1 free run, then subscribe."
When you start a hosted run, we store:
- Your email address — used as your account identifier and to send the one-time sign-in link. Stored in our Postgres database (Neon, US-East).
- A run log — one row per hosted run with: an opaque run id, the run mode (panel / audience / follow-up), our estimated cost, the reaction count, the timestamp, and the status (complete / failed). This is what we use to answer "has this user used their free run?" and bill correctly.
- The completed run itself (asset, reactions, summary) — stored on your account so you can browse history cross-device, continue agent conversations from a different machine, and have the MCP
ask_follow_up/compare_simulationtools work without depending on which device originally ran it. You can forget any run from /history (or viaDELETE /api/runs/:idfor MCP/CLI), which wipes the stored content while keeping the minimal usage ledger needed for billing. Failed runs are not stored. - Subscription state (if you subscribe) — a Stripe customer id, the plan, the period end. Payment details are stored by Stripe, never on our side.
What is stored in your browser
A local cache for fast reopen, mirrored on your account.
The Coldread web UI runs in your browser. We keep a local cache so re-opening a run is instant (no round-trip to the server). For signed-in users this cache is mirrored on the server-side run record; anonymous one-shot runs live only in this browser.
- A list of recent run IDs (key:
coldread.recentRuns) — so the homepage can show you what you've run lately on this device. - The full content of each cached run (keys:
coldread.run.{id}) — the asset, the reactions, the verdict — so you can re-open without a server fetch. - Per-run feedback (keys:
coldread.feedback.{id}) — the thumbs-up/down you click after a run, plus an optional one-line note. The note text stays on your device; only an anonymous "feedback was given, with note: yes/no" event reaches analytics.
Clearing browser data removes the local cache; the server-side copy on your account stays. Use the per-run forget button on /history to remove stored run content from your account (and from every device).
Where your asset goes during a run
Browser → Coldread server → model provider; the completed run is saved to your account.
When you click "run," the web UI POSTs your asset to a serverless endpoint (/api/simulate) hosted on Vercel. The endpoint forwards the request to our model provider using a server-managed key, streams the reactions back to your browser, and on completion writes the run record (asset, reactions, summary) to your account in our Postgres database (Neon, US-East, encrypted at rest). The same flow applies to /api/compare, /api/follow-up, and the bearer-token MCP/CLI twins under /api/mcp/*.
Why we save it: so follow-up tools (ask_follow_up, ask_panel_follow_up) and history browsing work cross-device — your runs live on your account, not on a single laptop. You can forget any run from /history (web) or via DELETE /api/runs/:id (MCP/CLI). This wipes stored content, but keeps the minimal billing/usage row. Failed runs are not stored at all.
Caveat we will not paper over: Vercel, our hosting provider, may log request metadata (IP, timestamp, route, response status) at the platform level for operational reasons. Vercel does not see API request bodies in normal operation. The CLI and MCP server authenticate to the same coldread.dev endpoints with a token minted at /mcp; the same data path applies to those surfaces.
What the model provider sees
The asset and the persona prompts; nothing more.
The simulation runs against our model provider (xAI by default, with Anthropic used for image / PDF extraction). The provider receives the asset and the persona prompts as model inputs and returns model outputs. Their data-handling policies for API usage apply — see xAI's privacy policy and Anthropic's privacy policy.
Analytics, cookies, and error reports
What we do collect, where it goes, and what we don't do with it.
Vercel Analytics. We use Vercel's built-in analytics for page-view counts and Core Web Vitals (load time, interactivity, layout shift). Vercel anonymizes visitor identity at ingestion using a daily-rotating hash; we cannot tie a page view to a specific user. Their privacy policy covers what they collect.
Auth.js session cookie. When you sign in, we set a session cookie (authjs.session-token) so subsequent requests don't make you sign in on every page. It identifies you to our server only — no third party can read it.
Client-side error reports. When something throws inside the React app and the root error boundary catches it, we POST a small report to /api/client-error containing: the error message, the stack trace (if any), a Next.js correlation id, the URL where it happened, and your browser user-agent. If you're signed in, your user id is attached so support can follow up. We use this to find and fix bugs; nothing else.
Web fonts (Fraunces, Inter, JetBrains Mono) are loaded from Google Fonts — that loads in your browser, not via our server.
What we never do
In plain language.
- We do not sell or share account data — including run content — with anyone.
- We do not train any model on your inputs.
- We do not look at your run content except to debug something you've asked us to look at, with your permission.
- We do not retain run content forever — you can forget any run on demand from /history or via DELETE on the API.
- We do not use third-party tracking cookies — only the Auth.js session cookie above.
Contact
Questions or concerns.
Reach us via /contact or through PeachStateAI.
This page describes Coldread as currently operated. It is not legal advice. Material changes will be posted here with a dated revision note.