Last updated: June 28, 2026
Tomen is a local-first ebook reader. Your library and reading happen on your device — not on our servers. This policy explains the limited data we do handle and the third-party services the app talks to.
The app stores the following in your browser/app storage (IndexedDB and local storage) on the device you use. It is not transmitted to us:
If you create an account to use Tomen Plus, we store your email address and your entitlement status (whether you own Tomen Plus, and any trial dates). Sign-in uses a one-time "magic link" emailed to you — we don't store a password. This is handled by our backend provider, Supabase, on servers in the United States.
Purchases of Tomen Plus are processed by Polar, our merchant of record. Polar (and its payment processor) handle your payment details — Tomen never sees or stores your card information. Polar tells us only that a purchase tied to your email succeeded, so we can unlock your license. See Polar's privacy policy for how they process payments.
Some optional features send a small piece of data to a third party to work. Each is used only when you use that feature:
| Service | When it's used | What's sent |
|---|---|---|
| Wiktionary / Wikimedia | Dictionary lookup | The word you look up |
| Open Library (Internet Archive) | Finding covers online, and looking up genres/subjects for your library (used to build the Journal view; this lookup runs automatically for books in your library) | The book title/author |
| MyMemory | Translation | The text you translate |
| Supabase | Sign-in & license | Your email / session |
| Polar | Buying Tomen Plus | Handled by Polar at checkout |
| jsDelivr (CDN) | Loading the sign-in library | Standard web request (your IP address) |
As with any web request, these services receive your device's IP address and basic request data. We don't control their data practices; please see their respective privacy policies.
We do not use your information for advertising, profiling, or sale to third parties.
Tomen uses your device's local storage and IndexedDB to run the app and to keep you signed in. We do not use advertising or tracking cookies.
Depending on where you live (e.g. the EU/UK under GDPR, or California under the CCPA/CPRA), you may have the right to access, correct, delete, or export the personal data we hold about you, and to object to certain processing. Because we hold very little — essentially your email and entitlement — these requests are simple. Contact us and we'll act on it. We will not discriminate against you for exercising these rights.
Tomen is not directed to children under 13 (or the equivalent minimum age in your country), and we don't knowingly collect their personal information.
Account and entitlement data is processed in the United States. If you use Tomen from outside the US, you consent to that processing.
We may update this policy as Tomen evolves. We'll change the "last updated" date above, and significant changes will be noted in the app.
Questions, or a data request? Email feedback@tomen.app.