Privacy Policy

We collect the following information to provide and improve our services: **Account Information:** • Username (chosen by you) • Email address (for account verification and communications) • Password (securely hashed and salted via Supabase) • Optional Google OAuth data (name, email, profile picture) if you sign in with Google **Usage Information:** • Books you view, rate, and review • Reading preferences • Platform interactions and activity • Device information and browser type **Automatically Collected:** • IP address and location data • Analytics data through Vercel Analytics • Session data and login timestamps

We use your information to: • Provide and maintain your account and reading experience • Personalize book recommendations and content • Send important account notifications and updates • Improve our platform through analytics and usage patterns • Ensure platform security and prevent abuse • Comply with legal obligations **We do NOT:** • Sell your personal information to third parties • Use your data for advertising purposes • Share your reading activity publicly without your consent • Access your private messages or personal content

**Essential Cookies:** • Supabase authentication tokens (required for login sessions) • Session cookies to keep you logged in • Security tokens for account protection **Analytics:** • Currently using Vercel Analytics for basic usage statistics • We may add Google Analytics in the future (with prior notice) • All analytics data is aggregated and anonymized **Your Control:** • You can disable non-essential cookies in your browser settings • Disabling essential cookies may affect platform functionality • We respect "Do Not Track" signals where possible

We do not sell or share your personal information, except with: **Service Providers:** • Supabase (authentication and database hosting) • Vercel (platform hosting and analytics) • OpenLibrary (book data - no personal data shared) **Legal Requirements:** • When required by law or legal process • To protect our rights or prevent illegal activity • In case of business transfer (with user notification) **Community Features:** • Your username and reviews are visible to other users • Profile information you choose to make public

We take security seriously: **Password Protection:** • All passwords are hashed and salted via Supabase • We never store or see your actual password • Strong password requirements encouraged **Authentication Options:** • Secure email/password login • Google OAuth integration **Data Protection:** • All data transmitted using HTTPS encryption • Regular security updates and monitoring • Supabase security infrastructure

**Data Retention:** • Account data kept while your account is active • Deleted accounts: data removed within 30 days • Some data may be retained for legal/security purposes **Account Deletion:** • Users may delete their account by going to the profile settings and clicking "Delete Account" • Upon deletion, all personal data is permanently removed **Data Export:** • Request a copy of your data by contacting support • Includes reviews, reading history, and account information • Delivered in machine-readable format within 30 days

Under privacy laws, you have the right to: **Access & Portability:** • Request a copy of your personal data • Receive data in a portable format • Know what information we have about you **Correction & Control:** • Update or correct your information • Control what data is public vs. private • Opt-out of non-essential communications **Deletion & Restriction:** • Request deletion of your account and data • Restrict processing of your information • Object to certain uses of your data **California Residents (CCPA):** • Right to know what personal information is collected • Right to delete personal information • Right to opt-out of sale (we don't sell data) • Right to non-discrimination for exercising these rights

We may update this Privacy Policy from time to time to reflect: • Changes in our practices or services • Legal or regulatory requirements • User feedback and improvements **Notification Process:** • Significant changes will be announced via email • Updates posted on this page with revision date • Continued use constitutes acceptance of changes **Your Options:** • Review changes when notified • Contact us with questions or concerns • Delete your account if you disagree with changes