Privacy Policy
Last Updated: September 2025
Effective Date: September 2025
Welcome to Blurb-It! This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
Your Privacy Matters: We are committed to protecting your privacy and being transparent about our data practices. This policy complies with:
- 🇪🇺 European Union: General Data Protection Regulation (GDPR)
- 🇮🇪 Ireland: Data Protection Act 2018 (GDPR implementation)
- 🇬🇧 United Kingdom: UK Data Protection Act 2018
- 🇨🇦 Canada: Personal Information Protection and Electronic Documents Act (PIPEDA)
- 🇮🇳 India: Information Technology Act 2000 & Digital Personal Data Protection Act 2023
- 🇺🇸 United States: California Consumer Privacy Act (CCPA) and state privacy laws
1. Information We Collect
| Data Type |
What We Collect |
Purpose |
Legal Basis |
| Account Data |
Email address, username, password (encrypted) |
Account creation and authentication |
Contract performance |
| Book Data |
Books you scan, save, or favorite |
Provide core app functionality |
Contract performance |
| Usage Data |
App interactions, scan frequency, session duration |
Improve app performance and user experience |
Legitimate interest |
| Device Data |
Device type, OS version, app version |
Technical support and compatibility |
Legitimate interest |
| Camera Access |
Camera access for barcode scanning |
Book barcode scanning functionality |
Consent |
1.1 Information We DO NOT Collect
- Photos or images (scanned data is processed locally and not stored)
- Contact lists or phone numbers
- Location data or GPS coordinates
- Social media profiles or external account data
- Financial or payment information (app is currently free)
- Biometric data or facial recognition
2. How We Use Your Information
2.1 Primary Uses
- Core Functionality: Provide book scanning and library management services
- Account Management: Create, maintain, and secure your account
- Authentication: Verify your identity and secure access
- Data Synchronization: Sync your book collection across app sessions
2.2 Secondary Uses
- App Improvement: Analyze usage patterns to enhance features
- Technical Support: Diagnose and resolve technical issues
- Security: Monitor for suspicious activity and prevent abuse
- Legal Compliance: Meet regulatory and legal obligations
2.3 Marketing Communications (Optional)
- Send updates about new features (with your consent)
- Share relevant book recommendations
- Notify about important service changes
You can opt out of marketing emails at any time through app settings or email unsubscribe links.
3. Information Sharing and Disclosure
3.1 We DO NOT Sell Your Data
Important: We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
3.2 When We May Share Information
- Service Providers: Trusted partners who help operate our service (hosting, analytics, customer support)
- Legal Requirements: When required by law, subpoena, or court order
- Safety and Security: To protect rights, property, or safety of users
- Business Transfers: In case of merger, acquisition, or asset sale (with notice)
3.3 Third-Party Services
| Service |
Purpose |
Data Shared |
Privacy Policy |
| Supabase |
Database and authentication |
Account data, book collections |
supabase.com/privacy |
| Open Library API |
Book metadata lookup |
ISBN numbers only |
openlibrary.org/privacy |
| AWS SES |
Email delivery |
Email addresses for service emails |
aws.amazon.com/privacy |
4. Data Security
4.1 Security Measures
- Encryption: All data transmitted using TLS/SSL encryption
- Password Protection: Passwords are encrypted using industry standards
- Access Controls: Strict access controls for our systems
- Regular Audits: Periodic security assessments and updates
- Data Isolation: Your data is isolated from other users
4.2 Data Retention
- Account Data: Retained while your account is active
- Book Collections: Retained until you delete them or close your account
- Usage Analytics: Aggregated data retained for up to 24 months
- Account Deletion: All personal data deleted within 30 days of account closure
5. Your Privacy Rights
🇪🇺 GDPR Rights (EU/UK Users)
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate personal data
- Right to Erasure: Request deletion of your personal data
- Right to Restrict Processing: Limit how we process your data
- Right to Data Portability: Export your data in a common format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for specific processing
🇺🇸 CCPA Rights (California Users)
- Right to Know: What personal information we collect and how it's used
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt out of sale of personal information (we don't sell data)
- Right to Non-Discrimination: Equal service regardless of privacy choices
5.1 How to Exercise Your Rights
- In-App Settings: Access many privacy controls directly in the app
- Email Request: Contact privacy@blurb-it.app
- Account Deletion: Use the "Delete Account" option in app settings
- Data Export: Request your data through app settings
6. Children's Privacy
- Our App is not directed to children under 13 years of age
- We do not knowingly collect personal information from children under 13
- If we become aware of data collection from a child under 13, we will delete it immediately
- Parents who believe their child has provided us with personal information should contact us
7. International Data Transfers
- Your data may be transferred to and processed in countries other than your own
- We ensure appropriate safeguards are in place for international transfers
- Data processing locations include the United States and European Union
- All transfers comply with applicable data protection laws
8. Cookies and Tracking
- Our mobile app does not use traditional web cookies
- We may use local storage for app preferences and authentication
- No third-party tracking pixels or advertising networks are used
- Analytics data is collected in aggregate form only
9. Changes to This Privacy Policy
- We may update this Privacy Policy from time to time
- Material changes will be communicated via email or in-app notification
- The "Last Updated" date will reflect when changes were made
- Continued use after changes constitutes acceptance of the updated policy
10. Contact Information
11. Regulatory Information
11.1 Supervisory Authorities
- UK Users: Information Commissioner's Office (ICO) - ico.org.uk
- EU Users: Your local Data Protection Authority
- California Users: California Attorney General - oag.ca.gov
11.2 Legal Basis for Processing (GDPR)
- Contract Performance: Essential for providing app services
- Legitimate Interest: App improvement and security
- Consent: Marketing communications and optional features
- Legal Obligation: Compliance with applicable laws
Commitment to Privacy: We are committed to protecting your privacy and handling your data responsibly. If you have any questions or concerns about this Privacy Policy or our data practices, please don't hesitate to contact us.