Privacy Policy — BookInspire

Effective date: 12 May 2026 Version: 1.0 Applies to: BookInspire mobile application (iOS, and Android upon release)

This Privacy Policy explains what personal data BookInspire collects, why we collect it, how we use it, who we share it with, and the rights you have over it. We have written it to be readable. Where legal terms are unavoidable, we explain them in plain language.

If you have any question after reading this policy, write to [email protected].

1. Who is responsible for your data (Data Controller)

The data controller — the person legally responsible for how your personal data is processed — is:

Aliaksandr Lutsevich, sole proprietor (jednoosobowa działalność gospodarcza) registered in Poland. Entered in the Central Registration and Information on Business (CEIDG) maintained by the Minister of Development and Technology. NIP: 7252319957 REGON: 522127937 Registered address: ul. Skierniewicka 34A/24, 01-230 Warszawa, Poland General contact: [email protected] Privacy contact: [email protected]

We have assessed our obligations under Article 37(1) UK GDPR / GDPR with reference to EDPB Guidelines on Data Protection Officers (WP243 rev.01, 5 April 2017) and the ICO's published guidance. Although our processing of taste profiles for personalised recommendations is "regular and systematic monitoring" within Art. 37(1)(b), we have concluded — having regard to the number of data subjects (currently below the threshold the EDPB describes as "large scale"), the limited categories of data involved (no special-category data within Art. 9 GDPR / Art. 7 of Belarus Law No. 99-Z / Art. 7 of Ukraine Law No. 2297-VI), the geographic scope, and the duration of monitoring — that mandatory DPO appointment is not yet engaged. We keep this assessment under review and will appoint a DPO without undue delay if any of those factors change materially. The day-to-day contact for data-protection matters is the data controller at [email protected].

In this policy, "we", "us", and "our" refer to the data controller named above. "You" and "your" refer to the person whose personal data is being processed — the user of the BookInspire app.

2. What personal data we collect

We collect only what we need to provide the service. Below is the complete list, grouped by purpose. We do not collect anything not listed here.

2.1 Account & identity

When you sign up, we collect:

Email address — either typed by you (email/password sign-up) or shared by Apple/Google when you use Sign in with Apple / Sign in with Google. If you use Apple's "Hide my email" feature, we only ever see the private relay address.
Display name — optional; provided by Apple/Google or set in the app.
Profile photo URL — only when you sign in with Google and that account has a public photo.
Firebase User ID (UID) — a random unique identifier assigned by Firebase Authentication. Internally we use this to link your data; it is not exposed to you.

2.2 Your reading library

For each book you add to your library:

Book metadata: title, author, ISBN (if known), cover image URL, page count, publication year, genre categories.
Your classification: "loved", "liked", "disappointed", or "abandoned".
Aspect tags you select about the book (mood, themes, pace, etc.).
Optional free-text comment / review you write.
Reading language of the book.
Timestamps of when the book was added and last updated.

2.3 Your preferences

App interface language (English, Polish, Ukrainian, Russian, or Belarusian).
Device region code (e.g. "US", "PL", "UK") detected from your device locale — used only to show region-appropriate book retailer links.
Reading languages — which languages of books you want recommendations in.
"Hide Russian literature" toggle.
Notification permission state.

2.4 Taste profile and AI-generated content

We compute a "taste profile" from your library — weighted preferences across genres, narrative aspects, and cultural origins. This profile lives on our servers so it can be used to generate recommendations. We also keep monthly snapshots (up to 60 months) so that the app can show how your taste has evolved.

On top of the raw profile, our AI provider (Anthropic Claude) produces:

Book recommendations — title-by-title suggestions, each with a short explanation of why it might fit you.
Discovery picks — additional "Hidden" and "Kindred" recommendations available to BookInspire+ subscribers.
Taste evolution insights — short monthly write-ups describing how your reading taste has changed since the last snapshot.

These AI-generated texts are written into your account on Firestore and stored alongside the snapshots they relate to. They are never shared with other users and are not used to train the AI model — see section 4 for our processor's commitments.

2.5 Usage data

Recommendation history (which books we suggested and which you saved).
"Rolls" consumed per cycle (the rate-limit counter for free/paid tiers).
Last active timestamp.
Push notification log — which automated message we sent on which date, used to avoid sending the same message twice.
Custom mood text you optionally type when asking for recommendations (e.g. "something calm to read before bed"). The text is sent to our AI provider for that single request and we do not save it as a standalone field. If the AI quotes or paraphrases your input in the resulting recommendation, that fragment is preserved inside the recommendation record itself — there is no separate copy.

2.6 Device information

Firebase Cloud Messaging (FCM) push token — a device-specific token that lets us send push notifications. Tied to your account.
Platform (ios or android).
Device locale (language + region code).

We do not collect Apple's IDFA, Android Advertising ID, IP address logs, precise location, contacts, health data, or biometric data.

2.7 Permissions you grant on-device

To use specific optional features, the app requests system permissions. None of these run continuously in the background — they activate only when you choose to use the feature.

Camera — used by the "scan a book" import option to take a picture of a book cover or shelf. The captured image is forwarded through our Cloud Function to Anthropic so that the AI can extract titles, then immediately discarded. Our Cloud Function does not write the image to a database or storage bucket.
Photo library — used by the "import screenshots" option to read screenshots of book lists you took elsewhere. Only photos you explicitly select are read; we never browse your library. Selected images follow the same forward-then-discard flow as camera images.
Microphone & speech recognition — used by the "voice import" option. Audio is transcribed to text on your device via Apple's / Android's on-device speech-recognition framework; the audio itself never leaves your device. Only the resulting transcript is processed further.

Each of these permissions is requested by the operating system the first time you use the corresponding feature, and you can revoke them in your device settings at any time. The app continues to work without them — you simply lose access to that import method.

2.8 Subscription data

If you purchase BookInspire+:

Subscription tier (free or plus).
Expiration date.
Product identifier (e.g. monthly / yearly plan).
An anonymous identifier from our subscription provider RevenueCat, linked to your account.

Apple / Google handle the payment itself. We never see your card number — that stays inside Apple Pay / Google Pay.

2.9 Diagnostic & error data (Sentry)

When the app crashes or hits an unhandled error, we capture:

Stack trace (file paths + line numbers from the code that errored).
App version.
Operating system + version.
Device model.

Before this data leaves your device, we strip identifying fields (user object, request headers, cookies). The goal is to know that something is broken, not who broke it.

2.10 Anonymous aggregate counters (not tied to you)

We keep three day-by-day counters with no user identifier attached:

Affiliate link clicks — number of taps on "where to get this book" links, bucketed by retailer and region.
Paywall views — number of times the paywall screen was shown, bucketed by region.
Subscription purchases — number of successful subscription transactions, bucketed by plan and region.

These counters contain no user ID, no email, no device token. We use them to understand which retailers and regions are most active, so we can prioritise product improvements.

3. Why we use your data (purposes and legal bases)

Under GDPR (Article 6) we must have a legal basis for every kind of processing. Here is ours:

What we do	Why	Legal basis
Create your account, store your library, generate recommendations	To provide the service you signed up for	Contract (Art. 6(1)(b))
Bill subscriptions, validate purchases	To deliver paid features you chose	Contract (Art. 6(1)(b))
Send retention / re-engagement push notifications	Our commercial interest in encouraging continued engagement with the app you installed, balanced against your reasonable expectations of lifecycle messaging from an app you signed up for. For users aged 13–17 we send only transactional messages (row below) — we do not apply nudge mechanics to minors, consistent with UK Children's Code Standard 13. We have completed a Legitimate Interests Assessment (LIA) and concluded the impact on you is low (you can disable notifications at OS level or by emailing us under section 7), the messages are not advertising, and you may object at any time	Legitimate interest (Art. 6(1)(f)) — adult users (18+) only; you can turn notifications off in your device settings
Send transactional notifications (taste evolution insights, new picks ready)	To deliver core features of the service	Contract (Art. 6(1)(b))
Capture crashes / errors (Sentry)	To keep the app stable and fix bugs	Legitimate interest (Art. 6(1)(f))
Aggregate anonymous counters (clicks, paywall views, purchases)	To improve the product based on non-personal data	Legitimate interest (Art. 6(1)(f)) — counters contain no personal data, so technically GDPR's stricter rules do not apply
Comply with tax and accounting obligations under Polish law	Statutory requirement	Legal obligation (Art. 6(1)(c))
Comply with App Store / Google Play developer-agreement requirements (e.g. retention of receipts for refund handling)	Contract with the platform and our legitimate interest in operating on those platforms	Contract with platform + legitimate interest (Art. 6(1)(f))

We do not process special categories of personal data (Art. 9 GDPR) — no health, biometric, religious, political, sexual orientation, or trade-union data.

We do not make automated decisions with legal or similarly significant effect (Art. 22 GDPR). The recommendation algorithm suggests books; it does not make decisions about your eligibility, credit, employment, etc.

3.1 Obligation to provide data (Art. 13(2)(e) GDPR)

Providing an email address (or linking with Apple/Google) is a contractual requirement for entering into the service agreement with us — without it we cannot create your account. All other data (library, ratings, comments, mood text) is optional — the Service works without it, but recommendations will be sparser.

4. Who we share your data with (sub-processors and recipients)

We share data only with the services strictly needed to run the app. We never sell your data. We never share it for advertising purposes.

Sub-processor	What they process	Where	Legal mechanism for transfer
Google LLC (Firebase) — Authentication (including transactional emails for email verification and password reset), Firestore database, Cloud Functions, Cloud Messaging	Account, library, preferences, push tokens; recipient address for verification / password-reset emails	United States (`us-central1`)	SCCs + EU-US Data Privacy Framework (DPF)
Anthropic, PBC (Claude API)	To generate recommendations and monthly taste-evolution insights, we send a relevant subset of your taste profile (described in section 2.4), a selection of books from your library (the metadata listed in section 2.2), and your current mood input to Anthropic. We do not send your email, name, or Firebase UID. Anthropic's API terms commit them not to use customer data for model training.	United States	SCCs (Anthropic DPA)
DeepL SE — translation of AI content	English text of recommendations / insights — translated to your UI language. No identifying data sent.	Germany (EU)	Within EU — no transfer issue
Google LLC (Google Books API)	ISBN / title queries to enrich book metadata. No user identifier.	United States	SCCs + DPF
Internet Archive (Open Library)	ISBN / title queries when Google Books returns no result. No user identifier.	United States	Publicly available API; no personal data
Apple Inc. (Sign in with Apple)	Authentication if you choose Apple sign-in	United States	SCCs + DPF
Google LLC (Sign in with Google)	Authentication if you choose Google sign-in	United States	SCCs + DPF
RevenueCat, Inc.	Subscription state, purchase receipts	United States	SCCs
Functional Software, Inc. dba Sentry	Pseudonymized error/crash data (stack traces, device model, OS version, in-app user ID for debugging)	United States	SCCs
Cloudflare, Inc.	Email routing for [email protected]	United States	SCCs + DPF

Each of these companies acts as a "processor" — they only process data on our instructions and may not use it for their own purposes.

4.1 External retailers (where to get a book)

For each recommended book, the app offers links to bookstores and audiobook providers in your region (for example Amazon, Bookshop.org, Empik, Audible, etc.). Tapping such a link opens the retailer's website or app in your browser — you leave BookInspire at that moment. We do not share any of your personal data with the retailer; the link only contains the book identifier and, where applicable, our affiliate parameter.

Once you are on the retailer's site, that retailer's own privacy policy applies. We are not responsible for what happens there. If you make a purchase through an affiliate link, we may receive a small commission; this does not affect the price you pay.

5. International data transfers

Some of the companies that process your data on our behalf are based in the United States. Where this is the case, we rely on the following legal mechanisms approved under GDPR for transfers outside the EEA:

Standard Contractual Clauses (SCCs) approved by the European Commission (Implementing Decision (EU) 2021/914 of 4 June 2021).
EU-US Data Privacy Framework (DPF) — adopted by the European Commission in July 2023 (Implementing Decision (EU) 2023/1795). Google LLC, Cloudflare Inc., and Apple Inc. are self-certified participants and cover the UK Extension as well. The other US-based sub-processors (Anthropic, RevenueCat, Sentry) rely on SCCs incorporated in their Data Processing Agreements.

Following the Schrems II judgment, we have assessed the risks and consider these safeguards adequate for the limited types of data we transfer. You can request our transfer impact assessment by emailing [email protected].

If you are based in the United Kingdom, transfers from the UK to the US rely on the UK extension to the DPF and the UK International Data Transfer Addendum.

6. How long we keep your data (retention)

Data category	Retention period
Account details (email, display name, photo URL, UID)	Until you delete your account
Library, ratings, comments, taste profile	Until you delete your account
Monthly taste-evolution snapshots	The 60 most recent monthly snapshots per user; older snapshots are pruned automatically
Recommendations history	Until you delete your account
Push notification tokens	Until you delete your account. Tokens that FCM tells us are no longer valid (because you uninstalled the app or revoked notification permission) are removed automatically the next time we try to send you a notification. Signing out does not by itself delete the server-side token.
Push log (which message sent when)	Until you delete your account
"Consume" / rate-limit records	30 days — automatically removed by an automated retention process once 30 days have passed since creation
Custom mood text sent to AI	Not persisted as a separate record
Anonymous aggregate counters	Indefinitely — they contain no personal data
Sentry error events	90 days under Sentry's current retention policy (subject to change by Sentry; see Sentry's privacy policy for the up-to-date figure)
Local app data on your device (MMKV cache, settings)	Until you uninstall the app or sign out
Inactive accounts (no sign-in for 24 months + 60-day grace period after our reactivation email)	Account and all linked data deleted under the procedure in this section (consistent with APP 11.2 for AU users; see §13.5)
Tax / accounting records of subscription transactions	5 years (Polish tax law requirement)

When you delete your account through the in-app Settings → Delete account flow, we:

Revoke your Firebase refresh tokens immediately.
Delete your Firebase Auth user.
Permanently delete your account along with all data associated with it — your book library, your taste profile and reading-evolution snapshots, the AI insights and recommendations generated for you, and the internal usage records we keep for rate-limiting — across our backend.
A second sweep one second later catches any in-flight write that raced the deletion.
Local app data is cleared on your device.

Backups: Firestore backups are managed by Google and follow Google's published retention. Personal data inside those backups becomes inaccessible to us once the live record is deleted.

7. Your rights

Under GDPR and equivalent laws in the UK, Ukraine, and Belarus, you have the following rights. To exercise any of them, email [email protected] from the address associated with your account, or use the in-app tools where indicated.

Right	What it means	How to use it
Right to be informed	Know what we do with your data	This policy
Right of access	Get a copy of the personal data we hold about you	Email us — we respond within 30 days
Right to rectification	Correct inaccurate or incomplete data	Edit directly in the app, or email us
Right to erasure ("right to be forgotten")	Have your data deleted	Settings → Delete account, or email us
Right to restrict processing	Pause processing in specific cases	Email us
Right to data portability	Receive a machine-readable export of your data	Email us — we provide JSON export within 30 days
Right to object	Stop us from relying on legitimate interest for a specific purpose (e.g. retention pushes)	Turn off notifications, or email us
Right to withdraw consent	Where processing is based on consent — withdraw at any time without affecting prior processing	In the current configuration of the Service we do not rely on consent as a basis for processing personal data — we use a contractual basis (Art. 6(1)(b) GDPR; for users in Ukraine — Art. 11(2)(2) of Law No. 2297-VI; for users in Belarus — Art. 6(2)(6) of Law of the Republic of Belarus No. 99-Z), so withdrawal of consent is not engaged. If we ever introduce a separate kind of processing based on consent (e.g. marketing emails), you will be able to withdraw it in the same form in which it was given — by writing to [email protected]
Right not to be subject to automated decision-making	Not be subject to a decision based solely on automated processing that has a legal or similarly significant effect	We do not do this
Right to lodge a complaint with a supervisory authority	If you think we are mishandling your data	See section 12 for authorities

We will respond to your request within 30 days. In complex cases we may extend by a further two months and will tell you why.

8. Security

We protect your data using:

Transport encryption — all traffic between the app, our servers, and our sub-processors uses HTTPS/TLS 1.2+.
At-rest encryption — Firebase Firestore, Firebase Auth, and Sentry encrypt stored data by default.
Authentication — all access to your data requires a valid Firebase Auth token tied to your account.
Firestore Security Rules — server-side rules prevent any user (or attacker) from reading or modifying another user's data, even with a valid token for a different account.
Limited access — administrative access to live data is restricted to the data controller and any authorised personnel acting under written confidentiality, plus the sub-processors listed above strictly within their stated function.
No raw payment data — card numbers stay inside Apple Pay / Google Pay and are never seen by us.

No system is perfectly secure. If we ever experience a personal data breach, we will notify the competent supervisory authority without undue delay (and within 72 hours where feasible) in line with Article 33 GDPR where notification is required. Where a breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly in line with Article 34 GDPR.

8.1 Data Protection Impact Assessment (DPIA)

In line with Article 35 GDPR and the Polish UODO Communication of 17 June 2019 (list of operations requiring a DPIA), we have completed a DPIA covering: (a) processing of personal data of minors (13–17); (b) use of AI (Anthropic Claude) for personalised recommendations; and (c) profiling of reading preferences. The DPIA is reviewed at least annually and whenever there is a material change to processing. A summary is available on request to [email protected].

9. Children and younger users (ages 13–17)

BookInspire is intended for users aged 13 and older. This minimum age matches:

The App Store content rating (13+).
US COPPA (Children's Online Privacy Protection Act, 15 U.S.C. §§ 6501–6506), which requires verifiable parental consent for personal data of users under 13.
The principles of proportionate processing of minors' data under GDPR. Note: our lawful basis for processing is performance of the contract (Art. 6(1)(b) GDPR), not consent; the special rule of Art. 8 GDPR on the digital-consent age for information-society services (16 in Poland, 13–16 in other EU Member States) therefore does not apply to us. Additional requirements relating to the contractual capacity of minors are governed by national law — see ToS §3 "Subscription purchases by minors".

When you sign up we ask you to confirm that you are 13 or older. We do not run automated age verification — this relies on your honest statement. We do not knowingly collect personal information from children under 13 (16 C.F.R. §312.5(c)). BookInspire is not directed to children under 13 within the meaning of the COPPA Rule (16 C.F.R. §312.2). In assessing whether the Service is "directed to children" we evaluated the §312.2 multi-factor test:

Subject matter — literary book discovery and personal reading-taste profiling, oriented to adult and young-adult literary fiction;
Visual content — minimalist hand-drawn journal aesthetic with a single fox-librarian mascot, not designed with cartoon characters, child celebrities, or animation patterns targeting under-13s;
Use of animated characters or child-oriented activities — none;
Music or audio content — none aimed at children;
Age of models — N/A (no child models);
Child celebrities or celebrities who appeal to children — none;
Language and content of the app — adult and young-adult literary themes (relationships, conflict, complex narratives) typical of 13+ reading;
Ads directed at children — none (no advertising in the app);
Empirical evidence regarding actual audience — our retention pushes, paywall conversion, and subscription tiers are designed for adult readers.

On this basis we conclude that BookInspire is a general-audience service that does not "target" children under 13. If you are a parent or guardian and believe a child under 13 has signed up, write to [email protected] and we will delete the account and associated data promptly.

COPPA §312.5 — verifiable parental requests. If a parent or legal guardian believes a child under 13 has provided personal information to the Service, they may submit a verifiable parental request to [email protected] to (i) review the child's information, (ii) refuse further collection, or (iii) require deletion (16 C.F.R. §312.6). We will verify the parent's identity using one of the methods listed in 16 C.F.R. §312.5(b)(2) (signed consent form; government-issued ID review; video conference) and action the request within 10 business days. We will delete the verification documentation promptly after confirming the parent's identity, as required by 16 C.F.R. §312.5(b)(2)(iv).

9.1 Commitments to users aged 13–17

For users in this age band we apply the following protections, designed to align with the UK Age Appropriate Design Code (Children's Code) under Section 123 of the UK Data Protection Act 2018 and the GDPR proportionality principles applicable to the processing of minors' data:

No behavioural advertising or marketing profiling of minors. We do not build advertising profiles of any user, but this is an absolute rule for users under 18.
High privacy by default. All optional data-sharing settings default to the most privacy-protective option. We do not collect precise geolocation; the coarse country/region code used to render retailer links (section 2.6) is required for the Service to function and is not user-toggleable.
Data minimization. We collect only what is necessary to provide book recommendations (see section 2).
No detrimental sharing. We do not share minors' data with third parties for advertising purposes; data shared with our processors (section 5) is limited to what is necessary to operate the Service.
No nudge or compulsive-use mechanics. The app does not currently use streaks, leaderboards, social pressure, or other design patterns intended to retain minors beyond ordinary use. Should we add any such feature in the future, this Privacy Policy will be updated before it ships.
Transparency. Our notices (this Privacy Policy and in-app explanations) are written in plain language so younger users can understand them.

9.2 Content suitability

Our recommendations cover a wide range of literary fiction and non-fiction, including titles that address mature themes typical of young-adult and adult literary fiction (relationships, conflict, loss, historical events). We do not actively recommend explicitly sexual content or graphic-violence content. Parents may wish to use the iOS Family Sharing / Screen Time controls to set further content restrictions.

10. Marketing and tracking

We do not run any advertising in the app.
We do not sell or share your data for advertising purposes.
We do not use Apple's IDFA or Android's Advertising ID.
We do not embed third-party analytics SDKs that track user behaviour at the individual level. (See section 2.10 for the only counters we keep — they are aggregate and anonymous.)
Push notifications we send to you are about your use of the app (new recommendations, taste evolution, subscription reminders). They are not promotional content for third parties.

11. Changes to this policy

We may update this policy from time to time — for example if we add a new feature, switch sub-processor, or a law changes.

When we do:

We update the Effective date at the top of this page.
If the change is material (new categories of data, new purposes, new recipients in countries with weaker protections, etc.), we will notify active users in-app and/or by email at least 30 days before the change takes effect.
We keep a public changelog of past versions at bookinspire.app/privacy/changelog (link goes live with the first revision).

Continuing to use the app after a non-material change constitutes acceptance of the updated policy.

12. Supervisory authorities and contact

If you believe we have not handled your data properly, you have the right to complain to the data protection authority in your country:

Poland — Prezes Urzędu Ochrony Danych Osobowych (UODO), ul. Stanisława Moniuszki 1A, 00-014 Warszawa; phone 22 531-03-00; [email protected]; ePUAP: /UODO/SkrytkaESP; uodo.gov.pl
United Kingdom — Information Commissioner's Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF; phone 0303 123 1113; complaint form at ico.org.uk/make-a-complaint
Ukraine — Ukrainian Parliament Commissioner for Human Rights (Ombudsperson), Secretariat (Department for Personal Data Protection), vul. Instytutska 21/8, Kyiv 01008; hotline 0 800 50 17 20; [email protected]; ombudsman.gov.ua
Belarus — National Centre for Personal Data Protection of the Republic of Belarus, 220012, Minsk, ul. Platonova 22; phone +375 17 270-95-43; [email protected]; cpd.by
Australia — Office of the Australian Information Commissioner (OAIC), GPO Box 5288, Sydney NSW 2001; phone 1300 363 992; oaic.gov.au
United States (California) — California Privacy Protection Agency (CPPA), cppa.ca.gov

We would prefer that you contact us first at [email protected] so we have a chance to resolve any issue directly.

13. Jurisdiction-specific provisions

13.1 California (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you the following rights in addition to those in section 7.

Categories of personal information we have collected from California residents in the past 12 months (Cal. Civ. Code §1798.100(a), §1798.130(a)(5)(C); CCPA Regulations §7011(e)(1)–(5)):

Category (§1798.140(v))	Specific data	Source of collection	Named business/commercial purpose (§1798.140(e))	Categories of recipients
A. Identifiers	Email, display name, Firebase UID	Directly from you; from Apple/Google at sign-in	Account creation, authentication, customer support, security, debugging, performing services — §1798.140(e)(1), (2), (3), (8)	Firebase/Google, Apple, RevenueCat, Cloudflare
D. Commercial information	Subscription tier, purchase history	RevenueCat / Apple StoreKit / Google Play Billing	Subscription delivery, billing reconciliation, performing services and short-term transient use to process a transaction — §1798.140(e)(2), (4)	RevenueCat, Apple, Google
F. Internet/network activity	Library entries, recommendation history, push log, rate-limit counters, device locale	Directly from you (in-app interactions)	Service delivery, rate-limit enforcement, security and debugging, performing services — §1798.140(e)(2), (3), (7)	Firebase, Anthropic (library subset only)
G. Geolocation (coarse only)	Country/region code	Device locale setting (iOS/Android system)	Performing services (region-appropriate retailer-link rendering) — §1798.140(e)(2)	Not shared with third parties
K. Inferences	Taste profile, monthly snapshots, AI-generated insights	Derived by us and Anthropic from F-category data	Performing services (generating personalised recommendations) — §1798.140(e)(2)	Anthropic (taste-profile subset); DeepL (translated text only, no identifiers)

We do not collect categories B (protected classification), C (commercial purchase records beyond D), E (biometric), H (employment), I (education), or J (sensitive personal information beyond the limited inferences disclosed below).

Categories of sources (§1798.110(c)(2)). The categories of sources from which we collect each category above are: (i) directly from you when you interact with the Service; (ii) from your identity provider (Apple, Google) at sign-in; and (iii) derived by us or our AI sub-processor from data in categories (i)–(ii). We do not collect personal information from data brokers, public records, or affiliates.

Categories of third parties (§1798.115(c)(2)). The categories of third parties to whom we have disclosed personal information in the past 12 months are limited to our service providers and contractors listed in section 4 of this Policy, each of whom is bound by a written contract meeting the requirements of §1798.140(ag)(1)/(j)(1) and CCPA Regulations §7051.

Notice at collection (§1798.100(b); CCPA Regulations §7012). A short-form notice at collection is displayed on the BookInspire sign-up screen and at each point where a new category of personal information is collected (camera, microphone, photo library, mood text). The short-form notice lists the categories collected at that point, the purposes of collection, the retention period, and a link to this Policy.

No sale or sharing (§1798.120(c)). We have not sold or shared the personal information of any consumer, including any consumer whom we have actual knowledge is under 16 years of age, in the preceding 12 months, and we have no actual knowledge that we sell or share such information. The §1798.120(c) opt-in requirement is therefore not engaged.

No financial incentives (§1798.125). We do not offer financial incentives, price differences, or service-level differences in exchange for the collection, retention, sale, or sharing of personal information. The BookInspire+ subscription provides additional features (more recommendations, additional pick categories, deeper insights) but does not condition access on permitting any additional collection or use of personal information; the same data-protection terms apply to free-tier and BookInspire+ users.

Sensitive personal information (SPI). Under Cal. Civ. Code §1798.140(ae), certain inferences that reveal characteristics such as racial or ethnic origin, religious or philosophical beliefs, or similar may constitute SPI. Our taste-profile features (section 2.4) may incorporate user-selected preferences (such as "Hide Russian literature") and culture-of-origin signals derived from book metadata. We treat any such inferences as SPI for purposes of this notice.

We use SPI solely for the purposes permitted under CCPA Regulations §7027(m) — specifically §7027(m)(1) (to perform the services reasonably expected by the consumer who requested them), §7027(m)(4) (to verify or maintain the quality of the service), and §7027(m)(5) (short-term, transient use limited to the immediate interaction). Because our use falls entirely within §7027(m), we are not required to provide a "Limit the Use of My Sensitive Personal Information" link (CCPA Regs. §7014(j)).

You retain the right to access, correct, or delete SPI we hold about you under §1798.100, §1798.105, and §1798.106. To exercise any of these rights, email [email protected].

Aggregate consumer information. The counters described in section 2.10 are aggregate consumer information within the meaning of Cal. Civ. Code §1798.140(b) — they are not maintained in a manner that could reasonably identify any individual consumer. We do not attempt to reidentify them; recipients (none, presently) would be contractually prohibited from doing so.

Your rights:

Right to know what categories and specific pieces of personal information we have collected about you.
Right to delete personal information we have collected.
Right to correct inaccurate personal information.
Right to opt out of "sale" or "sharing" of personal information. We do not sell or share your personal information, nor have we done so in the past 12 months. No opt-out action is required from you.
Right to limit use of sensitive personal information. Except for the service-provision exception described above, we do not use SPI; the right to limit is not engaged.
Right to opt out of profiling for decisions that produce legal or similarly significant effects. Our taste-profile inferences power book recommendations only — no legal or similarly significant decisions are made.
Right to non-discrimination — we will not deny service, charge different prices, or provide lower service quality if you exercise these rights.

To exercise any of these rights, email [email protected]. We may verify your identity before responding by asking you to confirm your sign-in email and Firebase UID.

Authorized agents. Under Cal. Civ. Code §1798.130(a)(3) and the CCPA Regulations §7063, you may authorise an agent to submit requests on your behalf. The agent must provide (1) written authorisation signed by you, and (2) verification of the agent's own identity. We may contact you directly to confirm the agent's authority before responding.

Universal Opt-Out Mechanism / Global Privacy Control. Because BookInspire is a native mobile application with no in-app browser, the GPC signal as transmitted by web browsers is not technically applicable. Regardless of channel, where you communicate a Universal Opt-Out preference to us — by email to [email protected], in-app contact, or otherwise — we will treat it as an opt-out request and confirm in writing within 15 business days (CCPA Regs. §7026(f)). We do not sell or share personal information as those terms are defined in §1798.140(ad)/(ah), so no opt-out is required to comply with §1798.135.

California Shine the Light (Cal. Civ. Code §1798.83). We do not disclose personal information to third parties for their direct marketing purposes.

13.1.a Other US state privacy laws

If you are a resident of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Iowa, Delaware, New Hampshire, New Jersey, Tennessee, Minnesota, Maryland, Indiana, Kentucky, Rhode Island, or another US state with a comprehensive consumer privacy law, you have substantively equivalent rights:

access to personal data we maintain about you
deletion of personal data
correction of inaccurate personal data
portability (where applicable)
opt-out of targeted advertising, sale, or profiling for decisions with significant effects

We do not engage in targeted advertising, sale of personal data, or profiling for decisions with legal or similarly significant effects, so the opt-out rights of these statutes do not require any action on your part. Submit any state-law rights request to [email protected]. Where the state law (Colorado, Connecticut, Texas, Oregon, Montana, New Jersey, Delaware, Minnesota) requires us to honour Universal Opt-Out Mechanism signals, we treat any direct user request as such an opt-out request regardless of channel.

Sensitive-data opt-in (Connecticut, Colorado, New Hampshire 2027). Where the state law of your residence (including CTDPA §3(a)(2), CPA §6-1-1308(7), and from 1 January 2027 the New Hampshire Data Privacy Act §507-H:6) requires opt-in consent before processing sensitive data, you provide that consent affirmatively when you save a setting in-app that contributes to a sensitive inference (e.g. the "Hide Russian literature" toggle). You may withdraw that consent at any time by resetting the setting or by emailing [email protected], and we will purge the corresponding inference from your taste profile within 15 business days.

Profiling rights clarification (Colorado, Connecticut). Book-recommendation profiling does not produce legal or similarly significant effects under CPA §6-1-1303(10) / CTDPA §1(28) (no effect on employment, housing, financial services, healthcare, education, criminal justice, insurance, or essential goods/services), and accordingly the opt-out of profiling does not apply. If a future feature would change this analysis, this Policy will be amended before that feature ships.

Maryland Online Data Privacy Act (MODPA, effective 1 October 2025). For Maryland residents, we limit collection and processing of personal data to what is reasonably necessary and proportionate to provide the Service and the specific features you use, consistent with the MODPA data-minimization standard (Md. Code Ann., Commercial Law §14-4607(b)(1)).

Nevada SB 220 (NRS §603A.340). We do not sell "covered information" of Nevada residents.

13.2 United Kingdom

After the UK left the European Union, the UK retained GDPR rules with minor modifications (the "UK GDPR" plus the Data Protection Act 2018). Your rights in section 7 apply identically. The UK supervisory authority is the Information Commissioner's Office (ICO) — Wycliffe House, Water Lane, Wilmslow SK9 5AF; tel. 0303 123 1113; ico.org.uk/make-a-complaint.

Cross-border data transfers (UK GDPR Chapter V). Where we transfer your data from the UK to the United States:

Google LLC, Cloudflare Inc., Apple Inc. — these processors are self-certified to the DPF and have opted into the UK Extension to the EU-US Data Privacy Framework (UK-US Data Bridge designation under DPA 2018 s.17A, effective 12 October 2023), which is the lawful basis for these transfers.
Anthropic, PBC; RevenueCat; Functional Software (Sentry) — these processors are not (or not yet) DPF-certified for the UK Extension. Transfers to them are covered by the UK International Data Transfer Addendum (IDTA) to the EU Standard Contractual Clauses, supplemented by a Transfer Impact Assessment which is available on request to [email protected].

UK GDPR Article 27 representative. As of the policy's effective date BookInspire's UK user base is limited and processing is conducted by a sole-trader controller; we do not maintain a separately appointed UK representative. UK users may contact the data controller directly at [email protected], and we commit to responding within UK GDPR statutory timelines. We will appoint a UK representative if our UK user base grows materially or if requested to do so by the Information Commissioner's Office.

Children's Code (Age Appropriate Design Code, DPA 2018 s.123). BookInspire is rated 13+ on the App Store and is "likely to be accessed by children" within the meaning of the Children's Code. We address the Code's standards as follows:

Standard 1 (Best interests of the child) — our design choices are made with under-18 users' best interests as a primary consideration; we maintain an internal record of how the standards below are implemented.
Standard 2 (DPIAs) — we maintain a children's Data Protection Impact Assessment (DPIA), reviewed at least annually and whenever there is a material change to processing.
Standard 3 (Age-appropriate application) — see section 9.1 for our age-band protections.
Standard 4 (Transparency) — this policy and our in-app notices are written in plain language; younger users can understand them.
Standard 5 (Detrimental use of data) — we do not use children's data in ways the Code prohibits (advertising profiling, behavioural manipulation).
Standard 6 (Policies and community standards) — we uphold the commitments in this Privacy Policy and the Terms of Service. Where we discover a violation by a user (e.g. an under-13 sign-up), we act in accordance with the procedure in section 9. Internal access to under-18 user data is restricted to the data controller and follows a written child-data-handling protocol.
Standard 7 (Default settings) — privacy settings default to the highest level of protection.
Standard 8 (Data minimisation) — we collect only what is necessary to provide book recommendations (section 2).
Standard 9 (Data sharing) — sharing is limited to the processors listed in section 4 and only what they need to operate.
Standard 10 (Geolocation) — we do not collect precise geolocation. The coarse country/region code (section 2.6) is derived from the device locale (an iOS-level user preference), not from GPS or IP geolocation, and is used only for retailer-link rendering. It is not "geolocation tracking" within the meaning of Standard 10.
Standard 11 (Parental controls) — we recommend iOS Family Sharing / Screen Time / Google Family Link for parental supervision; we do not silently override these controls. Where a parent or guardian configures Family Sharing / Screen Time, we cannot see what they configure; we receive no parental-monitoring signals from Apple/Google.
Standard 12 (Profiling) — generating recommendations involves automated profiling within the meaning of UK GDPR Art. 4(4). This profiling is necessary for the core function of the app (without it, recommendations cannot be personalised) and is not used for marketing, advertising, or any decision that affects you outside of the recommendation itself. For users aged 13–17, you can see your current taste profile and reset it at any time in Settings → Taste profile → Reset.
Standard 13 (Nudge techniques) — we do not currently use streaks, leaderboards, social pressure, or compulsive-use mechanics. Any future addition will be preceded by a Privacy Policy update (see section 9.1).
Standard 14 (Connected toys/devices) — not applicable; BookInspire is a standalone app.
Standard 15 (Online tools) — younger users can exercise their data-protection rights via [email protected]; a parent or guardian may submit a request on their behalf using the procedure described in section 7.

Online Safety Act 2023 (OSA) scoping. Under s.3(1) OSA, a "user-to-user service" requires that user-generated content be made available to other users of the service. BookInspire stores user-generated content (book classifications, comments, library entries) privately — it is not shared with or made available to other users (see PP §4 and §9.2). On this basis BookInspire is not a user-to-user service within the meaning of the OSA, and the children's access assessment, illegal-content duties, and BOSE expectations applicable to user-to-user services do not apply. We have also reviewed our position under OSA s.4 (search service) and confirm BookInspire is not a search service within that meaning — AI recommendations are not search results returned in response to a user query but personalised editorial-style suggestions. We maintain an internal scoping record of this analysis and will re-scope it if the Service introduces user-input search of public web indexes.

Consumer Contracts Regulations 2013, reg. 37(1)(a). For UK consumers, the withdrawal-waiver for digital content is provided under reg. 37(1)(a) of the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013, with the express consent and acknowledgement-of-loss-of-right described in ToS §5.5.

13.3 Ukraine

Processing of personal data of Ukrainian residents is governed by the Law of Ukraine "On Personal Data Protection" No. 2297-VI of 1 June 2010 (as amended).

You have the right to: receive information about who processes your data and why; access your personal data; correct it; demand its erasure if it is being processed in violation of the law; revoke consent.

Legal basis for processing. Under Art. 11 of Law No. 2297-VI, our basis is performance of the contract between you and the controller — by signing up and using BookInspire you enter into an agreement that requires us to process the personal data described in section 2 in order to provide the service.

Cross-border transfer to the United States. Under Art. 29 of Law No. 2297-VI, transfers to states whose level of personal-data protection has not been recognised as adequate (including the United States) require one of the bases listed in Art. 29(4). We rely on Art. 29(4)(2) — necessity for the performance of the contract between you and the controller (delivering the BookInspire service requires our US-based sub-processors to host and process data; the contract cannot be performed otherwise). The list of US-based sub-processors and the safeguards applied to those transfers is in section 5.

To exercise your rights, write to [email protected]. Requests may be submitted in Ukrainian, Russian, Polish, or English. The supervisory authority is the Ukrainian Parliament Commissioner for Human Rights (Ombudsperson) — Secretariat for Personal Data Protection. The data controller is established in Poland; BookInspire processes the personal data of Ukrainian residents from there.

13.4 Belarus

Processing of personal data of users located in the Republic of Belarus is governed by the Law of the Republic of Belarus No. 99-Z of 7 May 2021 "On the Protection of Personal Data".

Legal basis for processing — Art. 6(2)(6) of Law No. 99-Z (processing necessary for the performance of a contract to which the data subject is a party). By signing up to BookInspire and using the Service, you enter into an adhesion contract with us, the performance of which requires processing of the personal data described in section 2. This basis does not require a separate written consent.

Minors in Belarus. The minimum age for registration in BookInspire is 13, as for all other users (see section 9). Additionally, due to the civil-law capacity rules under Belarusian law (Articles 25 and 27 of the Civil Code of the Republic of Belarus — persons under 14 lack capacity; persons aged 14–18 have limited capacity and may enter transactions beyond minor everyday transactions only with the written consent of a legal representative), the following additional requirements apply for users in Belarus:

13 years old (i.e. under 14) — use of the Service is only possible with the written consent of a legal representative;
14–17 years old — both your own consent and the written consent of your legal representative are required for use of the Service and (separately, for the BookInspire+ subscription, as it exceeds minor everyday transactions) for the purchase of the subscription.

Your rights (Art. 10–15 of Law No. 99-Z):

Receive information about the operator and the processing of your data (Art. 11)
Access your personal data (Art. 11)
Demand modification or correction (Art. 13)
Demand cessation of processing and deletion (Art. 14)
Withdraw consent if given for a specific kind of processing (Art. 12)
Appeal the operator's act or omission to the National Centre for Personal Data Protection of the Republic of Belarus or to a court (Art. 15)

Response timing (Law No. 99-Z): 15 days from receipt of a request — for requests for information and access to data (Art. 11), demands for modification (Art. 13), cessation of processing and deletion (Art. 14), and withdrawal of consent (Art. 12). These deadlines take precedence over the general 30-day window in section 7 for users in Belarus.

Cross-border data transfer. Under Art. 9 of Law No. 99-Z:

Germany (where DeepL SE is located) is on the list of states providing an adequate level of personal-data protection, established by Resolution of the Council of Ministers of the Republic of Belarus of 15 March 2023 No. 175. Transfers to Germany are made on the basis of Art. 9(2)(1) of Law No. 99-Z and do not require a separate consent.
United States (Apple, Google/Firebase, Anthropic, RevenueCat, Sentry, Cloudflare) — the US is not on the above list. Transfers to the US are made on the basis of Art. 9(3)(6) of Law No. 99-Z — necessity for the performance of a contract to which the data subject is a party: delivering the BookInspire Service to a specific user is technically impossible without transferring the necessary minimum data to our authorised entities in the US. The contract cannot be performed without this transfer.

Risk disclosure of cross-border transfer to the United States (required by Art. 9 of Law No. 99-Z): the level of protection in the US differs from that in Belarus:

US government authorities may request data without notifying the data subject (e.g. under FISA 702 or Executive Order 12333).
Judicial-redress options for non-US residents are limited.
Remedies equivalent to those under Belarusian law are not fully available.

If you do not agree with cross-border transfer of your data to the US, the only way to stop it is to delete your account through Settings → Delete account. After deletion, transfer of data associated with your account ceases (see procedure in section 6).

Contracts with authorised entities (Art. 7(2) of Law No. 99-Z). The processors listed in section 4 (referred to using the GDPR term "processor"), within the meaning of Law No. 99-Z, are "authorised entities" (Art. 1 of Law No. 99-Z); these terms are used interchangeably in this Policy. Each (Anthropic, Google/Firebase, RevenueCat, Sentry, Cloudflare, DeepL) acts under a written Data Processing Agreement specifying the scope of processing actions, purposes, mandatory data-security measures, and party liabilities. Copies of standard processing terms are available on request to [email protected].

Person responsible for internal control of personal-data processing (Art. 8(3) of Law No. 99-Z): Aliaksandr Lutsevich, sole proprietor, ul. Skierniewicka 34A/24, 01-230 Warszawa, Poland; email: [email protected]. The same contact is used for communication with the National Centre for Personal Data Protection and for data-subject requests.

Breach notification (Art. 17 of Law No. 99-Z). If we become aware of a breach of the personal-data protection system, we will notify the National Centre for Personal Data Protection of the Republic of Belarus immediately, but no later than three working days from the day we became aware of the breach (Art. 17(2) of Law No. 99-Z); affected data subjects will be notified without undue delay in the manner prescribed by the Centre (Art. 17(4) of Law No. 99-Z).

Source of data: personal data is collected directly from you when you sign up and use the app.

Supervisory authority — National Centre for Personal Data Protection of the Republic of Belarus (Национальный центр защиты персональных данных Республики Беларусь), 220012, Minsk, ul. Platonova 22; phone +375 17 270-95-43; [email protected]; cpd.by. You may file a complaint with the Centre or apply to a court at your place of residence (Art. 15 of Law No. 99-Z; Art. 47 of the Civil Procedure Code of the Republic of Belarus).

13.5 Australia

Voluntary opt-in (s 6EA). Although BookInspire's annual turnover is below the AU$3 million small-business threshold under s 6D of the Privacy Act 1988 (Cth) and we would otherwise be exempt, we opt in under s 6EA to treat ourselves as an "APP entity" for the purposes of the Act in relation to all personal information of Australian users. This opt-in takes effect from the effective date of this Privacy Policy and continues until we publish a superseding policy that expressly revokes it (we have no intention of doing so). We do not "trade in personal information" within the meaning of s 6D(4) of the Privacy Act: our affiliate links (section 4.1) transmit no personal data to retailers; commission is paid for purchases, not for disclosure of information.

Australian users are protected by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APP). This policy is published free of charge at bookinspire.app/privacy (APP 1.4). Your rights described in section 7 apply, with the additional Australia-specific commitments below.

Cross-border disclosure (APP 8 / APP 1.4(g)). As described in sections 4–5, we disclose your personal information to overseas recipients located in the following countries:

United States — Google LLC (Firebase: Authentication, Firestore, Cloud Functions, Cloud Messaging — us-central1 region; Google Books API; Sign in with Google), Apple Inc. (Sign in with Apple), Anthropic PBC, RevenueCat Inc., Functional Software Inc. (Sentry).
Germany (EU) — DeepL SE.
Cloudflare, Inc. (controlling entity incorporated in the United States) — operates a global anycast network for inbound email routing of [email protected] and security-edge functions. Routing is determined dynamically by latency; in normal operation, traffic from Australian users is processed in Cloudflare data centres in Australia (Sydney, Melbourne, Perth, Brisbane), Singapore, the United States, the United Kingdom, Germany, France, the Netherlands, Ireland, Japan, and India. A current data-centre country list is published at cloudflare.com/network and is available on request from [email protected].
Sentry may also process data in EU points-of-presence (Frankfurt, Germany) depending on routing.

If you require an up-to-date country list for a specific processor, write to [email protected]. We take reasonable steps under APP 8 to ensure these recipients comply with APP-equivalent protections via contractual safeguards (Standard Contractual Clauses, EU-US Data Privacy Framework where applicable). We remain accountable under s 16C of the Privacy Act for any acts or practices of our overseas recipients that would breach the APP if performed by us.

Notification at collection (APP 5). At sign-up and at each permission prompt we present a short-form notice that includes the matters in APP 5.2:

(a) our identity and contact details — Aliaksandr Lutsevich, sole proprietor, Poland; [email protected];
(b) the fact and circumstances of collection;
(c) whether collection is required or authorised by law (not generally for AU users; Polish tax records are retained under Polish Tax Ordinance Art. 86);
(d) the purposes of collection (account creation, library storage, recommendation generation — see section 3);
(e) the main consequences if all or some information is not collected (you cannot create an account or use the relevant feature);
(f) the entities or kinds of entities to which we usually disclose the information (the sub-processors listed in section 4);
(g) that, where personal information is collected from a third party rather than from you — specifically, your email address, display name, and (Google only) profile photo URL supplied by Apple or Google at sign-in — that information was collected from your identity provider;
(h) that this Privacy Policy contains information about how to access and correct your personal information and how to complain about a privacy breach;
(i) that we are likely to disclose personal information to overseas recipients; and
(j) the countries in which those recipients are likely to be located — see the country list in the "Cross-border disclosure" paragraph above.

We retain dated screenshots of each version of these notices for OAIC review on request.

Anonymity and pseudonymity (APP 2). Because the Service requires a persistent account to store your library and generate personalised recommendations, anonymous or pseudonymous use is not practicable within the meaning of APP 2.2(b).

Sensitive information (APP 3.3). Some user-selected preferences — particularly the "Hide Russian literature" toggle, and to a lesser extent reading preferences that may correlate with cultural, political, or religious interests — we treat as sensitive information within the meaning of s 6(1) of the Privacy Act, applying the heightened protections required by APP 3.3 and APP 6.2(c). We collect such preferences only with your express consent (you actively select the toggle) and use them solely to filter your book recommendations. We retain a record of when you toggled the preference; you may withdraw consent at any time by toggling it off, in which case the corresponding inference is purged from your taste profile within 15 business days. We do not infer your political, religious, or ethnic affiliation, and we do not disclose this data to any third party other than the AI sub-processor named in section 4 for the purpose of generating your recommendations.

Direct marketing and retention messages (APP 7 + Spam Act 2003). We do not send marketing for third parties. We send the following first-party messages:

Transactional emails via Firebase Authentication (email verification, password reset, subscription receipts) — necessary to perform the contract; not "commercial electronic messages" within the meaning of the Spam Act 2003 (factual information exception, Schedule 1 cl. 2).
Retention push notifications (e.g. "new picks ready") — sent to the FCM device token, which you may disable at any time in your device Settings (iOS: Settings → Notifications → BookInspire; Android: Settings → Apps → BookInspire → Notifications) or in-app under Settings → Notifications.
In-app subscription reminders — shown only inside the app. You may opt out by emailing [email protected], in which case we will continue to display only the legally required pre-renewal disclosures.

For APP 7.2(c), the unsubscribe channels above constitute the "simple means" to opt out; for Spam Act s 18 functional unsubscribe, any commercial electronic message we send includes a one-click unsubscribe link.

Data quality (APP 10). We take reasonable steps to keep your personal information accurate, up-to-date, and complete. You can review and edit your library, taste profile, and preferences at any time within the app.

Security (APP 11). See section 8 for our security practices. Inactive accounts. If your account has had no sign-in activity for 24 consecutive months, we will send a reactivation email; if you do not sign in within a further 60 days, we will delete the account and all associated personal information following the procedure in section 6 (APP 11.2 — destruction or de-identification when no longer needed).

Access (APP 12). We will respond to access requests within 30 calendar days. We will not charge you for making an access request (APP 12.7). For complying with the request, we may charge a fee that is not excessive and that does not apply to the request itself (APP 12.8); we will give you a written cost estimate and obtain your consent to the charge before incurring it. We do not anticipate charging fees in ordinary cases. If we refuse access on a ground permitted by APP 12.3, we will give you written reasons (APP 12.9) and information about how to complain to the OAIC, and on request will consider using a mutually agreed intermediary (APP 12.10).

Correction (APP 13). On request, or on our own initiative if we become aware information is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will correct it within 30 days at no cost. If we refuse, we will give written reasons (APP 13.3) and, on request, take reasonable steps to associate a statement with the record noting that you consider it inaccurate (APP 13.4).

Complaint — first to us at [email protected]; if unresolved, to the Office of the Australian Information Commissioner (OAIC), GPO Box 5288, Sydney NSW 2001; phone 1300 363 992; oaic.gov.au.

Notifiable data breaches (Part IIIC, ss 26WA–26WT Privacy Act). Where we suspect a data breach may be an "eligible data breach" within the meaning of s 26WE, we will undertake a reasonable and expeditious assessment, taking all reasonable steps to complete it as soon as practicable and in any event within 30 days (s 26WH). If we form the reasonable view that an eligible data breach has occurred, we will: (a) prepare a statement under s 26WK containing our identity and contact details, a description of the breach, the kinds of personal information involved, and recommendations about the steps the affected individual should take in response; (b) provide that statement to the OAIC under s 26WL(1) as soon as practicable via the OAIC's approved form; and (c) notify affected individuals under s 26WL(2) by the method most likely to reach them (email and/or in-app push), or, where direct notification is not practicable, publish the statement on the BookInspire website (s 26WL(2)(c)) and take reasonable steps to publicise it.

ACL pricing (cross-reference to ToS §5.2). All prices displayed to Australian users are in Australian dollars and include GST where applicable; Apple acts as the merchant of record and remits GST to the Australian Taxation Office.

14. Contact us

If anything in this policy is unclear, or if you want to exercise any of your rights, write to:

Aliaksandr Lutsevich ul. Skierniewicka 34A/24, 01-230 Warszawa, Poland [email protected]

We will get back to you within 30 days.

This is version 1.0 of the BookInspire Privacy Policy, effective 12 May 2026.