Privacy Policy

Your Privacy Rights (GDPR)

As a user in the European Union, you have specific rights under the General Data Protection Regulation (GDPR):

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Portability: Export your data in a machine-readable format
• Right to Object: Opt-out of certain data processing activities

Contact support@bookcircle.app to exercise these rights.

What Data We Collect

Account Information:

• Name and email address
• Password (stored encrypted with bcrypt; not applicable for Google OAuth users)
• Profile image (only if you sign in with Google, provided by Google)

Platform Data:

• Locations you add (city, country, optional postal code)
• Books you list, including descriptions and cover images
• Messages sent through book request threads
• Notification and email preferences
• Subscriptions to book waiting lists

Technical Data:

• IP address and device information (collected by hosting provider)

Why We Collect Data

We collect and process your data for the following purposes:

• Service Provision: Enable book lending, giving, and exchange between users
• Authentication: Verify user identity via email/password or Google OAuth
• Communication: Facilitate messaging between users and send email notifications about book requests, messages, and availability
• Location Services: Display books on the map and calculate distances to nearby books
• Legal Compliance: Meet regulatory requirements and resolve disputes

Data Sharing & Third Parties

We do not sell your personal data. We share data with the following third-party services only as necessary to operate the Platform:

• Google OAuth: If you sign in with Google, we receive your name, email, and profile image from Google
• Nominatim (OpenStreetMap): Your city and country data is sent to Nominatim for geocoding (converting locations to map coordinates)
• Open Library API: ISBN numbers are sent to Open Library to fetch book metadata
• Resend: Your email address is used to send transactional notifications (book requests, messages, availability alerts)
• Neon (PostgreSQL): All platform data is stored in a Neon-hosted database in the EU
• Vercel: The application is hosted on Vercel, which processes HTTP requests
• Other Users: Your name, book listings, and locations are visible to other users as part of the service
• Legal Authorities: When required by law or to protect user safety

Cookies

We use only essential cookies required for the Platform to function:

• Session Cookie: Maintains your authenticated session
• Locale Preference: Remembers your language setting

We do not use analytics, advertising, or tracking cookies.

Data Retention

• Active Accounts: Your data is retained while your account is active
• Account Deletion: You may request account deletion at any time by contacting support@bookcircle.app
• Legal Requirements: Some data may be retained longer if required by law

Contact & Data Rights

For privacy-related inquiries, data access requests, or to exercise your GDPR rights:

Email: support@bookcircle.app

If you're not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.