Privacy Policy

1. Introduction

BookSparker Ltd ("BookSparker," "we," "us," or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our website at booksparker.com and all related services (the "Service").

We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and the Data Protection Act 2018.

By using BookSparker, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use our Service.

2. Data We Collect

2.1 Account and Profile Data

• Account credentials: Email address, password (hashed and salted by Supabase Auth), account role (author or reader), email verification status.
• Profile details: Display name, author or pen name, profile picture, biography, website, genres you write in, social links.
• Authentication tokens: Session tokens used to keep you signed in.
• Affiliate referral code: If you arrived via an affiliate link, the referring affiliate code is stored on your profile so we can attribute commission correctly.

2.2 Information from Social Login

When you sign up or sign in using Google, we receive:

• Your email address.
• Your name.
• Your profile picture, where available.
• A unique identifier issued by the social provider.

We do not receive or store your social account password, friends list, contacts, or posts.

2.3 Email Verification and Password Reset

To verify your email address, we send a confirmation link to the address you provided. Clicking that link confirms ownership and activates your account. If you request a password reset, we send a one-time link that expires after a short period. We log the timestamp of these events for security and abuse prevention.

2.4 Book and Content Data

• Book files: PDF, EPUB, MOBI, or other manuscript files you upload.
• Book metadata: Titles, subtitles, descriptions, categories, genres, series, ASINs or external retailer links, publication status, pricing.
• Cover images and assets: Cover artwork, promotional images, and other media you upload.
• Landing pages: Reader magnet pages, universal book links, and any custom copy you publish through the Service.

All uploaded files are scanned for viruses and malicious content before being made available. Files are stored on Cloudflare R2; private files (such as full manuscripts) are kept in a private bucket and only delivered through authenticated, signed URLs.

2.5 Mailing Provider Connection Data

When you connect your mailing list provider (such as MailerLite) to BookSparker, you authorise us to access certain information from your provider account using the API key you supply. We may read:

• Your subscriber count and total list size.
• The names and metadata of your subscriber lists, segments, and groups.
• Aggregate campaign statistics such as send dates, open rates, and click rates.
• Custom field definitions, automation names, and webhook configurations.
• Whether a specific email address has received a specific campaign (used to confirm that a swap obligation has been fulfilled).

We do not download, copy, or store your subscriber email addresses on BookSparker. We do not send messages to your subscribers on your behalf without your explicit instruction. Your API key is encrypted at rest and is used solely to perform the actions you have authorised.

You can disconnect your mailing provider at any time from your account settings. When you disconnect, we revoke and delete the stored API key.

2.6 Swap, Group Promotion, and Messaging Data

• Swap activity: Books offered for swap, scheduled send dates, swap partners, swap status, and confirmation records (including verification queries made to your mailing provider to confirm a campaign was sent).
• Group promotion participation: Promotions you create or join, the books and dates you contribute, application and approval status, and edit requests.
• Paid promotion data: Slots purchased or sold, payment status, payouts, and confirmation records.
• Messages: Communications you send through the platform to other users, including swap negotiation and group promotion coordination.
• Notifications and saved alerts: Preferences for which events trigger emails or in-app notifications.

2.7 Payment and Payout Data

Payments and payouts are processed by Stripe and Stripe Connect Express. We do not store full card numbers, CVV codes, or bank account numbers on our servers. From Stripe we receive and store:

• Stripe customer and account identifiers.
• Subscription status, plan, billing cycle, and renewal dates.
• Invoice history and payment status.
• The last four digits and brand of payment cards used, for receipts and dispute handling.
• Connected-account onboarding status for sellers receiving payouts.

Stripe's own collection and use of your data is governed by the Stripe Privacy Policy.

2.8 Support and Inbound Email Data

When you email our support addresses or reply to a transactional email, the message is fetched from our mail provider (Purelymail) into our support ticketing system. We store the sender address, subject, message body, attachments, and any conversation history so we can respond and keep a record of the issue. Support staff with the appropriate role can read these tickets.

2.9 Information Collected Automatically

• Usage data: Pages visited, features used, clicks, downloads, swap and promotion activity.
• Device data: Browser type and version, operating system, screen size, and device type.
• Log data: IP address, access times, referring URLs, request paths, and response codes, retained for security, debugging, and rate limiting.
• Cookies and similar technologies: See Section 9 for full details.

3. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases:

4. How We Use Your Data

• To create, authenticate, secure, and manage your account.
• To process subscriptions, paid promotions, and seller payouts.
• To enable core platform features: book uploads, reader magnet delivery, landing pages, newsletter swaps, group promotions, paid swaps, messaging, and saved alerts.
• To match authors with appropriate swap or group promotion partners using your stated genre, list size, and availability.
• To verify swap fulfilment by querying your connected mailing provider, on your instruction, to confirm that an agreed campaign was sent.
• To send transactional emails, including email verification, password resets, swap notifications, group promotion updates, billing receipts, and reminders.
• To send optional marketing or product update emails, only where you have opted in.
• To answer your support requests through our ticketing system.
• To detect and prevent fraud, abuse, and Terms violations.
• To improve the Service through aggregated, anonymised analytics.
• To meet our legal, tax, accounting, and regulatory obligations.

5. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. We share data only in these limited circumstances:

5.1 Service Providers (Processors)

We use trusted third-party services to operate the platform. Each is contractually bound to process data only on our instructions:

• Supabase (database and authentication): stores account, profile, content, and application data.
• Cloudflare (hosting, CDN, DDoS protection): serves the website, delivers public assets, and provides edge security.
• Cloudflare R2 (object storage): stores your uploaded book files, covers, and other assets.
• Stripe and Stripe Connect (payment processing and payouts): handles all card data, subscriptions, paid promotions, and seller payouts.
• Resend (outbound transactional email): delivers account, swap, and notification emails to your inbox.
• Purelymail (inbound mailbox provider): hosts our support inboxes; messages you send to our support addresses are pulled into our ticketing system.
• Sentry (error and performance monitoring): receives error reports, request metadata, and limited identifying information so we can diagnose problems. Personally identifiable information may appear in error context.
• Upstash (rate limiting): tracks short-lived request counters by IP or account to prevent abuse.
• File scanning service: scans uploaded files for viruses and malicious content.

5.2 Mailing Provider APIs

When you connect a mailing provider account, BookSparker acts as a client of that provider's API on your behalf. Data flows from your provider to us according to the scopes you grant. We do not share your BookSparker account data with the provider beyond the API requests required to perform actions you initiate.

5.3 Other Users on the Platform

BookSparker is, by design, a collaboration platform. Certain information is visible to other users when relevant to a feature you use:

• Your author name, profile picture, biography, genres, and approximate mailing list size are visible to potential swap and group promotion partners.
• Books you list for swap, group promotion, or paid promotion are visible to participating authors, including their titles, covers, descriptions, and links.
• Messages you send through the platform are visible to the recipient and to BookSparker staff investigating reports of abuse.
• Group promotion organisers can see the list of applicants, their books, and their stated list size.

5.4 Affiliate Partners

If you sign up through an affiliate link, the affiliate may see aggregate, anonymised conversion statistics (such as the number of sign-ups and qualifying purchases) attributed to their code. Affiliates do not see your name, email address, or account details.

5.5 Legal Requirements and Business Transfers

We may disclose your data if required by law, regulation, legal process, or governmental request, or where we reasonably believe disclosure is necessary to protect the rights, property, or safety of BookSparker, our users, or the public. If BookSparker is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, subject to the protections described in this Policy.

6. International Data Transfers

Some of our service providers process data outside the UK and the European Economic Area (EEA). When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission and the UK's addendum.
• Adequacy decisions where the recipient country has been deemed to provide adequate data protection.
• Data processing agreements with all third-party processors.

7. Data Retention

• Account data: Retained while your account is active and for up to 30 days after deletion to allow recovery.
• Content data: Deleted when you remove the content or close your account.
• Mailing provider API keys: Stored only while the integration is connected; deleted on disconnect or account closure.
• Swap and group promotion records: Retained while your account is active so partners can verify history; anonymised on closure.
• Payment and tax records: Retained for up to 7 years as required by tax and financial regulations.
• Support tickets: Retained for up to 3 years for quality and legal purposes.
• Server and security logs: Retained for up to 90 days.
• Error monitoring data: Retained according to Sentry's default retention (typically 90 days).

8. Analytics, Marketing, and Tracking

We use a small, defined set of analytics and marketing tools to understand how the Service is used, measure our advertising, and improve the product.

8.1 Error and Performance Monitoring

We use Sentry to capture application errors and performance traces. This may include your user identifier, IP address, the URL and parameters of the failing request, the browser and device you were using, and a stack trace. We use this data only to diagnose and fix problems. Error monitoring is treated as a strictly necessary function and runs regardless of consent.

8.2 Affiliate Click Tracking

When a visitor arrives via an affiliate link, we record the affiliate code and a timestamp, and set a first-party cookie so we can attribute commission if the visitor later signs up. We rate limit affiliate clicks per IP to prevent abuse. We do not use this cookie for advertising or behavioural profiling.

8.3 Product Analytics and Session Replay (PostHog)

We use PostHog to understand how visitors and signed-in users move through the site, where they get stuck, and which features are used. PostHog records pageviews, clicks, custom events, and session replays. Replays mask password and email inputs by default. PostHog data is hosted in the European Union (Frankfurt). PostHog only loads after you grant analytics consent (visitors outside the EU/EEA + UK + Switzerland are presumed to consent under their local rules; you can change your decision at any time via Cookie Settings).

8.4 Google Analytics 4 and Google Ads

We use Google Analytics 4 to measure traffic, acquisition sources, and conversions, and we share conversion events with Google Ads so the platform can optimise our advertising. Google Analytics is loaded through Google Tag Manager and uses Google Consent Mode v2: until you grant analytics or marketing consent, requests are sent in an anonymised form (no cookies set, IP truncated). Google may transfer data to the United States under Standard Contractual Clauses.

8.5 Meta Pixel and Conversions API

We use the Meta Pixel and the Meta Conversions API to measure the performance of advertising on Facebook and Instagram, and to feed conversion events back to Meta so its ad-bidding can optimise toward genuine signups and purchases. The Conversions API sends a small set of hashed identifiers (such as a SHA-256 hash of your email address and your user ID) server-side. The browser Pixel only loads after you grant marketing consent. Meta may transfer data to the United States under Standard Contractual Clauses.

8.6 Tag Management (Google Tag Manager)

The tools above are loaded via a Google Tag Manager container. GTM itself does not collect personal data; it is a delivery mechanism that respects the consent state we set before loading any tag.

8.7 Your Choices

Visitors from the EU, EEA, UK, and Switzerland see a cookie banner on first visit and can accept all, reject non-essential, or customise per category (Analytics and Marketing). Your decision is remembered in your browser's local storage and is not re-prompted unless we materially update the categories. You can change your decision at any time using the Cookie Settings link in the site footer.

Visitors outside those regions do not see the banner by default, on the basis that this tracking is permitted under their local rules. You may still adjust your preferences using the Cookie Settings link.

8.8 Marketing Emails from BookSparker

We may occasionally send product updates, newsletter content, or promotional offers about BookSparker. These messages are only sent where you have opted in, or where they relate directly to features of the account you hold. Every marketing email contains an unsubscribe link, and you can update your notification preferences at any time in your account settings.

9. Cookies and Local Storage

9.1 Strictly Necessary

• Authentication cookies: Maintain your signed-in session.
• Security cookies: Protect against cross-site request forgery and other attacks.
• Preference cookies and local storage: Remember settings such as billing cycle, layout choices, and dismissed banners.
• Affiliate referral cookie (affiliate_ref): First-party, expires in 30 days, used to attribute commission.
• Geo and consent cookies (bs_country, bs_is_eu): First-party, expire in 7 days, used to decide whether to show the cookie banner.
• Consent decision (bs_consent_v1 in local storage): Records your choices so we don't re-prompt you.
• Admin session cookie: For staff signed in to the admin area, a first-party session cookie with a short lifetime.

9.2 Analytics (loaded with your consent)

• PostHog cookies and local storage: Identify your session and the device used so behaviour can be aggregated and replayed.
• Google Analytics cookies (_ga, _ga_*): Distinguish visitors and sessions.

9.3 Marketing (loaded with your consent)

• Meta Pixel cookies (_fbp, _fbc): Identify visitors who clicked a Meta ad and measure ad performance.
• Google Ads conversion cookies: Set by Google to attribute paid clicks to conversions.

You can control cookies at any time through your browser settings or via the Cookie Settings link in the footer. Disabling strictly necessary cookies will prevent the Service from functioning properly.

10. Affiliate Program

BookSparker operates an affiliate program. If you join as an affiliate, we collect the information needed to attribute referrals and pay commission, including your contact details, payout details, click and conversion records, and tax-related information where required by law.

If you visit BookSparker through an affiliate link, the affiliate code, click timestamp, and limited request information (such as IP address for rate limiting) are recorded. The affiliate themselves only sees aggregate, anonymised performance metrics for their code; they do not see your identity.

11. Your Rights (GDPR)

Under the UK GDPR and EU GDPR, you have the following rights:

• Right of access (Art. 15): Request a copy of the personal data we hold about you.
• Right to rectification (Art. 16): Request correction of inaccurate or incomplete data.
• Right to erasure (Art. 17): Request deletion of your personal data (the "right to be forgotten").
• Right to restrict processing (Art. 18): Request that we limit how we use your data.
• Right to data portability (Art. 20): Request your data in a structured, machine-readable format.
• Right to object (Art. 21): Object to processing based on legitimate interest, including direct marketing.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email us at privacy@booksparker.com. We will respond within 30 days, or within the timeframe required by applicable law.

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk.

12. Account and Data Deletion

13. Children's Privacy

BookSparker is not intended for individuals under 18 years of age. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected personal data from a minor, we will take steps to delete that data promptly. If you believe we have inadvertently collected data from a minor, please contact us immediately.

14. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

• Encryption of data in transit (TLS / HTTPS) and at rest.
• Secure password hashing provided by Supabase Auth.
• Encryption of stored mailing provider API keys.
• Row-level security policies on database tables.
• Rate limiting and abuse-prevention mechanisms.
• Virus scanning of all uploaded files.
• Signed URLs for private file delivery.
• Content Security Policy and other hardening HTTP headers.
• Regular security reviews of our infrastructure and code.

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data to the best of our ability.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or an in-app notice at least 14 days before they take effect. The "Last updated" date at the top of this page indicates when the policy was last revised. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

16. Contact Us

If you have questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us: