Booqly Get the app
Legal

Privacy Policy

Last updated · 25 May 2026

Data controller

Dr. Sven-Eric Molzahn
Lommelstrasse 1, 85101 Lenting, Germany
Email: sven-eric@molzahn-software.de

The short version

Booqly respects your reading. We don't sell your data. We don't run third-party analytics SDKs. We don't show ads. Your library lives in our Supabase backend (EU region) and on your device.

From your account

When you sign in we store: your email address (used for magic-link sign-in), a generated user UUID, your handle and optional display name, and an optional avatar image if you upload one.

Legal basis: performance of contract (Art. 6(1)(b) GDPR) — we need this data to provide the service you signed up for.
Retention: kept while your account exists. Deleted within 30 days of an account-deletion request; encrypted backups roll off within 90 days.

From your reading

The books you've added, started, and finished, plus any highlights or notes — so the library syncs across your devices and so social features (the feed, read-together sessions) can work. Export at any time as CSV or JSON from Settings → Export your library.

Legal basis: performance of contract (Art. 6(1)(b) GDPR).
Retention: same as account data above.

Shelf scanning (optional)

If you use the shelf-scan feature, the photo you took is sent to Anthropic (Claude API, USA) via our Supabase Edge Function to identify the books in it. Anthropic does not retain the image beyond the request. We log a timestamp + a thumbnail (stored only on your device) + a scan counter (server-side, to enforce the per-user quota). We never retain the original photo on our server.

Legal basis: consent (Art. 6(1)(a) GDPR) — you actively choose to scan.
Retention: the image is not stored. The scan counter is kept while your account exists.

Newsletter (optional)

If you submit your email on the landing page, we store: your email address, a UUID confirmation token, a UUID unsubscribe token, the timestamp of signup and confirmation, and the IP + browser user-agent of the device that confirmed (for GDPR-compliant proof of consent). We use this only to send the one Booqly launch announcement. List storage: Supabase. Email sending: Brevo (EU-based, Paris). Every email contains an unsubscribe link.

Legal basis: consent (Art. 6(1)(a) GDPR), confirmed via double opt-in.
Retention: kept until you unsubscribe. Unsubscribed rows are flagged and deleted after 30 days.

Analytics (website only)

If you accept analytics via the cookie banner, we load Vercel Analytics in cookieless mode on thebooqly.com to count page views. No cookies, no advertising identifiers, no cross-site tracking. If you reject, no analytics script is loaded.

Legal basis: consent (Art. 6(1)(a) GDPR).
Retention: Vercel retains aggregated, non-personal page-view data for up to 12 months.

What we don't collect

  • No advertising identifiers, no fingerprinting.
  • No precise location, no contacts, no photo library access beyond what you actively pick.
  • No reading data shared with publishers, marketers, or model trainers.

Third-country transfers

Some sub-processors are based outside the EU:

  • Anthropic (USA) — receives shelf-scan images only when you trigger a scan. Transfer safeguard: EU Standard Contractual Clauses (SCC) as part of Anthropic's Data Processing Agreement.
  • Vercel (USA) — hosts the website and processes cookieless analytics if you consent. Transfer safeguard: EU Standard Contractual Clauses (SCC).

All other data processing (accounts, library, newsletter) occurs within the EU via Supabase (EU region) and Brevo (Paris, France).

Your rights (GDPR)

Under the GDPR you have the right to:

  • Access (Art. 15) — request a copy of your personal data.
  • Rectification (Art. 16) — correct inaccurate data.
  • Erasure (Art. 17) — request deletion of your data.
  • Restriction of processing (Art. 18) — request that we limit how we use your data.
  • Data portability (Art. 20) — receive your data in a structured, machine-readable format. Use Settings → Export your library to export as CSV or JSON at any time.
  • Object (Art. 21) — object to processing based on legitimate interest.
  • Withdraw consent (Art. 7(3)) — withdraw consent at any time without affecting the lawfulness of prior processing.

Account deletion: Settings → Sign out, then email sven-eric@molzahn-software.de from the same address — done within 30 days.

Supervisory authority

You have the right to lodge a complaint with a data-protection authority. Our competent authority is the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany — www.lda.bayern.de.

Where data lives

Supabase (EU region). All transport HTTPS. Backups encrypted at rest. Sub-processors: Supabase (storage), Brevo (newsletter sending), Vercel (website hosting & analytics), Anthropic (shelf-scan requests only).

Contact

Questions about anything above: sven-eric@molzahn-software.de.