Privacy Policy

Information you provide

• Account information: email address and optional display name when you sign up.
• Payment information: handled entirely by Stripe. We receive only your subscription status, plan type, and a Stripe customer ID — never your card number or bank details.
• User content: book reviews and ratings you submit.
• Library data: books you save to your reading list and their status.
• Church/Ministry data: if you purchase a church license, we store the church name and contact email you provide.

Information collected automatically

• Usage data: pages visited, searches performed, and features used — collected in aggregate and anonymized by Vercel Analytics. We do not use third-party advertising trackers.
• Session cookies: Supabase uses a secure HTTP-only cookie to maintain your login session. No tracking cookies are set.
• Log data: server logs may include your IP address, browser type, and request timestamps. These are retained for up to 30 days for security and debugging purposes.

• To create and manage your account
• To process payments and manage your subscription
• To display your reading library and submitted reviews
• To enforce subscription limits (e.g., monthly analysis count)
• To send transactional emails (password reset, receipt confirmations)
• To improve the Service based on aggregate usage patterns
• To respond to support requests sent to our contact email

We do not use your data to train AI models. We do not sell your personal information to third parties. We do not send marketing emails without your opt-in consent.

We share data with the following third parties only as necessary to operate the Service:

We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required by law to retain it longer (e.g., payment records for tax purposes, retained for 7 years).

Submitted reviews may remain on the platform after account deletion in anonymized form (author shown as “Anonymous”).

Depending on your location, you may have the right to:

• Access a copy of the personal data we hold about you
• Correct inaccurate data in your profile
• Delete your account and associated personal data
• Export your library and review data
• Opt out of any marketing communications

To exercise any of these rights, email us at hello@theoscope.app. We will respond within 30 days.

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

We use industry-standard measures to protect your data, including HTTPS encryption in transit, row-level security on the database, and access controls that prevent client-side code from writing scores or reading other users' private data. No system is perfectly secure — if you discover a vulnerability, please report it to hello@theoscope.app.

We use one session cookie set by Supabase to keep you logged in. This cookie is essential for the Service to function and cannot be disabled while using your account. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page. For material changes, we will notify you by email. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.

For privacy questions, data requests, or concerns, contact us at hello@theoscope.app.