| Data | Why | When |
|---|---|---|
| Email address | To send your sign-in “magic link” and keep your account. No password is ever stored. | Only if you sign in |
| Profile (display name, @handle, avatar, settings, language/region, reading goal) | To run the app and sync it across your devices | Signed in |
| Your library (books, ratings, reviews, mood tags, reading log/sessions, achievements) | This is the product — your reading life | Guest: device only · Signed in: also synced |
| Anonymous usage events (e.g. “a book was added”) with a random session id | Basic, aggregated product analytics | Always (no identity attached) |
| Error logs (a truncated error message + the script file name) | To find and fix bugs in production | If the app hits an error |
| Age range (derived from your birth year) | Legal age requirements (see §7) | Stored only on your device |
No passwords. No IP-based tracking or advertising identifiers. No cross-site tracking cookies. No precise date of birth (only an age range, kept on your device). Our analytics and error logs never include your name, email, IP address or book titles. We do not sell your data, and CozyBooks shows no ads.
| Provider | Role |
|---|---|
| Supabase | Database, authentication and storage of your account data |
| Cloudflare Pages | Static hosting and content delivery for the app |
| Web3Forms | Delivers the feedback/bug messages you choose to send |
| Google Books API & Open Library | Book covers and metadata — these requests are made from your browser when you search |
These providers act as our processors or independent services and may store data in the EU and/or the United States. Where data leaves your region, it is covered by the providers’ standard safeguards (e.g. Standard Contractual Clauses).
Your shelf is private by default. If you opt in, you get a shareable link and you choose what appears (ratings, reviews, library card). Public content is visible to anyone with the link and may appear on a book’s community page. You can turn it off at any time. Public/community features require you to be 16 or older.
CozyBooks is not available to children under 13. The GDPR sets the age of digital consent at 16 by default (some countries allow as low as 13). Readers aged 13–15 may use CozyBooks for personal reading tracking, but the public shelf and community features stay switched off. We ask for your birth year once and keep only the resulting age range on your device.
You can access and export all your data as JSON (Account → “Download my data”), delete your account and everything in it (Account → “Delete my account”), and rectify your profile and entries at any time. You may object to processing based on legitimate interests, and withdraw consent for the public shelf. If you’re in the EU/UK, you also have the right to lodge a complaint with your local data protection authority.
The quickest way to reach us is the 💬 feedback button in the app. For privacy or data requests — including if you’ve deleted your account or can’t sign in — email cozybooks.app@gmail.com.
We’ll update the “last updated” date above when this policy changes and, for material changes, surface a notice in the app.