Skip to content

Privacy Policy

Last updated: July 4, 2026

booklog ("the Service") takes your privacy seriously and handles personal data in accordance with applicable laws. This policy explains what information we collect, how we use it, how long we retain it, and the rights you have.

1. Information We Collect

We collect the following information:

  • Account information: email, name, profile image (collected through Clerk at sign-up)
  • Service usage data: the books you add to your library, reading logs (quotes, thoughts, action notes), AI book reviews, reading progress and statistics, settings such as interests and yearly goals, and system logs
  • Payment information: when paid plans launch, payment method identifier, subscription status, and billing history are processed by Polar; sensitive data such as card numbers is not stored on our servers. (No payments are taken during the beta period.)
  • Automatically collected: IP address, browser/device information, access time, page usage, cookies

2. How We Use Information

Collected information is used only for the following purposes:

  • Account authentication and management
  • Providing service features such as library management, reading logs, AI book review generation, and reading statistics
  • Processing payments and refunds once paid plans launch
  • Sending service notices, customer support replies, and policy updates
  • Preventing abuse and maintaining service stability
  • Improving the service and analyzing usage statistics

3. Sub-processors and Third Parties

We rely on the following providers to operate the Service. Each processes personal data only within the scope of their assigned task:

  • Clerk — authentication and account management
  • Convex — database and backend
  • OpenAI — AI book review generation (the book details and related reading logs are transmitted to OpenAI)
  • Vercel — hosting and access analytics
  • Book search APIs (Aladin, Naver, Google Books, Open Library) — searching books and retrieving metadata
  • Polar — payment and subscription processing (once paid plans launch)

Except as required by law, we do not share your personal data with other third parties without your consent.

4. Retention Period

We delete collected personal data without undue delay upon account deletion. Where applicable laws (e.g., e-commerce, electronic financial transactions, communications secrecy) require retention for a specified period, we retain only the required data for that period and then delete it.

5. AI Feature Processing

When you use AI book review generation, the details of the selected book and your related reading logs (quotes, thoughts, etc.) are transmitted to the OpenAI API for processing. OpenAI states that data received via its API is not used to train its models; however, we recommend that you do not submit sensitive personal data. You retain ownership of the reviews you generate, and we do not use them for any purpose other than providing the Service.

6. Your Rights

You may exercise the following rights at any time:

  • Request access, correction, deletion, or restriction of processing
  • Close your account (see Section 7 for the procedure)
  • Withdraw consent

You can exercise these rights through the in-app settings page or by contacting us at the address below. We will respond without undue delay.

7. Account and Data Deletion

You may request deletion of your account and associated data at any time. The procedure is as follows:

  • Email request: send an email to hello@booklog.xyz from the address you signed up with, with the subject "Account deletion request". After identity verification, your account and data are deleted within 30 days.
  • Scope of deletion: account profile (email/name/profile image), all books you have added, reading logs (quotes, thoughts, action notes), AI book reviews, reading statistics and settings, and logs.
  • Deleted data cannot be recovered, so please back up anything you need before submitting a deletion request.

Information that we are legally required to retain (e.g., billing records and access logs under e-commerce / electronic financial transactions / communications secrecy laws) is kept only for the required period and then deleted. We notify you by email once deletion is complete.

8. Security Measures

We apply reasonable technical and organizational measures to protect personal data, including encryption in transit (HTTPS), access controls, and separation of administrator accounts.

9. Cookies and Analytics

We use cookies to keep you signed in and to analyze service usage. You can disable cookies in your browser settings, but some features may become unavailable. Access analytics is powered by Vercel Analytics.

10. Changes to This Policy

We will notify you in advance through the Service or by email if we make material changes to this policy. Changes take effect from the effective date stated in the notice.

11. Contact

For privacy inquiries or to exercise your rights, please contact us:

hello@booklog.xyz