Privacy policy
Last updated 2026-07-04
What we collect
An email and password (or Google account) to sign you in; a username, display name, and optional bio/avatar for your profile; the books, statuses, ratings, page counts, and reading progress you add to your shelf (including anything you bring in via a Goodreads/StoryGraph import file); which days you updated your reading (for your streak); who you follow; your chosen display preferences (theme, cover style, layout); and any share cards you generate (see below).
Why we collect it
To run the service: showing your shelf, computing your reading stats and Wrapped recap, and letting other people view your public profile if you choose to make it public. We don’t sell your data or use it for advertising.
Our legal basis (GDPR Article 6)
- Performance of a contract — the account, profile, shelf, reading stats, Wrapped recap and share cards are the service you signed up for, so we process that data to deliver it to you (Art. 6(1)(b)).
- Legitimate interests — keeping the service secure and abuse-free (rate-limiting, spam/bot checks at sign-up), and understanding which features are used and keeping the site fast via cookieless, privacy-friendly analytics (Art. 6(1)(f)). You can object to the latter at any time (see “Your rights”).
- Legal obligation — where we have to retain or disclose limited data to comply with the law (Art. 6(1)(c)).
We do not rely on consent for these, and we don’t process special-category data. The reading data you add is only ever as public as you choose to make your profile.
Who else sees it
A few third-party services we rely on to run shelfportrait.com process data on our behalf:
- Supabase (hosting, authentication, database, and image storage) — stores everything above.
- Google Books and Open Library — every book lookup transits their APIs: the titles, authors, or ISBNs you search for, the rows in an import file you upload, and books we re-check in the background to repair a missing cover or page count. These requests go from our server, carry no account information, and aren’t tied to you by us — but they are processed by Google and the Internet Archive under their own privacy policies.
- Resend — delivers transactional emails (e.g. account confirmation).
- Vercel — hosts the site and provides privacy-friendly usage analytics (Vercel Web Analytics & Speed Insights). This counts page views and a handful of anonymous product events (e.g. that a share card was saved or a “buy” link was tapped) to help us understand what’s used and keep the site fast. It is cookieless, sets no persistent identifier, and doesn’t track you across other websites or build an advertising profile.
- Sentry — error monitoring. When something breaks, technical details of the error (what failed, where in the code, browser/OS type) are sent to Sentry so we can fix it. We’ve configured it not to attach personal identifiers such as your IP address, and it doesn’t record your screen or the contents of your session.
When you share a Wrapped, book, or reading-match card, the image is generated on the spot and handed straight to your device’s share sheet — we don’t keep a copy. Share images created with an older version of the app (public link previews) are deleted 30 days after they were made. Book “buy” links use your country (derived from your request, never stored) to pick a local bookstore.
How long we keep it
For as long as your account exists. Deleting your account (Settings → “Delete my account”) permanently erases your profile, shelf, and reading history right away — there’s no recovery period.
Where your data goes (international transfers)
Some of the processors above (for example Vercel and Google, and depending on region Supabase and Resend) may store or process data on servers outside the EU/UK, including in the United States. Where that happens, the transfer is covered by an appropriate safeguard under GDPR Chapter V — typically the European Commission’s Standard Contractual Clauses (and the equivalent UK addendum), and/or the processor’s certification under the EU–US Data Privacy Framework — as set out in each provider’s data-processing terms.
Your rights
If you’re in the EU/UK (GDPR) or California (CCPA), you have the right to:
- Access & portability — download everything we hold on you from Settings → “Download my data”.
- Erasure — delete your account at any time from Settings; this is immediate and permanent.
- Rectification — edit your profile and shelf directly, any time.
- Object/restrict processing — contact us (below) and we’ll action it. This includes objecting to our cookieless analytics, which we process under legitimate interests.
- Complain to a regulator — if you think we’ve mishandled your data, you can lodge a complaint with your local data-protection supervisory authority (in the EU, your national DPA; in the UK, the ICO). We’d appreciate the chance to sort it out first, but it’s your right either way.
We don’t use your data for automated decision-making or profiling that produces legal or similarly significant effects on you.
Cookies
We set strictly-necessary session cookies to keep you signed in, plus a small preferences cookie that remembers your share-card styling choices. We don’t use advertising or cross-site tracking cookies. Our usage analytics (Vercel Web Analytics & Speed Insights, above) are cookieless — they set no cookie or persistent identifier on your device, which is why you won’t see a cookie-consent banner for them.
Children
shelfportrait.com isn’t directed to children. You must be at least 16 to create an account (or the minimum digital-consent age in your country, which is 13 in some EU member states and the UK). If you believe a child has given us their data, contact us and we’ll delete it.
Contact
The data controller is the operator of shelfportrait.com. Questions about this policy, your data, or to exercise any of the rights above: contact@shelfportrait.com.