🗒️ Plain English Summary
- ✅Your book library is stored on your device. We don't upload your personal book collection to our servers.
- ✅Reviews you share are public by choice. You choose if and when to share a review with the community.
- ✅Your fingerprint never leaves your device. Biometric authentication is handled entirely by your phone's own security.
- ✅We don't sell your data. Ever. To anyone.
- ⚠️We do collect anonymous crash reports to help fix bugs. No personal information is included.
- ⚠️We may show a small banner advert in future versions. We'll always keep these non-intrusive.
1. 👤 Who We Are
BookLibrary is developed and operated by Low-Key Games, an independent sole-trader developer based in the United Kingdom.
For any privacy-related questions, you can contact us at: support@low-key.games
As a UK-based developer, we are committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. 📦 What Data We Collect
Account Information
When you create an account, we collect and store on our servers:
- Username — displayed alongside any public reviews you choose to share
- Email address — used for account login and support only
- Password — stored securely as a one-way encrypted hash. We never store your actual password.
Your Book Library
Your personal book collection — titles, authors, reading status, notes, and cover images — is stored locally on your device only. This data is not uploaded to our servers.
Reviews
Reviews you write are stored locally on your device. If you choose to share a review publicly, the following is uploaded to our servers and visible to other users:
- Your username
- Your star rating
- Your review text (if provided)
- The book's ISBN and title
Biometric Data
If you use fingerprint authentication to sign in, this is handled entirely by your device's own security system (Android BiometricPrompt). We never receive, store, or process your fingerprint or any biometric data. It never leaves your device.
Crash Reports & Analytics
We use Google Firebase Crashlytics to collect anonymous crash reports when the app unexpectedly closes. We may also use Firebase Analytics to understand general usage patterns (e.g. which features are used most). This data is:
- Anonymous — not linked to your account or identity
- Used only to improve the app
- Processed by Google in accordance with Google's Privacy Policy
Book Search (Open Library)
When you search for books to add to your library, your search query is sent to the Open Library API (operated by the Internet Archive). We do not store these searches. Please refer to the Internet Archive Privacy Policy for details on how they handle requests.
3. 📊 Data Summary Table
| Data | Where Stored | Shared? |
|---|---|---|
| Username & email | Our secure servers | Username shown on public reviews only |
| Password | Our servers (encrypted hash) | Never shared |
| Book library | Your device only | Never shared |
| Public reviews | Our servers | Visible to all app users |
| Biometric data | Your device only | Never leaves your device |
| Crash reports | Google Firebase | Anonymous only |
4. ⚖️ Legal Basis for Processing (UK GDPR)
We process your personal data under the following lawful bases:
- Contract — processing your account details is necessary to provide the service you signed up for
- Legitimate interests — anonymous crash reporting helps us maintain a stable, functional app
- Consent — you choose whether to share reviews publicly. You can withdraw this at any time by deleting your public review within the app
5. 🛡️ Your Rights
Under UK GDPR, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and associated data
- Restrict how we process your data
- Object to processing based on legitimate interests
- Data portability — receive your data in a usable format
To exercise any of these rights, contact us at support@low-key.games and we will respond within 30 days.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
6. 🗓️ How Long We Keep Your Data
- Account data — kept for as long as your account is active. Deleted within 30 days of an account deletion request.
- Public reviews — kept until you delete them or request account deletion.
- Crash reports — retained by Firebase for 90 days in line with Google's standard retention policy.
7. 📢 Advertising
BookLibrary does not currently display adverts. We may introduce small, non-intrusive banner adverts in a future update. If we do:
- We will update this Privacy Policy before any adverts are shown
- Any ad provider used will be listed here along with a link to their privacy policy
- We will not use intrusive, full-screen, or video adverts
8. 🔒 Security
We take reasonable steps to protect your data, including:
- Passwords stored as secure one-way hashes (never in plain text)
- All communication between the app and our servers uses HTTPS encryption
- JWT tokens used for authenticated sessions with expiry
No system is 100% secure. If you believe your account has been compromised, please contact us immediately at support@low-key.games.
9. 👧 Children's Privacy
BookLibrary is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. 📝 Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify you within the app.
Continued use of BookLibrary after changes are posted constitutes your acceptance of the updated policy.
📬 Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please get in touch:
Low-Key Games
Email: support@low-key.games
Website: low-key.games
We aim to respond to all privacy enquiries within 30 days as required by UK GDPR.