Privacy Policy | Author Pilot

Last updated: 4/26/2026

1. Data We Collect

We collect: (a) account data such as email, display name, and password (hashed); (b) profile data like Amazon username and avatar if you use Google sign-in; (c) usage data including books listed, reviews accepted, and points transactions; (d) payment data via Stripe (we do not store card numbers).

2. How We Use It

We use your data to provide the service, process payments, match authors and reviewers, send transactional emails (e.g. confirmations, support replies), and improve the platform. We do not sell your data to third parties.

3. Third-Party Platforms and How They Handle Your Data

We use the following third-party platforms to run the service. We share only the data necessary for each to perform its function. Each provider processes data in accordance with their own privacy policy and our instructions.

Supabase — Authentication and database. They store your email, hashed password (or OAuth tokens for Google sign-in), and session data. Your profile and app data (books, reviews, points) are stored in their database. Supabase is based in the US and processes data as described in their Privacy Policy.
Stripe — Payment processing. When you subscribe or buy points, we send Stripe your email and payment details. Stripe stores card information on their servers; we do not store card numbers. Stripe may use your data for fraud prevention and as set out in their Privacy Policy.
Resend — Transactional email (e.g. contact form, support). We send your name, email, and message content to Resend so they can deliver emails. Resend processes this data as described in their Privacy Policy.
Vercel — Hosting and serverless functions. Your requests (including IP and URLs) pass through Vercel. They may log and retain this for security and operations as per their Privacy Policy.
Vercel Analytics — We use Vercel Analytics to understand usage (e.g. page views, referrers). This may use cookies or similar tech and is subject to Vercel’s privacy policy.

4. Cookies

We use cookies and similar storage for: (a) keeping you logged in (session and auth tokens, e.g. via Supabase); (b) preferences (e.g. currency); (c) analytics (e.g. Vercel Analytics). Essential cookies are required for the site to work. We will ask for your consent where required by law when we use non-essential cookies (e.g. analytics). You can change cookie preferences or withdraw consent via your browser settings; see our cookie notice for more.

5. Data Retention

We retain account and transaction data while your account is active and for a reasonable period after deletion for legal and operational purposes. You may request deletion of your personal data by contacting us.

6. Security

We use industry-standard measures to protect your data, including encryption in transit (HTTPS) and at rest. You are responsible for keeping your password secure.

7. Your Rights

Depending on your location, you may have rights to access, correct, or delete your data. Contact us to exercise these rights. You may also unsubscribe from marketing emails at any time.

8. Contact

For privacy-related questions, use the Contact form on our website.