Legal

Privacy Policy

Last updated: May 19 2026

Scroll Books ("we", "us", or "our") is committed to protecting your privacy. This policy explains what information we collect when you use the Scroll Books app and website, how we use it, who we share it with, and what choices you have.

1. Information We Collect

We collect only what we need to provide and improve the service:

  • Account information — your email address and password (passwords are hashed by our authentication provider and we never see them), and the display name and username you choose at signup. We currently support email-and-password accounts only. Your username is stored in a profile record and can be looked up by anyone using the app's username-availability check, so treat it as public.
  • Library — the books you add to your library.
  • Reading progress — your current position in each book and completion status, so you can pick up where you left off across devices.
  • Streak and habit data — daily reading activity, current and longest streak, bookmark tokens and frozen days, and which milestones you have earned.
  • Saved passages — any passages you choose to save while reading. These are stored against your account so they are available across your devices.
  • Reading preferences — your daily passage goal, reading style, notification settings, and time zone (used to schedule local reminders).
  • Usage analytics — events about how you use the app (e.g. signup, screens viewed, books added, passages saved, streak milestones, notification opt-ins). These events are linked to your account so we can analyse retention and engagement, and are processed by Amplitude on EU-region servers. Amplitude's SDK also collects standard technical context with each event: platform, operating system version, app version, device model, language, and the approximate country derived from your IP address.

We do not collect payment information. Scroll Books is free to use.

2. How We Use Your Information

  • To create and manage your account.
  • To sync your reading progress, saved passages, and streaks across devices.
  • To send transactional emails (account confirmation, password reset, account changes). You will receive these for as long as your account exists.
  • To send product updates, launch announcements, and reading reminders you have opted into. You can unsubscribe from marketing emails at any time; transactional emails will continue.
  • To send local notifications you have opted into (reading reminders, streak milestones, book completion, weekly recap). These are scheduled on your device — no push tokens are sent to our servers.
  • To understand how the app is used so we can improve it.
  • To respond to support requests and account deletion requests.

We do not use your data to serve advertisements, and we do not sell your personal information to third parties. We do not share identifiable usage data with advertising networks and we do not enable cross-app tracking.

3. Legal Bases for Processing (UK / EU users)

If you are in the UK or the European Economic Area, we rely on the following legal bases under the UK GDPR and EU GDPR:

  • Contract — to create your account, sync your reading data across devices, and provide the core reading experience.
  • Legitimate interest — to analyse usage so we can improve the app, and to keep the service secure.
  • Consent — for marketing emails and for sending you notifications. You can withdraw consent at any time.
  • Legal obligation — to respond to data-rights requests and comply with applicable law.

4. Sharing a Passage

When you choose to share a passage from the app, the share image is generated on your device and handed to your operating system's share sheet. We do not upload or see what you share; what happens next is governed by the privacy policy of whichever app you share to.

5. Third-Party Services

We use a small number of third-party services to operate Scroll Books. Each is contractually required to handle your data only as instructed by us and in accordance with applicable privacy laws.

  • Supabase (Supabase Inc., USA) — hosts our database and authentication, and sends transactional email such as account confirmations and password resets. Your reading and account data are stored here.
  • Amplitude (Amplitude Inc., USA) — receives usage analytics events. We have configured Amplitude to process this data on its EU-region servers.
  • Google Fonts (Google LLC) — serves the typefaces used in the app and on the website. Google may receive your IP address when fonts are requested.
  • Books CDN — serves the public-domain book chunks you read. No account information is sent when fetching these files.

International transfers. Some of these providers are based in the United States. Where your personal data is transferred outside the UK or the European Economic Area, we rely on appropriate safeguards (such as the EU Standard Contractual Clauses and the UK International Data Transfer Addendum) to protect it.

6. Data Storage, Retention and Security

Your data is stored on cloud infrastructure provided by the third parties listed above. Our hosting provider encrypts data at rest, and all data is sent over encrypted connections (TLS). Access to personal data is restricted to authorised personnel only.

Retention. We keep your account and reading data for as long as your account is active. If you delete your account, we will remove your personal data from our active systems within 30 days; copies may remain in encrypted backups for up to a further 30 days before being overwritten. Analytics events are retained according to Amplitude's default retention; aggregate, non-identifying analytics may be kept indefinitely.

Breach notification. No method of transmission or storage is 100% secure. If we become aware of a breach that affects your personal data, we will notify the relevant supervisory authority within 72 hours where required, and notify affected users without undue delay.

7. Cookies

The Scroll Books website uses an analytics cookie that collects only anonymised data. We do not use advertising or tracking cookies. The in-app reading experience does not use cookies — your session is held in a token stored on your device.

You can disable cookies in your browser settings. The site works without them.

8. Your Rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your account and all associated data.
  • Object to or restrict certain processing of your data.
  • Receive a portable copy of your data.
  • Withdraw consent (for example, to marketing emails or notifications).
  • Lodge a complaint with your data protection authority — in the UK, the Information Commissioner's Office (ico.org.uk).

To exercise any of these rights, email us at scrollbooksjessica@gmail.com. We will respond within 30 days.

California residents. If you live in California, you have additional rights under the CCPA/CPRA, including the right to know what categories of personal information we collect, the right to delete, the right to correct, and the right to limit the use of sensitive personal information. We do not sell or share personal information for cross-context behavioural advertising. To exercise these rights, contact us at the email above.

9. Deleting Your Account

You can request deletion of your account and all associated data at any time. We will permanently delete your email address, reading progress, streak history, saved passages, and all other personal data from our active systems within 30 days of your request, and from analytics within the same window.

To submit a deletion request, visit our Delete Account page or email scrollbooksjessica@gmail.com.

10. Children's Privacy

Scroll Books is not directed at children under 13, or the higher minimum age required for online services in your country (16 in many EU member states). We do not knowingly collect personal information from children under this age. If you believe a child has provided us with their data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this policy from time to time. When we make material changes, we will notify registered users by email and update the "Last updated" date above. Continued use of the app after changes take effect constitutes acceptance of the revised policy.

12. Contact

Questions about this policy or how we handle your data? Get in touch:

scrollbooksjessica@gmail.com