Privacy Policy

This Privacy Policy explains how LitList (“we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you use the LitList mobile application (the “App”), available on iOS and Android.

We are based in Ontario, Canada, and our primary privacy obligations are under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). We are committed to transparency about how we handle your information and to complying with all applicable privacy laws, including Quebec’s Act Respecting the Protection of Personal Information in the Private Sector (Law 25) where applicable, and international privacy frameworks where required.

We collect, use, and disclose your personal information only for purposes that a reasonable person would consider appropriate in the circumstances.

1. Who We Are and Accountability

LitList is a sole proprietorship operated from Ontario, Canada. As the operator of LitList, I am personally responsible for your personal information under PIPEDA and am accountable for the organization’s compliance with all applicable privacy principles.

Under PIPEDA’s accountability principle, the person responsible for privacy compliance is:

A full mailing address is available upon request by contacting admin@litlist.ca.

I have implemented policies and practices to protect personal information under my control, including information transferred to third-party service providers for processing. I conduct privacy impact assessments when introducing new features or technologies that involve personal information, such as the AI Recommendations feature and the Family Shelf.

2. Information We Collect

We collect only the information necessary to provide and improve the App. The collection of personal information is limited to what is needed for the purposes identified in this Policy, and information is collected by fair and lawful means.

2.1 Information You Provide Directly

• Account registration: email address, display name, avatar, and bio
• Profile preferences: country, currency, language, reading goals, favourite genres, preferred book format, and privacy settings
• Reading data: books added, page counts, ratings, reviews, quotes, journal entries, reading sessions, streaks, and milestones
• Family data: children’s names, ages or birthdays (optional), and their reading history. This data is entered by the parent or guardian and is stored under the parent’s account. Only the information necessary to provide the Family Shelf reading tracking feature is collected. See Section 10 for details.
• Social data: friends list, activity feed interactions, likes, comments, and book recommendations you send or receive
• Subscription tracking: reading service subscriptions you choose to manually log (e.g. Audible, Kindle Unlimited). We store this information in your account for your reference only — we do not process payments for or connect to these third-party services
• Communications: feedback, bug reports, or support messages you send us

2.2 Information Collected Automatically

• Device information: device type, operating system version, app version
• Push notification tokens: a device identifier used by Expo (our notification provider) to deliver notifications you have opted into. This is not used for advertising or tracking
• Crash reports and diagnostic data: used solely for fixing bugs and improving the App
• Usage patterns: features used, screens visited, session duration, reading streak and habit statistics derived from your activity

2.3 Information from Third-Party Services

We use several third-party services to operate the App. Here is how each one interacts with your data:

• Google Books API: When you search for books, we fetch book metadata (title, author, cover image, description, page count, genre) through a proxy hosted on our infrastructure. No personal information about you is sent to Google during this process.
• Hardcover API: When you browse series or discovery features, we fetch book series metadata. No personal information about you is sent to Hardcover.
• Open Library API: We fetch additional book cover images from Open Library. No personal information about you is sent.
• Anthropic Claude API: When you use the AI Recommendations feature, a summary of your reading preferences (genres, ratings, and book titles from your reading history) is sent to Anthropic’s API to generate personalised suggestions. Your name, email address, and other account identifiers are not included in this request. The request is routed through a proxy hosted on Vercel. Anthropic processes this data under the terms of its API data usage policy and does not use your data to train its models. See Section 11 for retention details.
• Supabase: Hosts your account data in a PostgreSQL database and provides authentication services. Supabase processes data on our behalf under a Data Processing Agreement.
• Sentry: Collects crash reports and diagnostic data (stack traces, device type, OS version, app version, and session breadcrumbs) to help us identify and fix bugs. Sentry does not collect your name, email, or reading data. Sentry processes data under its Data Processing Agreement.
• Upstash Redis: Stores rate-limiting counters (keyed by your anonymous user ID and date) to prevent abuse of the AI recommendation feature. No reading data or personal information is stored in Upstash.
• PostHog: Collects anonymous product analytics (feature usage, app lifecycle events, and engagement metrics) to help us understand how the app is used and improve the experience. PostHog receives your anonymous user ID but no personal information such as your name, email, or reading data. PostHog processes data under its Data Processing Agreement.
• Apple Sign-In / Google Sign-In: If you choose to sign in with Apple or Google, the respective provider handles authentication and shares a limited set of information (an identity token, and optionally your name and email) with us to create or access your account. We do not receive or store your Apple or Google account password.
• Expo: Delivers push notifications you have opted into using your device’s push notification token.
• Goodreads CSV import: If you choose to import a Goodreads export, your CSV file is processed locally on your device and imported directly into your account. We do not retain the raw CSV file.

3. How We Use Your Information

We use your information for the following purposes:

• To create and manage your account and authenticate you across devices
• To provide core App functionality: book tracking, reading timer, journal, streaks, statistics, and the Family Shelf
• To power social features: friends, activity feed, likes, comments, and book recommendations
• To generate AI-powered book recommendations based on your reading history and preferences
• To sync your data across your devices via our cloud infrastructure (Supabase)
• To send push notifications you have opted into (e.g. streak reminders, reading goal updates) — you can disable these at any time in your device settings or within the App
• To respond to your support requests and feedback
• To analyse aggregate, de-identified usage trends to improve the App (see Section 11 for details on de-identification)
• To detect and prevent fraud, abuse, or security incidents
• To comply with legal obligations

We do not use your personal information for advertising. We do not sell your personal information. Personal information is used and disclosed only for the purposes for which it was collected, unless you provide additional consent or disclosure is required by law.

4. How We Obtain Your Consent (PIPEDA)

Under PIPEDA, we are required to obtain meaningful consent for the collection, use, and disclosure of your personal information. We present our consent requests in clear, plain language so that you can understand what you are agreeing to, including what personal information is being collected, who it is shared with, and for what purposes. We rely on different forms of consent depending on the sensitivity of the information and the context:

4.1 Express Consent

We obtain your express consent when you:

• Create an account and provide your personal information
• Enable push notifications
• Use the AI Recommendations feature (which sends reading data to Anthropic)
• Add children’s information to the Family Shelf
• Import data from Goodreads or other sources

4.2 Implied Consent

We rely on implied consent for activities that are necessary to provide the service you’ve requested, such as:

• Storing and syncing your reading data via Supabase
• Fetching book metadata from Google Books, Hardcover, and Open Library when you search for books
• Generating crash and diagnostic reports to maintain App stability

4.3 Withdrawing Consent

You may withdraw your consent at any time by:

• Disabling push notifications in your device settings
• Choosing not to use optional features like AI Recommendations
• Deleting your account (see Section 11)
• Contacting us at admin@litlist.ca

Withdrawing consent may affect your ability to use certain features of the App. We will explain the consequences of withdrawing consent when you make such a request. Withdrawal does not affect the lawfulness of processing that occurred before the withdrawal. Consent will not be required as a condition of providing a service beyond what is necessary to provide that service.

5. Additional Legal Bases (EEA and UK Users)

If you are located in the European Economic Area (EEA) or United Kingdom, we rely on the following legal bases under the GDPR / UK GDPR in addition to the consent framework described above:

• Contract performance (Article 6(1)(b)): processing necessary to provide the App services you have requested
• Legitimate interests (Article 6(1)(f)): improving App performance, preventing fraud, and ensuring security — balanced against your rights
• Consent (Article 6(1)(a)): for optional features such as push notifications and AI recommendations, which you may withdraw at any time
• Legal obligation (Article 6(1)(c)): where processing is required by applicable law

6. Sharing Your Information

We do not sell your personal information. We share your information only in the following limited circumstances:

6.1 Service Providers

We engage trusted third-party providers who process data on our behalf. Each operates under contractual obligations or data processing agreements that require them to provide a comparable level of protection to that required under PIPEDA and to limit their use of your information to the purposes specified:

• Supabase Inc. — database hosting and authentication (data stored in the United States). Operates under a Data Processing Agreement.
• Anthropic PBC — AI recommendation processing (United States). Data is processed under Anthropic’s API data usage terms, which restrict use of your data beyond providing the requested service.
• Vercel Inc. — hosts the proxy server for AI recommendation requests (United States)
• Expo (Software Mansion S.A.) — push notification delivery
• Sentry (Functional Software Inc.) — crash reporting and error tracking (United States). Collects device and diagnostic data only; no reading data or account identifiers are shared.
• Upstash Inc. — rate-limiting infrastructure (United States). Stores only anonymous usage counters.
• PostHog Inc. — product analytics (United States). Collects anonymous feature usage data; no personal information is shared.
• Apple Inc. — authentication via Sign in with Apple (if you choose this method), and app distribution and in-app purchase processing via the App Store (United States)
• Google LLC — authentication via Google Sign-In (if you choose this method), book metadata via Google Books API, and app distribution and in-app purchase processing via Google Play (United States)
• Hardcover — book series metadata (United States). No personal data is shared.
• Open Library (Internet Archive) — book cover images (United States). No personal data is shared.

6.2 Social Features

When you use social features, certain information is shared with other LitList users according to your privacy settings:

• Your display name, avatar, and bio may be visible to other users
• Your activity (such as books added, reviews, ratings, and recommendations) may appear in other users’ activity feeds if your privacy settings allow it
• You control your visibility through the privacy settings in your profile

6.3 Legal Requirements

We may disclose your information if required by law, regulation, court order, or governmental authority, or if necessary to protect the rights, property, or safety of LitList, our users, or others.

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your information becomes subject to a different privacy policy.

6.5 With Your Consent

We may share information in other ways if you have explicitly consented.

7. International Data Transfers

LitList is based in Canada. Your data is processed and stored primarily in the United States (via Supabase) and may be processed in other countries where our service providers operate.

If you are located outside of Canada, your personal information will be transferred to Canada and/or the United States. Canada has been recognised by the European Commission as providing an adequate level of data protection.

Please be aware that personal information stored or processed in the United States is subject to United States law, including laws that may permit access by courts, law enforcement, and national security authorities in that jurisdiction. We take reasonable steps to ensure that our service providers protect your data consistent with this Policy and applicable law, including through contractual safeguards.

For transfers to other jurisdictions, we take reasonable steps to ensure your data is protected consistent with this Policy and applicable law.

8. Accuracy of Personal Information

We take reasonable steps to ensure that the personal information we hold is accurate, complete, and up to date, to the extent necessary for the purposes for which it is used. Since much of the data in the App is entered and managed directly by you (such as your reading lists, reviews, and profile information), you play an important role in maintaining its accuracy.

If you believe any of your personal information is inaccurate or incomplete, you may update it directly within the App or contact us at admin@litlist.ca to request a correction. We will update or correct your information promptly upon verification.

9. Your Privacy Rights

9.1 All Users

Regardless of where you are located, you have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request that we correct inaccurate or incomplete information
• Deletion: Request that we delete your account and associated data. You can do this directly in the App via Profile → Delete Account, or by emailing admin@litlist.ca
• Data export: Request a copy of your data in a portable format
• Withdraw consent: For any processing based on consent (e.g. notifications, AI recommendations), you may withdraw at any time without affecting prior processing

9.2 Canadian Users (PIPEDA)

Under PIPEDA, you have the right to:

• Know what personal information we hold about you and how it is used
• Challenge the accuracy and completeness of your information and have it amended
• Withdraw consent for the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions
• Challenge our compliance with PIPEDA’s fair information principles (see Section 16)
• File a complaint with the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca if you believe your privacy rights have been violated

9.3 Quebec Users (Law 25)

If you are located in Quebec, you additionally have the right to:

• Be informed of the specific purposes for the collection of your personal information and of any automated decision-making processes applied to your data
• Request de-indexing of any hyperlink attached to your name if it contravenes the law or a court order
• Data portability: receive your personal information in a structured, commonly used technological format
• File a complaint with the Commission d’accès à l’information du Québec (CAI) at cai.gouv.qc.ca

9.4 EEA and UK Users (GDPR / UK GDPR)

• Right to data portability: receive your data in a structured, machine-readable format
• Right to restriction of processing: request that we limit how we use your data in certain circumstances
• Right to object: object to processing based on legitimate interests
• Right to lodge a complaint with your local supervisory authority (e.g. your national Data Protection Authority within the EEA, or the ICO in the UK at ico.org.uk)

9.5 California Residents (CCPA / CPRA)

• Right to know the categories and specific pieces of personal information we have collected, and how we use and share it
• Right to delete your personal information, subject to certain exceptions
• Right to opt out of sale or sharing: we do not sell or share your personal information for cross-context behavioural advertising
• Right to non-discrimination: we will not discriminate against you for exercising your rights

To exercise any of your rights, contact admin@litlist.ca. We will respond within 30 days (or within any longer period permitted by applicable law with notice to you).

10. Children’s Privacy and the Family Shelf

The App is not directed to children. You must be at least 13 years old (or 16 in the EEA) to create a LitList account.

The Family Shelf feature allows parents or legal guardians to create reading profiles for their children. By using this feature:

• All children’s data (names, ages/birthdays, and reading history) is stored under and controlled by the parent’s account
• Children do not create their own accounts and do not interact with the App independently
• The parent or guardian provides express consent for the collection and storage of their child’s information, specifically for the purpose of tracking their child’s reading activity within the Family Shelf feature
• Children’s data is used solely to provide the Family Shelf reading tracking feature and is not shared with third parties, used for advertising, or sent to AI services
• Providing a child’s exact birthday is optional; an age or age range is sufficient to use the feature
• A parent or guardian may request deletion of their child’s data at any time by removing the child’s profile from the Family Shelf or by contacting admin@litlist.ca

If you believe we have inadvertently collected information directly from a child without parental consent, please contact us immediately at admin@litlist.ca and we will delete it promptly.

11. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

• Account, profile, reading, social, and family data: retained while your account is active and for the purposes described in this Policy
• AI recommendation data: Reading preference summaries sent to Anthropic are processed in real time to generate recommendations. Anthropic’s API data usage policy governs any transient processing on its systems. We do not separately store the summaries sent to Anthropic beyond what is necessary to deliver the recommendation to you.
• Crash and diagnostic logs: retained for up to 90 days
• De-identified aggregate statistics: may be retained indefinitely. We de-identify data by removing all direct and indirect identifiers so that the resulting data cannot reasonably be used, alone or in combination with other available information, to identify any individual. De-identified data is not considered personal information under PIPEDA.

When you delete your account, we permanently delete your personal information from our active systems within 30 days. Residual copies in encrypted backups may persist for up to 90 days, after which they are purged.

12. Data Breach Notification

In the event of a security breach involving your personal information that creates a real risk of significant harm, we will:

• Notify the Office of the Privacy Commissioner of Canada as required by PIPEDA
• Notify affected users as soon as feasible, describing the nature of the breach, the information involved, and steps we are taking
• Maintain records of all breaches as required by law

If applicable, we will also notify relevant authorities in other jurisdictions, including the Commission d’accès à l’information du Québec where required by Law 25.

13. Security

We take reasonable technical and organisational measures to protect your personal information, including:

• Encryption of data in transit (TLS/HTTPS)
• Encryption of data at rest via Supabase
• Secure authentication via Supabase Auth
• Access controls limiting who can access your data within our organisation and service providers

The level of security protection is proportionate to the sensitivity of the personal information involved. No method of transmission or storage is 100% secure. If you become aware of any security concern, please contact us at admin@litlist.ca.

14. Third-Party Links and Services

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by displaying a notice within the App or by email. The updated Policy will be effective upon posting with a revised effective date. Continued use of the App after changes constitutes acceptance of the updated Policy.

16. Challenging Our Compliance

Under PIPEDA’s challenging compliance principle, you have the right to challenge our compliance with the fair information principles set out in this Policy. If you believe we are not handling your personal information in accordance with our obligations, you may:

1. Contact us at admin@litlist.ca with a description of your concern.
2. We will acknowledge receipt of your challenge within 10 business days.
3. We will investigate your concern and provide a substantive response within 30 days, including any steps we will take to address the issue.
4. If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca.

We will inform you of any relevant complaint procedures and will not retaliate against you for raising a privacy concern or filing a complaint.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

A full mailing address is available upon request.