
Privacy Policy
Last updated: July 2026
This policy explains what data in prose collects, why, and your rights over it.
1. What data we collect
Information you provide:
- Account information (email, display name, and an optional phone number)
- Books you add to your library
- Status, ratings, reviews, posts and comments
- Friend connections
- Timestamps of your interactions
Information collected automatically:
- Usage analytics — privacy-safe, aggregate events about how the app is used (e.g. screens viewed, features used, counts of books added). We do not attach the content of your reviews or other personal content to analytics.
- Push notification tokens — only if you enable notifications, so we can deliver them.
- Share-link activity — when someone opens a link you shared, we log the event with a one-way hashed (anonymised) IP address and timestamp to give you basic share statistics. We do not store raw IP addresses.
2. Where your data is stored
All data is stored securely in Supabase Postgres, hosted by Supabase. Supabase also manages authentication and session tokens.
3. Third-party services
in prose uses the following third-party services to provide its features:
- Supabase — database, authentication, and file storage. Hosts your account, library, social activity, and uploaded avatars.
- ISBNdb — book metadata lookup. ISBNs and search terms are sent to retrieve book information; no account or personal data is shared.
- Sentry — crash and error monitoring. Receives anonymised error reports (stack traces, device model, OS version) to help diagnose bugs. We do not send PII or content to Sentry.
- Apple Push Notification service (APNs) — delivers push notifications to your device when enabled.
We do not sell or share your personal information with advertisers or data brokers.
4. Why we store this data
To provide the app's core features and to understand and improve how in prose is used:
- Tracking your reading
- Syncing your library
- Showing your activity feed
- Social features (friends & shared books)
5. Who can access your data
- You
- Other users, only to the extent your visibility settings allow (public, friends, or private)
- The developer, for support, maintenance, moderation, and handling deletion requests
6. How long we keep data
We keep your data while your account is active. When you request deletion, your account and associated data are permanently removed within 14 days, and any residual copies in encrypted backups are purged within 30 days.
7. Your rights
You may request access to your data, correction of inaccurate data, deletion of your account and all stored information, and a copy of your data for portability.
To make a request, email liam.inprose+ddrequest@gmail.com.
8. Security
Data is protected with encryption in transit and at rest, row-level security, and authenticated access. No system is completely secure, but we take reasonable measures to protect your data.