Privacy Policy

1. Information We Collect

Account Information: When you create an account, we collect your name, email address, and password. Authors may also provide payment information, publishing details, and book metadata. Readers may provide genre preferences, reading history, and Amazon profile information.

Usage Data: We automatically collect information about how you interact with the platform, including pages visited, features used, campaign activity, and timestamps. This data is collected through server logs and analytics tools.

Device Information: We may collect information about the device you use to access the platform, including device type, operating system, browser type, and IP address.

Payment Information: Payment processing is handled by our third-party payment processor (Stripe). We do not store your full credit card number on our servers. We may retain the last four digits of your card number and billing address for identification and record-keeping purposes.

2. How We Use Your Data

We use the information we collect to:

• Provide, operate, and maintain the FolioReach platform
• Match authors with appropriate readers based on genre preferences and reading history
• Process payments and manage account balances
• Send transactional emails related to your account and campaigns (e.g., review notifications, payment confirmations)
• Improve platform functionality, user experience, and reader matching algorithms
• Detect and prevent fraud, abuse, and policy violations
• Comply with legal obligations and enforce our Terms of Service

3. Data Sharing

We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

Service Providers: We share data with trusted third-party service providers who assist us in operating the platform, including payment processors (Stripe), email delivery services, cloud hosting providers, and analytics tools. These providers are contractually obligated to protect your data and use it only for the purposes we specify.

Platform Operations: Limited information may be shared between authors and readers as necessary to facilitate the review process. Authors can see anonymized reader activity (e.g., reading progress, review completion). Readers can see book details and author pen names. We do not share direct contact information between parties.

Legal Requirements: We may disclose your information if required to do so by law, or if we believe in good faith that such action is necessary to comply with a legal obligation, protect our rights or safety, or investigate potential violations of our Terms.

4. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience on the platform. These include:

Essential Cookies: Required for the platform to function properly, including authentication, session management, and security features. These cannot be disabled.

Analytics Cookies: Help us understand how users interact with the platform, identify areas for improvement, and measure the effectiveness of features. You may opt out of analytics cookies through your browser settings.

We do not use third-party advertising cookies or tracking pixels for ad targeting purposes.

5. Data Security

We implement industry-standard security measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure password hashing using bcrypt
• Regular security audits and vulnerability assessments
• Access controls limiting employee access to personal data on a need-to-know basis
• PCI-DSS compliant payment processing through Stripe

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly notifying affected users in the event of a data breach.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data, subject to legal retention requirements
• Portability: Request a machine-readable copy of your data for transfer to another service
• Restriction: Request that we limit how we process your data in certain circumstances
• Objection: Object to the processing of your data for certain purposes, including direct marketing
• Withdrawal of Consent: Where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us at privacy@folioreach.com. We will respond to your request within 30 days. For users in the European Economic Area, we comply with the General Data Protection Regulation (GDPR) and will process requests in accordance with applicable EU data protection law.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. After account deletion, we may retain certain information for a limited period as required by law, to resolve disputes, enforce agreements, or for legitimate business purposes (e.g., fraud prevention).

Campaign data, including review records and transaction history, is retained for 7 years for tax and regulatory compliance. Anonymized analytics data may be retained indefinitely for statistical purposes.

8. International Data Transfers

FolioReach is based in the United States. If you access the platform from outside the United States, your data may be transferred to and processed in the United States. We take appropriate safeguards to ensure that your personal data receives an adequate level of protection, including standard contractual clauses approved by the European Commission where applicable.

9. Children's Privacy

The FolioReach platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal data, we will take steps to delete that information promptly.

10. Contact for Privacy Concerns

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us at:

FolioReach Inc. — Privacy Team
Email: privacy@folioreach.com

If you are located in the EEA and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.