This Privacy Policy explains how
Heddle LLC ("Heddle,"
"we," "us," or "our") collects, uses, and shares information when you
use
Bibliofolk. This policy is specific to Bibliofolk;
for our umbrella policy that covers all Heddle apps, see
theheddle.com/privacy. By using Bibliofolk, you
agree to the practices described here.
1. Eligibility
Bibliofolk is intended for users 17 years of age or older.
We verify age at sign-up by asking for your date of birth. We do not
knowingly collect information from anyone under 17. If you believe a
user under 17 has created an account, contact us at
admin@theheddle.com and we will
remove the account promptly.
2. Information We Collect
Account information
-
Email address and password. Required to create your
account. Passwords are handled by our authentication provider
(Supabase) and are stored in salted, hashed form. We never see your
password in plain text.
-
Date of birth. Collected once at sign-up to verify
you meet the 17+ age requirement. Your date of birth is treated as
private and is never shown to other users or returned by any query
available to other users.
-
Display name and optional bio. Visible to users you
are matched with. Display names are checked against a profanity filter
and must be unique.
-
Profile photo (avatar). Optional. If provided, stored
in our cloud storage and visible to users you are matched with.
Reading profile
-
Books on your shelves ("read," "currently reading,"
"want to read"), your favorite book, and your favorite genres.
-
Discussion style preference (thoughtful, heartfelt,
or laid-back).
Reading data is used to compute matches and is partially visible to
users you have been matched with — see "How we share your information."
Match and messaging data
-
Match records linking pairs of users, including the
match week, expiry, match score, shared books, and post-match ratings
you choose to submit.
-
Messages you send to a Shelfmate. Messages are stored
on our servers and are delivered in real time to the recipient. The
first 100 characters of an incoming message are included in the
recipient's push notification.
-
Reports and blocks you submit, including the reason
and any additional details you choose to include.
Subscription and bookmark data
-
Subscription status (free or premium), provided to us
by RevenueCat via Apple's In-App Purchase system. We do not receive
your full payment card details — only an opaque identifier from Apple.
-
Bookmark balance and transaction history, including
spends, refills, and refunds, kept as an internal audit log.
Device and technical data
-
Push notification token, if you grant notification
permission. Used solely to deliver match and message notifications.
-
Crash and error reports, collected via Sentry. These
contain technical details about the error (stack trace, app version,
device model, OS version) and are tagged with your user ID so we can
correlate crashes for one user. They do not contain message contents
or other user-generated text.
-
IP address, processed transiently by our servers and
by our cloud providers for rate limiting, abuse prevention, and
delivery. We do not retain raw IP logs longer than necessary for these
purposes.
What we do not collect
We do not collect your location, contacts, advertising identifiers,
third-party social-network data, or browsing history outside Bibliofolk.
We do not use third-party advertising or behavioral tracking SDKs.
3. How We Use Your Information
-
To match you with compatible Shelfmates. Your reading
profile, discussion style, activity level, and prior match history
feed our matching algorithm.
-
To operate the chat feature between you and your
Shelfmates.
-
To send notifications about new matches, new
messages, and matches that are about to expire (only if you grant
notification permission).
-
To process your subscription and bookmark spends.
-
To verify age at sign-up.
-
To detect, prevent, and respond to fraud, abuse, and
violations of our
Terms of Service and
Community Guidelines.
-
To diagnose and fix bugs using anonymized crash and
error reports.
-
To comply with legal obligations and respond to
lawful requests.
We do not sell your personal information. We do not use your data for
targeted advertising.
4. How We Share Your Information
With other users
When you are matched with another user, that user can see:
- Your display name, bio (if provided), and avatar (if provided).
- Your discussion style and favorite genres.
- Your favorite book (if you have set one).
- Books from your shelves that overlap with theirs.
- Messages you send within that conversation.
-
A post-match rating you submit (the rating itself is not visible to
the other user, but is used to inform future matching).
Users you are not matched with cannot see any of your profile
information. After a match ends, the historical record of the match
remains visible to both participants for up to 90 days, and indefinitely
to premium subscribers who can review their full Shelfmate history.
With service providers
Bibliofolk runs on a small number of third-party services that act as
data processors on our behalf. They are bound by their own privacy
policies and contractual obligations to handle your data securely.
| Provider |
Purpose |
Data shared |
| Supabase |
Authentication, database, file storage, real-time chat |
All account, profile, shelf, match, and message data |
| Apple |
In-app purchases and subscription billing |
Payment processing handled entirely by Apple; we receive only an opaque transaction identifier |
| RevenueCat |
Subscription state management |
Your Bibliofolk user ID and Apple subscription events |
| Expo (Push Notifications) |
Delivery of push notifications to your device |
Your push token and the notification contents we send |
| Sentry |
Crash and error monitoring |
Crash reports tagged with your user ID |
| Open Library |
Book search and metadata |
Search queries you type; no account information |
| The New York Times |
Bestseller lists shown in Discover |
None — we request lists, not user data |
| Google Books |
Supplemental book descriptions |
Book identifiers; no account information |
| Railway |
Hosting our matching service |
All data flowing through our backend |
For legal and safety reasons
We may share your information when we believe in good faith that
disclosure is necessary to: (a) comply with applicable law or a valid
legal request; (b) protect the safety, rights, or property of Heddle
LLC, our users, or the public; or (c) investigate and address violations
of our Terms of Service or this Privacy Policy.
Business transfers
If Heddle LLC is involved in a merger, acquisition, or sale of assets,
your information may be transferred as part of that transaction. We
will notify users via in-app message or email before any such transfer
of personal data takes effect.
5. Data Retention and Account Deletion
While your account is active
We retain your information for as long as your account is active and as
needed to operate the Service. Match records and messages persist for
the lifetime of the match and may be retained in our backups for a
limited period after deletion.
Account deletion
You can delete your account at any time from
Profile → Delete Account within the app. When you
delete your account:
-
Your display name is changed to "Deleted User" and your bio, avatar,
and push notification token are immediately removed.
- Your reading shelf is removed.
-
Match and message records you participated in are preserved with your
user reference anonymized, so the other party's conversation history
remains coherent.
-
Your account is fully and irreversibly deleted from our database
within 30 days, including removal from our authentication provider.
This is the GDPR "right to erasure" hard-delete.
Backups
Our database provider retains automated backups for disaster recovery.
Backup copies are encrypted, isolated from production access, and are
deleted on the provider's standard rotation schedule.
6. Your Rights
Depending on where you live, you may have specific rights regarding
your personal information. Bibliofolk honors these rights for all users
regardless of jurisdiction:
-
Access. View the information we hold about you
directly in the app, on the Profile tab.
-
Correction. Edit your display name, bio, avatar,
favorite book, genres, and discussion style at any time from your
profile.
-
Deletion. Delete your account from
Profile → Delete Account as described in Section 5.
-
Data export. Email
admin@theheddle.com from your
registered address and we will provide a machine-readable export of
your account data within 30 days.
-
Objection and restriction. Email us if you want to
object to or restrict any specific processing described above.
-
Complaint. If you are in the EU/UK, you may file a
complaint with your local data protection authority.
7. Security
We use industry-standard technical and organizational measures to
protect your information, including:
- TLS encryption for data in transit.
- Encryption at rest provided by our database and storage host.
-
Row-level security policies enforcing that users can only read and
write their own data and data from active matches.
-
Privileged server-side functions for sensitive operations like
subscription state changes and account deletion.
-
HMAC-signed webhooks between our matching service and external
providers.
- Automatic crash and error monitoring to detect unusual behavior.
No system is perfectly secure. If you believe your account has been
compromised, contact us immediately at
admin@theheddle.com.
8. Children
Bibliofolk is not directed to children under 17 and we do not knowingly
collect personal information from anyone under 17. If you become aware
that a child under 17 has provided us with personal information, please
contact us and we will take steps to delete that information.
9. International Users
Bibliofolk is operated from the United States. If you access Bibliofolk
from outside the United States, your information will be transferred
to, stored, and processed in the United States and in the regions where
our cloud providers operate. By using Bibliofolk, you consent to this
transfer. We rely on standard contractual clauses and our providers'
certifications where applicable to safeguard international transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the
updated policy at this URL and update the "Last updated" date. For
material changes, we will notify you in advance via in-app message,
push notification, or email. Your continued use of Bibliofolk after the
effective date of an updated policy constitutes your acceptance.
11. Contact
Questions about this Privacy Policy or how we handle your data?
Heddle LLC
Email: admin@theheddle.com
Website: theheddle.com