Privacy Policy

Last Updated: January 20, 2026

1. Introduction

This Privacy Policy explains how EbookVoiceReact ("we," "our," or "us") collects, uses, discloses, and protects your personal information when you use our mobile application and services (collectively, the "Service").

EbookVoiceReact is an audiobook conversion application that transforms EPUB ebooks into natural-sounding audiobooks using text-to-speech technology. The Service is designed for personal use with content you own or have legal rights to convert, such as your own written works, public domain books, or ebooks for which you have obtained proper authorization from the copyright holder.

By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use our Service.

2. Information We Collect

2.1 Personal Information You Provide

We collect the following personal information that you voluntarily provide:

• Account Information: Email address, password (securely hashed), first name, last name, display name, and optional profile picture
• Payment Information: Payment details are processed through Stripe. We store your Stripe customer ID and subscription information but do not store credit card numbers or payment card details directly
• Profile Data: User preferences, subscription tier, and usage statistics

2.2 Content You Upload

IMPORTANT: You are solely responsible for ensuring you have the legal right to upload and convert any content. Only upload content that you own, created yourself, or have explicit authorization to convert.

• EPUB Files: When you upload EPUB files for conversion, we temporarily process these files on our servers
• Book Content: We extract and process text content from your ebooks to generate audio files using text-to-speech technology
• Chapter Data: Chapter titles, content, and structure are stored to enable audiobook playback and management

We do not monitor or verify the copyright status of uploaded content. However, we reserve the right to remove content and terminate accounts that violate copyright laws or our Terms of Service.

2.3 Automatically Collected Information

• Usage Data: Audiobook playback progress, current listening position, chapter navigation, conversion history, and usage statistics (number of conversions, audiobooks created)
• Device Information: Mobile device type, operating system version, and app version for compatibility purposes
• Authentication Data: Session tokens and authentication timestamps

2.4 Information We Do NOT Collect

We do not collect:

• Precise geolocation data
• Browsing history outside our app
• Contact lists or social media connections
• Analytics or tracking cookies
• Device identifiers for advertising purposes

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 Service Provision

• Create and manage your account
• Process EPUB files and convert them to audiobooks
• Store and deliver audio files for playback
• Enable audiobook library management and playback features
• Sync playback progress across your devices

3.2 Payment Processing

• Process subscription payments through Stripe
• Manage subscription plans and billing
• Enforce usage limits based on your subscription tier
• Provide access to the Stripe billing portal

3.3 Service Improvement

• Monitor and analyze usage patterns to improve the Service
• Develop new features and functionality
• Troubleshoot technical issues

3.4 Communication

• Send service-related notifications (conversion completion, subscription status changes)
• Respond to your inquiries and support requests
• Send important updates about the Service (with your consent)

3.5 Legal Compliance

• Comply with legal obligations
• Enforce our Terms of Service
• Protect against fraud and unauthorized access

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to provide the Service you requested (Article 6(1)(b) GDPR)
• Legitimate Interests: Improving our Service, preventing fraud, and ensuring security (Article 6(1)(f) GDPR)
• Consent: Where you have given explicit consent for specific processing activities (Article 6(1)(a) GDPR)
• Legal Obligation: Compliance with applicable laws and regulations (Article 6(1)(c) GDPR)

You have the right to withdraw consent at any time where we rely on consent as the legal basis for processing.

5. How We Share Your Information

We share your personal information only in the following circumstances:

5.1 Third-Party Service Providers

We use trusted third-party services to operate our application:

#### Supabase (Authentication & Database)

• Purpose: User authentication and data storage
• Data Shared: Email, password (hashed), profile information, audiobook metadata
• Location: Services may be hosted in various regions
• Privacy Policy: https://supabase.com/privacy

#### Stripe (Payment Processing)

• Purpose: Subscription payment processing
• Data Shared: Email, customer ID, subscription details
• Location: United States and global infrastructure
• Compliance: PCI-DSS compliant
• Privacy Policy: https://stripe.com/privacy

#### Cloudinary (File Storage)

• Purpose: Audio file storage and delivery
• Data Shared: Converted MP3 audio files, file metadata
• Location: Services may be hosted in various regions
• Privacy Policy: https://cloudinary.com/privacy

#### Microsoft Edge TTS

• Purpose: Text-to-speech conversion
• Data Shared: Book text content for audio generation
• Data Retention: Text is processed in real-time and not stored by Microsoft
• Privacy Policy: https://privacy.microsoft.com/

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal process (subpoenas, court orders)
• Government requests
• Protection of our rights, privacy, safety, or property
• Enforcement of our Terms of Service

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change in ownership.

5.4 With Your Consent

We may share your information for any other purpose with your explicit consent.

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

• Account Data: Retained until you delete your account
• Audiobook Data: Retained until you delete individual audiobooks or your account
• Payment Data: Stripe retains payment information according to their retention policy and legal requirements
• Temporary Files: EPUB files uploaded for conversion are deleted immediately after processing
• Usage Statistics: Retained for the lifetime of your account

7. Your Privacy Rights

7.1 Rights for All Users

Regardless of your location, you have the following rights:

• Access: View your profile information within the app
• Correction: Update your profile information, display name, and avatar
• Deletion: Delete individual audiobooks or your entire account and associated data
• Data Portability: Request a copy of your data (contact us at your support email)

7.2 Additional GDPR Rights (EEA, UK, Switzerland)

If you are located in the EEA, UK, or Switzerland, you have additional rights under GDPR:

• Right to Access: Request confirmation of what personal data we process and obtain a copy
• Right to Rectification: Correct inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Request limitation on how we process your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for processing at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, please contact us using the contact information provided in Section 14 below.

7.3 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request information about the personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: We do not sell or share your personal information for cross-context behavioral advertising
• Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information for purposes requiring opt-out
• Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights

California "Shine the Light" Law: You may request information about our disclosure of personal information to third parties for their direct marketing purposes (we do not engage in such sharing).

To exercise your CCPA rights, please contact us using the contact information provided in Section 14 below. We will verify your identity before processing requests.

7.4 How to Exercise Your Rights

To delete your account and all associated data:

1. Open the EbookVoiceReact app

2. Navigate to Profile settings

3. Select "Delete Account"

4. Confirm deletion

This will permanently delete:

• Your profile and account information
• All audiobooks and chapters you created
• Audio files stored in the cloud
• Your active subscription will be cancelled

For other data requests or questions, please contact us using the contact information provided in Section 14 below.

8. Data Security

We implement reasonable security measures to protect your personal information:

• Encryption: Data transmitted between your device and our servers is encrypted using HTTPS/TLS
• Authentication: Secure JWT (JSON Web Token) authentication with token expiration
• Database Security: Row-level security policies ensure users can only access their own data
• Password Protection: Passwords are securely hashed using industry-standard methods
• Payment Security: Payment processing through PCI-DSS compliant Stripe infrastructure
• Access Controls: Limited employee access to personal data on a need-to-know basis

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction.

For users in the EEA, UK, or Switzerland: When we transfer your personal data outside these regions, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Service providers certified under applicable data transfer frameworks

10. Children's Privacy

Our Service is not intended for children under the age of 13 (or 16 in the UK and EEA). We do not knowingly collect personal information from children under these ages.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us using the information in Section 14 below. We will take steps to delete such information from our systems.

11. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new Privacy Policy in the app
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (for significant changes)

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

13. Do Not Track Signals

Our Service does not track users across third-party websites and therefore does not respond to Do Not Track (DNT) signals. We do not use tracking cookies or engage in behavioral advertising.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through the EbookVoiceReact application support feature or submit your inquiry through our official communication channels.

Data Controller: EbookVoiceReact is operated from the United Kingdom.

For GDPR-related inquiries (UK/EEA residents): Please clearly mark your communication as "GDPR Request" and specify the nature of your request (access, deletion, correction, etc.).

For California residents: Please include "California Privacy Rights Request" in the subject line of your communication.

UK Information Commissioner's Office: If you are located in the UK and wish to raise a concern about our use of your information, you have the right to do so with the Information Commissioner's Office (ICO). Visit https://ico.org.uk/ for more information.

---

Summary of Key Points

• We collect email, profile information, uploaded ebook content, and usage data
• We use third-party services: Supabase (database), Stripe (payments), Cloudinary (storage), Microsoft (text-to-speech)
• We do not sell your personal information or use tracking/advertising technologies
• You can delete your account and all associated data at any time
• We comply with GDPR, CCPA, and other applicable privacy laws
• Your data is encrypted in transit and protected by security measures
• Contact us with any privacy questions or to exercise your rights

By using EbookVoiceReact, you acknowledge that you have read and understood this Privacy Policy.