Privacy Policy for Shelfie
Effective Date: December 22, 2025
1. Introduction and Data Controller
This Privacy Policy describes how Shelfie (“we,” “our,” or “the App”) collects, uses, and handles your personal information. The responsible data controller for this application is:
- Owner: Wouter Schong
- Contact: support@shelfie-app.com
- Domain: shelfie-app.com
2. Information We Collect via Google OAuth
Shelfie uses Google OAuth (facilitated by Supabase Auth) as its primary authentication method. When you sign in with Google, we request access to the following non-sensitive information:
Email Address: Used as your unique account identifier and for essential service notifications.
Full Name: Used to personalize your dashboard and identify you as a contributor in shared collections.
Profile Picture (Avatar) URL: Used to display your user icon within the application's interface and contributor lists.
3. Google Limited Use Disclosure
Shelfie's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not sell your personal data or your Google user data to third parties.
4. How We Use Your Data
We use the data retrieved from Google to:
- Authenticate and Authorize: Provide secure access to your personal book collections.
- Collaborate: Display your name and avatar to other users when you participate in a GROUP Shelfie.
- Public Display: If you explicitly set a shelfie to “Public,” your name and avatar will be visible to anyone who accesses that shelfie's public link.
- Infrastructure: We process this data using Vercel (for application hosting) and Supabase (for database storage).
5. Data Storage, Location, and Security
European Union Hosting: To ensure high standards of data protection, our application is hosted on Vercel servers located in the European Union (EU).
Database: All user profile data and collection items are stored in a Supabase (PostgreSQL) project, also hosted within the European Union (EU).
Security: We use Row Level Security (RLS) and JWT-based authentication to ensure that your private data is only accessible to you.
6. Cookies and Tracking
We use essential cookies strictly for maintaining your authentication session with Supabase. We do not use third-party tracking or advertising cookies.
7. Data Retention and Deletion
Your data is retained as long as your account exists.
Deletion: You may delete your account at any time via the “Profile Settings” or by contacting support.
Effect: Deletion permanently removes your profile and all associated data (books, ratings, and reviews) from our EU-based servers.
8. Contact Information
For any questions regarding your privacy, please contact Wouter Schong at support@shelfie-app.com.