Privacy Policy

1. Information We Collect

At BookVault, we collect information to provide better services to all our users. We collect information in the following ways:

1.1 Information You Provide

Account Information: Name, email address, password, profile picture, and other registration details.
Payment Information: Payment method details, billing address, and transaction history (processed securely via Paystack).
Profile Information: Bio, preferences, wishlist, and reading history.
Seller Information: Bank account details, tax information, and business details for sellers.
Communications: Support tickets, feedback, and messages sent through our platform.

1.2 Information Automatically Collected

Usage Data: Pages visited, time spent, features used, and reading progress.
Device Information: IP address, browser type, operating system, and device identifiers.
Location Data: Approximate location based on IP address for regional compliance.
Cookies & Similar Technologies: We use cookies to remember preferences and analyze usage.

2. How We Use Your Information

We use your personal information for the following purposes:

📖 Provide Services
Process purchases, deliver ebooks, manage library, and handle downloads.

💰 Process Payments
Securely process transactions, issue refunds, and calculate seller commissions.

🔒 Account Security
Protect against fraud, unauthorized access, and suspicious activity.

📧 Communication
Send order confirmations, support responses, and important updates.

📊 Improve Platform
Analyze usage patterns, fix bugs, and enhance user experience.

⚖️ Legal Compliance
Comply with applicable laws, regulations, and court orders.

3. Information Sharing & Disclosure

We do not sell your personal information. We share information only in these limited circumstances:

Service Providers: Payment processing (Paystack), cloud hosting (Firebase/Google Cloud), and email delivery services.
Ebook Sellers: Purchase information is shared with sellers to fulfill orders and calculate commissions.
Legal Requirements: When required by law, court order, or to protect rights and safety.
Business Transfers: In case of merger, acquisition, or asset sale (with notice to users).
With Your Consent: When you explicitly authorize sharing.

4. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. You can control cookies through your browser settings.

Cookie Type	Purpose	Duration
Essential Cookies	Authentication, security, and core functionality	Session / Persistent
Preference Cookies	Remember language, theme, and reading preferences	1 year
Analytics Cookies	Understand how users interact with our platform	Up to 2 years
Marketing Cookies	Personalized recommendations and affiliate tracking	90 days

5. Data Security

We implement industry-standard security measures to protect your personal information:

Encryption: All data transmitted is encrypted using TLS/SSL protocols.
Access Controls: Strict role-based access to personal data.
Regular Audits: Security assessments and vulnerability scans.
Secure Storage: Firebase Security Rules and Firestore encryption at rest.
Payment Security: Paystack handles payments - we never store full payment credentials.

While we strive to protect your data, no method of transmission is 100% secure. We encourage you to use strong passwords and enable two-factor authentication.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

🔍 Right to Access
Request a copy of your personal data.

✏️ Right to Rectify
Correct inaccurate or incomplete information.

🗑️ Right to Delete
Request deletion of your account and data.

⛔ Right to Restrict
Limit how we use your information.

📤 Right to Portability
Receive your data in a machine-readable format.

🚫 Right to Opt-Out
Unsubscribe from marketing communications.

GDPR (Europe): We process data based on legitimate interests, contract performance, and consent. You have the right to lodge a complaint with your local supervisory authority.

CCPA (California): California residents have the right to know what personal information is collected, request deletion, and opt-out of "sales" (we do not sell data).

7. Children's Privacy

BookVault is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

8. International Data Transfers

Your information may be transferred to and processed in countries where our servers operate (including the United States). We ensure appropriate safeguards are in place, including Standard Contractual Clauses for EU data transfers.

9. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. After account deletion, we retain limited data for legal compliance (e.g., transaction records for 7 years). You can request complete deletion as permitted by law.

Active Accounts: Data retained while account is active.
Deleted Accounts: Data anonymized within 30 days of deletion request.
Transaction Records: Retained for 7 years for tax/legal purposes.
Support Tickets: Retained for 2 years after resolution.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Posting the updated policy on this page with a new "Last Updated" date.
Sending an email notification to registered users.
Displaying a notice within the platform.

We encourage you to review this policy periodically. Your continued use of BookVault after changes constitutes acceptance of the updated policy.

Privacy Policy | BookVault