Privacy matters. Here's the honest truth about your data.
We only collect what we need to make Inside Story work. We don't sell your information. We don't spam you. We don't do anything creepy.
This policy explains exactly what data we collect, why we need it, and how we protect it.
Quick Facts
- ✓We collect minimal data (email, name, reading preferences)
- ✓You control your profile and book uploads
- ✓We use cookies for essential platform functions only
- ✓We don't sell or rent your data to third parties
- ✓You can download or delete your data anytime
- ✓Stripe handles payments (we never see your full card details)
1. Who We Are
Data Controller: Rachel Graham (trading as Inside Story)
Contact: support@insidestory.app
2. What Information We Collect
Information You Give Us Directly
| What We Collect | Why We Need It |
|---|---|
| Email Address | To create your account, send notifications, reset passwords, send magic links for passwordless login |
| Name | To personalize your profile and identify you to authors/readers |
| Reading Preferences | To match readers with books they'll love |
| Profile Bio (Optional) | To let you share more about yourself with the community |
| Profile Photo (Optional) | To personalize your profile |
| Book Files & Covers | For authors to share their work with readers (beta reads, ARCs, reader magnets, promotional books) |
| Feedback & Comments | To provide authors with reader insights and for platform improvements |
| Reviews | To display on author campaigns and potentially use in marketing (with permission) |
| Payment Information | Processed securely through Stripe (we never see full card details) |
Information We Collect Automatically
| What We Collect | Why We Need It |
|---|---|
| Reading Analytics | Progress tracking, time spent, drop-off points (for author insights) |
| IP Address | Security, spam prevention, approximate location for book matching |
| Device & Browser Info | To optimize the platform for different devices |
| Activity Data | Books browsed, campaigns joined, badges earned (for personalization) |
| Cookies | To keep you logged in and remember your preferences |
3. How We Use Your Information
We use your data to:
- Provide the Service: Create accounts, deliver books, display profiles, send magic links
- Personalize Your Experience: Recommend books, track reading progress
- Connect Authors & Readers: Match books with interested readers, distribute beta reads/ARCs/reader magnets
- Process Payments: Handle subscriptions through Stripe
- Send Important Updates: Account notifications, new features, system messages
- Improve Inside Story: Analyze how people use features (aggregate data only)
- Prevent Abuse: Stop spam, detect fraud, enforce our terms
- Provide Support: Help when you contact us with questions
- Marketing & Promotion: Use reader reviews/feedback in testimonials (with permission), showcase platform features with user content examples (with permission for extensive use)
4. Who We Share Your Information With
We don't sell your data. Period.
Here's Who Can See Your Data:
Other Users (Limited):
- Authors see reader names, reading progress, and feedback you provide
- Readers see author profiles and book information
- You control what's visible on your public profile
Stripe (Payment Processor):
- Securely handles payment information
- We only receive confirmation of successful payments
- See Stripe's Privacy Policy
Service Providers:
- Hosting companies (to keep the site running)
- Email service providers (to send notifications and magic links)
- These companies only access data needed to provide their service
Legal Obligations:
- If required by law, court order, or to protect safety
- To enforce our Terms & Conditions
5. How We Protect Your Data
We take security seriously:
- Encryption: Passwords are securely hashed and data is transmitted over HTTPS
- Magic Link Security: Temporary, expiring links for passwordless authentication
- Access Controls: Limited team access to user data
- Regular Updates: We keep our systems patched and secure
- Monitoring: We watch for suspicious activity
- Secure Hosting: Your data is stored with reputable providers
However: No system is 100% secure. While we do our best, we can't guarantee absolute security. Use a strong password (if using password auth) or keep your email account secure (if using magic links), and don't share your login credentials.
6. Cookies & Tracking
What Cookies We Use
- Essential Cookies: Keep you logged in, remember your settings (required for the platform to work)
- Analytics Cookies: Help us understand how people use Inside Story (we use our own analytics, not third-party tracking)
What We DON'T Do
- We don't use advertising cookies
- We don't share cookie data with advertisers
You can control cookies through your browser settings, but disabling essential cookies will break the platform.
7. Your Rights & Choices
Access Your Data
You can view most of your data in your account settings. For a complete data export, email us at support@insidestory.app.
Update Your Data
Edit your profile, bio, preferences, and uploaded content anytime through your account.
Delete Your Data
You can delete your account through settings. When you do:
- Your profile becomes inaccessible immediately
- Your books and campaigns are removed
- We keep some data for legal/accounting purposes (30-90 days)
- Anonymous analytics data may remain
Opt Out of Emails
You can unsubscribe from marketing emails anytime. We'll still send essential account emails (password resets, magic links, billing notices).
Download Your Data
Request a copy of your data in a portable format. We'll provide it within 30 days.
Object to Processing
If you believe we're using your data inappropriately, contact us and we'll review your concerns.
8. How Long We Keep Your Data
| Data Type | Retention Period |
|---|---|
| Active Accounts | Until you delete your account |
| Deleted Accounts | 30 days (then permanently removed) |
| Payment Records | 7 years (legal requirement for accounting) |
| Uploaded Books | Until author deletes them or closes account |
| Analytics Data | Aggregate data kept indefinitely (anonymized) |
| Support Communications | 3 years |
9. Children's Privacy
Inside Story is for users aged 16 and older. We don't knowingly collect data from anyone under 16.
If we discover a user is under 16, we'll delete their account and data immediately.
If you're a parent and believe your child has created an account, contact us at support@insidestory.app.
10. International Users
Inside Story welcomes users worldwide. Your data may be transferred to and stored in New Zealand.
By using Inside Story, you consent to this transfer. We protect your data according to this privacy policy regardless of where you're located.
11. Third-Party Links
Inside Story may contain links to other websites (like author social media or book retailers). We're not responsible for their privacy practices.
When you leave Inside Story, read the privacy policy of the site you're visiting.
12. Changes to This Policy
We'll update this policy occasionally as Inside Story evolves. When we do:
- We'll update the "Last Updated" date at the top
- For significant changes, we'll email you
- The new policy takes effect immediately upon posting
We encourage you to review this policy periodically.
13. Your Privacy Rights
Depending on where you live, you may have additional rights including:
- Right to know what personal information we collect and how we use it
- Right to access, correct, or delete your personal information
- Right to opt out of data sales (we don't sell data)
- Right to data portability
- Right to object to certain data processing
- Right to withdraw consent
To exercise any privacy rights, email us at support@insidestory.app with "Privacy Request" in the subject line.
If you're in the EU/EEA, you also have the right to lodge a complaint with your local data protection authority.
14. Data Breaches
In the unlikely event of a data breach that affects your personal information:
- We'll investigate immediately
- We'll notify affected users within 72 hours
- We'll explain what happened, what data was affected, and what we're doing about it
- We'll report to relevant authorities as required by law
15. Contact Us About Privacy
Questions, concerns, or requests about your privacy?
Email: support@insidestory.app
Subject Line: "Privacy Request"
We'll respond within 5 business days.
By using Inside Story, you agree to this Privacy Policy and our Terms & Conditions.
Last Review Date: November 24, 2025
Next Scheduled Review: May 2026