Privacy Policy

This policy explains what personal data Bleepia collects, how we use it, and your rights under UK data protection law (UK GDPR).

1. Who we are

Bleepia is the data controller for the personal data described in this policy. If you have questions, contact us through the Contact page.

2. Data we collect

When you create an account we collect your email address, an optional display name, and a securely hashed version of your password. We never store your password in plain text.

We store the authors you follow, your alert preferences, and a record of your consent, including when and how you gave it. We also process basic technical information such as your IP address for security and rate-limiting.

3. How we use your data

We use your data to provide the service: to manage your account, to check for new releases from authors you follow, and to send the alerts you have opted in to. We use technical data to keep the service secure and working.

4. Legal bases

We process your account data to perform our contract with you (providing the service). We send release alerts on the basis of your consent, which you can withdraw at any time. We rely on our legitimate interest in keeping the service secure for limited technical processing.

5. Marketing and consent

Release alerts are opt-in and are never sent without your consent. You can withdraw consent at any time from your account settings or via the one-click unsubscribe link in any alert.

Withdrawing consent does not affect the lawfulness of processing carried out before you withdrew it.

6. Sharing and processors

We do not sell your personal data. We share it only with service providers that help us run Bleepia, under appropriate agreements. These include our database host, email provider, hosting provider, and, where enabled, push notifications.

We query book and author data from Google Books. Your personal data is not shared with them as part of those queries.

7. Cookies

We use a single essential cookie to keep you signed in. It is required for the service to work and is not used for advertising or tracking. We do not currently use non-essential or advertising cookies.

8. Data retention

We keep your account data for as long as your account is active. If you delete your account, we delete or anonymise your personal data, except where we must keep limited records to meet legal obligations.

9. Your rights

Under UK GDPR you have the right to access your data, to correct it, to delete it, to restrict or object to processing, to data portability, and to withdraw consent. To exercise any of these, contact us or use your account settings.

10. Security

We protect your data with measures including password hashing, encrypted connections, and access controls. No system is perfectly secure, but we take reasonable steps to protect your information.

11. International transfers

Some of our providers may process data outside the UK. Where they do, we rely on appropriate safeguards such as standard contractual clauses.

12. Children

Bleepia is not intended for children under 16, and we do not knowingly collect data from them.

13. Changes to this policy

We may update this policy from time to time. We will post the updated version here and, where appropriate, notify you.

14. Complaints

If you have a concern we cannot resolve, you have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.