← Back

Privacy Policy

Effective February 25, 2026

Zero-Knowledge Design: BookSeek never stores your email address or phone number in plaintext. Your contact information is encrypted on your device before it is sent to our servers. We can only read it when delivering a specific message to you (e.g., a magic link or a contact unlock).

1. What We Collect

  • Encrypted contact — Your email (or phone, in future) encrypted with libsodium on your device. We store only the ciphertext and a SHA-256 hash for lookups. The plaintext is never stored.
  • Listing data — Title, author, condition, description, price, and images you provide when posting a book.
  • Transaction records — Credit purchases, listing fees, and unlock events (no payment card data — Stripe handles that).
  • Reputation data — Review counts and sales totals associated with your anonymous account hash.
  • Server logs — Standard web server logs (IP addresses, timestamps, request paths) retained for up to 30 days.

2. How We Use Your Data

  • To send magic link login emails
  • To notify you of inquiries on your listings
  • To deliver a seller's contact details when you pay to unlock them
  • To process credit purchases via Stripe
  • To enforce platform rules (moderation, anti-spam)

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Third-Party Services

We use the following services which may process your data:

  • Stripe — Payment processing. Stripe stores your payment method and issues transaction records. See Stripe's Privacy Policy.
  • Resend — Transactional email delivery. Your email address is decrypted only long enough to pass it to Resend for delivery, then discarded from memory.
  • Vercel — Hosting and edge infrastructure. Your IP may appear in Vercel's access logs.
  • Neon — PostgreSQL database hosting (encrypted at rest).
  • OpenAI — Listing content moderation. Listing title and description (no personal data) may be sent to OpenAI's moderation API.

4. Cookies and Sessions

We use a single httpOnly cookie (bs_session) to maintain your login session. It contains a signed JWT with your anonymous account hash — no personal information. Session cookies expire after 30 days.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

5. Data Retention

  • Active account data is retained as long as you use the platform.
  • Closed listings are retained for 90 days, then soft-deleted.
  • Credit transaction records are retained for 7 years (financial compliance).
  • Server logs are retained for up to 30 days.

6. Your Rights

You have the right to:

  • Request a copy of data associated with your account
  • Request deletion of your account and associated data
  • Opt out of non-essential communications

Because contacts are stored only as encrypted blobs + hashes, we cannot identify you by email without your active participation (you must request a magic link to prove identity).

7. Security

Contact information is encrypted client-side using libsodium sealed boxes before transmission. Our servers store only ciphertext. All connections use HTTPS/TLS. Database storage is encrypted at rest.

8. Children's Privacy

BookSeek is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us information, please contact us for removal.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify active users of material changes via email. Continued use after changes constitutes acceptance.

Terms of Service