Privacy Policy

Effective: May 29, 2026

Vellicor ("we", "us", "our") is an app that lets you rank, review, and share the books you read. We take your privacy seriously and only collect what we need to make the app work. This policy explains what data we collect, why, and what control you have over it.

What we collect

Information you give us

Account information: email address, display name, username, optional bio, optional profile photo
Reading data: book rankings, sentiments, notes, reviews, shelves, recommendations, reading progress, custom labels
Social activity: who you follow, who follows you, your follow requests, your blocks
Messages: direct messages you send to other users, posts in book clubs you join
Lending activity: books you mark as lendable, borrow requests, returns
Subscription state: whether you have an active Vellicor Premium subscription (verified via Apple's App Store Server API)

Information collected automatically

Device tokens for Apple Push Notifications (so we can notify you of activity)
Diagnostic data: crash reports and performance metrics via Sentry to help us fix bugs
Product usage analytics: actions you take in the app (sign in, rank a book, follow a user, etc.) via PostHog, associated only with your account once signed in
Standard server logs: timestamps and request metadata from your interactions with our servers

We do not collect: precise location, contact list, photo library (beyond images you choose to upload), microphone, advertising identifiers, or any data for cross-app or cross-site tracking.

How we use your data

To run the core app: show your rankings, deliver messages, render your social graph
To send notifications you've consented to (follows, likes, comments, club discussions, direct messages, borrow requests)
To enforce Vellicor Premium entitlements
To improve the app via aggregated, anonymized usage patterns
To debug crashes and errors
To comply with legal obligations

We do not use your data for advertising, sell it to third parties, or share it with data brokers.

Third-party services

We rely on a small set of carefully chosen vendors. Each has access only to what it needs:

Supabase (database + authentication + push relay): stores all your account data
Apple (sign-in, push notifications, in-app purchases): handled by Apple's iOS APIs; subject to Apple's Privacy Policy
Google Books, Open Library, Hardcover: queried for book metadata and cover images; we send your search queries but not your account identity
PostHog: receives anonymized product analytics events
Sentry: receives crash reports and performance traces, with IP and user-agent scrubbing enabled

We do not authorize any of these vendors to use your data for their own advertising or to share it with their customers.

Your rights and controls

Export your data

In the app: Settings → Data → Export Data. Generates a text file with your profile, all rankings, notes, and reading data. You can save or share it.

Delete your account

In the app: Settings → Delete Account → Delete Everything. This permanently and immediately removes:

Your account and authentication record
Your profile, rankings, shelves, reviews, notes, and labels
Your follow graph, blocks, and messages you sent
Your subscription record (note: this does not cancel an active Apple subscription — manage that in Settings → [your Apple ID] → Subscriptions)
Your device push tokens
All other data tied to your account

Deletion is final. We do not retain a recoverable copy.

Block users

Settings → Blocked Users. Blocking is bidirectional — blocked users cannot see your content, you cannot see theirs, anywhere in the app.

Adjust privacy settings

Settings → Privacy. Toggle profile visibility, reading activity sharing, and whether friends can see your rankings.

Adjust notifications

Settings → Notifications, or iOS Settings → Notifications → Vellicor.

Data retention

Active accounts: data is kept as long as your account exists.
Deleted accounts: data is removed immediately upon deletion. Aggregated analytics events may persist in a non-identifiable form.
Diagnostic data: Sentry crash reports are retained for 90 days. PostHog product analytics are retained per their default policy.
Server logs: rolled and purged on a 30-day basis.

Security

We use industry-standard practices to protect your data:

All traffic between the app and our servers is encrypted in transit (TLS 1.2+)
Sensitive credentials (API keys, signing keys) are stored only in server-side secrets, never in the app binary
Database access is gated by row-level security policies that enforce per-user data isolation
Subscription verification is performed server-side against Apple's cryptographically signed StoreKit JWS payloads

No system is perfectly secure, but we treat your data the way we'd want ours treated.

Children

Vellicor is intended for users 13 years of age or older. We do not knowingly collect personal information from anyone under 13. If you believe we have inadvertently collected such data, please contact us and we will delete it.

Changes to this policy

We may update this policy from time to time. Material changes will be announced in-app or via email. Continued use of Vellicor after a change means you accept the updated policy.

Contact

Questions about your data, this policy, or your rights?

Email: support@vellicor.com

For data subject requests (access, correction, deletion, portability) under GDPR, CCPA, or similar laws, please email the address above and we will respond within the time required by applicable law.