Privacy notice

We collect what we need to run a reading platform, share it only with the few partners required to deliver the service, never sell it, and give you a one-tap path to delete it.

If the rest of this notice is too long, here is the heart of it:

• We collect your account info, your reading activity, your library, and what you write or post.
• We do not sell your data, run cross-app ad tracking, or train third-party AI models on your manuscripts or private messages.
• Payments are processed by Apple (on iOS), Google (on Android), and Paystack / Flutterwave (on the web). We never see your full card number.
• You can delete your account from inside the app at any time, and we complete the deletion within 30 days.

This notice is written to satisfy the Nigeria Data Protection Act (NDPA) 2023, EU GDPR, UK GDPR, and the privacy expectations of the Apple App Store and Google Play — whichever applies to you.

The data controller for personal information processed through Littory is Littory, headquartered in Lagos, Nigeria. That means we decide what's collected and how it's used.

For privacy questions reach our data protection contact at privacy@littory.app. If we appoint a Data Protection Officer or an EU/UK representative, we will publish the contact details here.

You give us, directly

• Account details — name, email, profile photo, date of birth (so we can verify the 13+ minimum and gate adult content), language, country.
• Author details, if you publish — pen name, bio, payout bank details, and KYC information collected by our payment partners.
• Your content — manuscripts, chapters, covers, audio narration, comments, book-club posts, profile posts, reviews, ratings.
• Reading activity — books you open, chapters you read, reading progress, time spent, highlights, bookmarks, search terms.
• Messages — book-club chat, direct messages with other readers, support tickets.

Collected automatically

• Device & app data — device model, OS version, app version, language, time zone, crash logs, and the IP address used to connect.
• Usage signals — features you use, errors you hit, performance traces. Used to make the reader feel faster and crash less.
• Approximate location — derived from your IP, so we can show local pricing and content. We don't read precise GPS unless you opt in to a feature that needs it.
• Advertising identifiers — none. We don't use the iOS IDFA or Android Advertising ID for tracking.

From third parties

• Sign-in providers — Google and Apple share your name, email (or Apple's private-relay email), and profile picture when you sign in.
• Payment processors — Apple, Google, Paystack, and Flutterwave confirm payment status and share a transaction token (not your card number).

Data Safety summary (Apple & Google labels)

For the App Store and Play Store data labels, the picture is:

• Linked to you: contact info, user content, identifiers (account ID), usage data, diagnostics, purchases.
• Not linked to you: aggregated analytics, anonymised crash reports.
• Used to track you across apps owned by other companies: nothing.

Littory only asks for the device permissions it actually needs, and never reads anything without your consent.

• Notifications — to alert you about book-club replies, new chapters from authors you follow, and account activity. You can turn this off in iOS / Android settings any time.
• Photos / Photo Library — only when you choose a profile picture or upload a book cover. We use the OS's limited-photo picker; we don't read the whole library.
• Camera — only when you take a profile picture or scan a manuscript page.
• Microphone — only when you record audio narration for a book you are publishing. Off otherwise.
• Files / Storage — only when you upload a manuscript file (DOCX, PDF, EPUB) or download a chapter for offline reading.
• Network state — to decide whether to stream or use a cached chapter.

We do not request precise location, contacts, calendar, SMS, call logs, or accessibility services.

We use the data above to:

• Run the Service — sign you in, sync your library, stream books, deliver chat, process coin purchases and author payouts.
• Personalise reading — recommend books based on what you read, surface book clubs you might enjoy, remember where you left off across devices.
• Keep the platform safe — detect fraud, plagiarism, coin abuse, harassment, and bot activity; enforce our content policies; respond to copyright complaints.
• Communicate with you — account notifications, book-club mentions, royalty statements, security alerts, and (if you opt in) product announcements and newsletters.
• Pay authors fairly — attribute reads and unlocks to the right writer so subscription revenue can be split correctly.
• Improve Littory — analyse aggregate trends in reading behaviour, A/B-test interface changes, fix bugs.
• Meet legal obligations — tax reporting on author earnings, responding to law-enforcement requests, accounting, retaining moderation evidence for repeat offenders.

AI features

We use machine learning for a small set of in-product features:

• Book recommendations and discovery.
• Plagiarism and safety screening of uploaded manuscripts during moderation.
• Automated triage of comments and book-club posts that may break policy, before a human reviews them.

We do not feed your manuscripts, private messages, or reading history into third-party generative-AI training pipelines. Authors who knowingly used AI to draft a book are required to disclose it on the book's details page; see the Terms.

Push notifications & marketing

Transactional notifications (chapter releases for books you follow, book-club replies, security alerts) are part of the Service and on by default. You can turn each category off in Settings → Notifications, or disable notifications entirely in your device settings.

Marketing emails (product updates, new author launches) are opt-in. Unsubscribe from any one of them at the bottom of the email.

Legal bases (GDPR / UK GDPR)

Where GDPR or UK GDPR applies, we process your data on the bases of: performance of our contract with you, our legitimate interests in running a safe and high-quality service, compliance with the law, and your consent for anything optional (marketing email, precise location, optional analytics).

We share personal information only with the partners we need to deliver the Service ("sub-processors"), and only the data they need to do their job. The full SDK / sub-processor list below mirrors what we declare in our App Store and Play Store data safety forms.

• Convex — our backend platform (database, file storage, real-time chat, scheduled jobs). United States.
• Apple In-App Purchase — iOS purchases. Apple sees your Apple ID, purchase amount, and product.
• Google Play Billing — Android purchases. Google sees your Google account, purchase amount, and product.
• Paystack — web payments, coin purchases, subscription billing, author payouts, KYC. Nigeria.
• Flutterwave — alternative web payment processing where Paystack isn't the right fit. Nigeria.
• CloudConvert — converting uploaded manuscripts (DOCX, PDF, EPUB) into the formats we serve to readers. Documents pass through and are deleted after conversion.
• Apple Sign In, Google Sign In — authentication.
• Apple Push Notification Service, Firebase Cloud Messaging — delivering push notifications to your device.
• Vercel — hosting for the marketing site and admin portal.
• Transactional email provider — sending account, billing, and security emails (and, if you opt in, newsletters).
• Sentry (or equivalent) — crash and error reporting from the apps. Stack traces, device model, app version, anonymised user ID.
• Privacy-respecting analytics — aggregate usage trends. No cross-app or cross-site tracking.

Beyond sub-processors, we may share data:

• With authors, in aggregate form — they see how many readers reached each chapter, not who you are.
• With law enforcement when we receive a valid legal request, or where disclosure is necessary to protect life or safety.
• With a successor entity if Littory is involved in a merger, acquisition, or sale of assets — and only after we notify you.

What you read, what you highlight, what you bookmark — that is yours. Authors and other readers cannot see your private reading history.

Things you choose to make public are public:

• Reviews and ratings you publish on a book's page.
• Posts and replies in a public book club.
• Reading streaks, badges, or shelves you mark "public" in your profile.

You control these in Settings → Privacy, including whether your profile is discoverable in search.

What we see and don't see

When you buy a subscription, coins, or an audiobook unlock, the checkout happens inside Apple, Google, Paystack, or Flutterwave — never inside Littory's own forms. Littory never receives your full card number, CVV, or banking credentials. We receive the result (succeeded / failed / refunded) and a token we can use to reference the transaction.

Author payouts

Author payouts use Paystack's payout system. To pay you, we share the minimum information Paystack needs (your name, bank account number, BVN where applicable). Paystack acts as a separate data controller for those checks; their privacy notice applies.

We use analytics to understand which features readers actually use, and crash reporting to know when something breaks. Both are configured to collect as little personal data as possible:

• No precise location.
• No advertising identifiers (IDFA / GAID). On iOS, we do not invoke App Tracking Transparency because we don't track you across other apps in the first place.
• No cross-app or cross-site tracking, including no Meta Pixel, no TikTok pixel, no Google Ads conversion tags inside the apps.
• Crash reports include the stack trace, device model, OS version, and an anonymised account ID — never the contents of books or messages.

You can switch off optional analytics in Settings → Privacy → Help improve Littory. Crash reporting stays on, because without it we can't fix bugs that hurt your reading.

Apple's App Tracking Transparency framework requires apps to request permission before tracking users across apps and websites owned by other companies. Littory does not do that, so we don't show you the ATT prompt.

If we ever introduce a feature that would require ATT, we will present the standard system prompt and only enable the feature if you grant permission.

You have the right to:

• Access — get a copy of the personal data we hold about you.
• Correct — fix anything that's wrong.
• Delete — ask us to erase your account and associated data. See Deleting your account.
• Export — receive a portable copy of your library, highlights, and any books you wrote, in a machine-readable format.
• Object — to processing based on legitimate interests, including recommendations and analytics.
• Withdraw consent — for anything you opted into, like marketing email or precise location.
• Complain — to the Nigeria Data Protection Commission, or to your local supervisory authority in the EU/UK, if you think we've mishandled your data. We'd rather you tried us first at privacy@littory.app.

We respond to verified rights requests within 30 days. If a request is unusually complex, we may extend that by up to two months and tell you why.

You can delete your Littory account, and the personal data we hold about you, in two ways:

From inside the app

1. Open the Littory app.
2. Go to Settings → Account → Delete account.
3. Confirm in the prompt.

From the web

Email privacy@littory.app from the address on your account with the subject line "Delete my account", and we'll do it. If your account email is no longer accessible, we'll ask one or two questions to verify it really is you.

What gets deleted

• Your profile, profile photo, settings, and account credentials.
• Your private reading data — library, highlights, bookmarks, search history, reading progress.
• Your direct messages, book-club chat history, comments, and reviews (or these are anonymised if removing them would destroy other readers' threads).
• Books you authored, unless you ask us to leave a specific work available under a pseudonym.
• Unused coin balances.

What we have to retain (and for how long)

• Financial records (coin purchases, payouts) — kept for the period required by Nigerian tax and accounting law (currently 6 years from the end of the relevant tax year).
• Moderation evidence for accounts terminated for serious policy violations — kept long enough to identify repeat attempts, then anonymised.
• Aggregated, anonymised analytics derived before deletion — kept indefinitely.

We complete deletion within 30 days of the request, and confirm it by email when it's done.

• Active accounts — for as long as the account is open.
• Reading activity — kept while your account is open so we can sync across devices and improve recommendations. Anonymised when the account is closed.
• Closed accounts — deleted within 30 days, except for data we are legally required to keep (see Deleting your account).
• Financial records — 6 years.
• Moderation records — long enough to identify repeat policy violations, then anonymised.
• Books you publish — kept as part of the catalogue until you unpublish them.

Littory is not for under-13s. We do not knowingly collect personal data from children under 13. The minimum-age check at sign-up enforces this, and we do not market the app to children.

If you are a parent or guardian and believe a child has signed up, email privacy@littory.app — we'll close the account and delete the data.

Some books on Littory are intended only for readers 18+. Where that is the case, an age confirmation is required before the book opens.

Our sub-processors (Convex, Vercel, Sentry, the payment providers, the email provider) operate data centres in multiple regions, including the United States and the European Union. When we transfer personal data out of Nigeria or the EU/UK, we rely on the safeguards accepted by the relevant law — Standard Contractual Clauses, the EU adequacy framework, or equivalent.

On request we will tell you which region your data sits in, and which safeguards apply.

We protect your data with industry-standard measures: encryption in transit (TLS 1.2+), encryption at rest in our database and object storage, strict access controls for staff, principle of least privilege, and regular review of our authentication and authorisation logic.

No system is perfectly secure. If a breach affects your personal data in a way that creates real risk, we'll tell you and the relevant regulator within the timeframes the law requires.

Found a vulnerability? Please report it to security@littory.app rather than disclosing it publicly.

The marketing site at littory.app uses only what we need: a session cookie if you log in to the admin portal, and lightweight analytics to count visits without fingerprinting you.

Inside the Littory app, we use local device storage for things like your reading progress, cached covers, and offline chapters. That is on your device; it is not "tracking".

Where the law requires it (EU/UK in particular), we ask for your consent before any non-essential cookies or trackers run.

If we change this notice in a way that materially affects your rights or what we do with your data, we'll tell you in-app or by email at least 14 days before the change takes effect. Minor editorial changes get a new "Last updated" date at the top.

For anything privacy-related:

• Email — privacy@littory.app
• Postal — Littory, Lagos, Nigeria

A human reads every message. We aim to reply within five working days.