Privacy Policy

Last updated: May 4, 2026

1. Introduction

Welcome to Spines ("we," "our," or "us"). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our book recognition service.

2. Age Restriction

Our service is intended for users who are 18 years of age or older. By using Spines, you represent that you are at least 18 years old. We do not knowingly collect information from individuals under 18.

3. Information We Collect

3.1 Information You Provide

  • Account Information: Email address, username, and password when you create an account
  • Profile Data: Username, avatar selection, and profile preferences
  • Uploaded Images: Bookshelf photographs you upload for book recognition analysis
  • User-Generated Content: Collections, tags, notes, and other content you create

3.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, search queries, and interaction patterns
  • Device Information: Browser type, operating system, and device identifiers
  • Analytics Data: Collected via PostHog to improve our service and user experience

4. How We Use Your Information

We use the collected information for the following purposes:

  • To provide and maintain our book recognition service
  • To analyze uploaded bookshelf images and identify books using AI technology
  • To create and manage your user account and profile
  • To personalize your experience and deliver relevant content
  • To communicate with you about service updates and features
  • To improve our service through analytics and usage patterns
  • To detect, prevent, and address technical issues and security concerns
  • To comply with legal obligations

5. Email Communications

We may send you emails in the following categories:

5.1 Marketing & Promotions (Opt-in)

Special offers, community highlights, and promotional content. These emails require your explicit consent and are not sent by default. You can opt in during signup or later in your email settings.

5.2 Feature Updates (Opt-in)

Product updates, new features, and service announcements. These emails require your explicit consent and are not sent by default.

5.3 Activity Notifications (Opt-out)

Notifications about activity on your collections, such as when someone likes, shares, or suggests books for your collections, or when your collections reach milestones. These are enabled by default as they relate directly to your content on the service. You can disable them in your Email Settings.

5.4 Activity Digests (Opt-out)

Weekly or daily summaries of activity on your collections. These are enabled by default to keep you informed about engagement with your content. You can change the frequency or disable digests in your Email Settings.

5.5 Managing Your Preferences

You can manage all email preferences in your Email Settings. Every marketing email includes a one-click unsubscribe link that works without requiring you to log in, in compliance with CAN-SPAM and GDPR regulations.

6. Personal Items in Images

While our service focuses solely on identifying books visible in uploaded bookshelf images, we recognize that personal items may inadvertently appear in photographs. Our moderation team actively reviews all uploads and applies privacy blur to obscure personal documents and other sensitive items before images are made public. However, if you notice personal items visible in an image on our website that you would like hidden, you can request a second review through your dashboard. When submitting a review request, please describe the specific items and their locations within the image, and our team will apply additional privacy protection as needed.

7. Third-Party Services

We share your information with the following third-party service providers:

7.1 Supabase

We use Supabase for database hosting, user authentication, and file storage. Your account information, uploaded images, and user-generated content are stored on Supabase's secure infrastructure.

7.2 Google Vision API

Uploaded bookshelf images are processed using Google Vision API for optical character recognition (OCR) and text detection. Google may process these images according to their own privacy policy.

7.3 PostHog

We use PostHog for product analytics to understand how users interact with our service. With your consent, PostHog collects usage data including page views, feature usage, and user interactions. You can manage your analytics preferences through our cookie settings.

7.4 Microsoft Clarity

With your consent, we use Microsoft Clarity for session recordings and heatmaps to understand user experience. Clarity helps us identify usability issues and improve our interface. Clarity does not collect personal information like names, emails, or payment details. You can manage your preferences through our cookie settings.

7.5 Google OAuth

We offer Google sign-in as an authentication option. When you sign in with Google, we receive your email address and basic profile information (name and profile picture) to create and manage your account. We do not receive or store your Google password. Google's use of your information is governed by Google's Privacy Policy.

7.6 Meta/Facebook OAuth

We offer Facebook sign-in as an authentication option. When you sign in with Facebook, we receive your email address and basic profile information to create and manage your account. We do not receive or store your Facebook password. You can remove our app's access to your Facebook data at any time through Facebook's Settings → Apps and Websites. When you remove our app, we will delete your data as described in our Data Deletion section below. Meta's use of your information is governed by Meta's Privacy Policy.

7.7 Resend

We use Resend for email delivery services. When we send you emails (such as notifications, digests, or marketing communications), your email address is processed by Resend to deliver these messages. Resend may collect delivery metrics such as whether emails were opened or bounced. Resend's use of your information is governed by Resend's Privacy Policy.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

9. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy.

Account Deletion

You may delete your account at any time through your Profile Settings. Upon deletion:

  • Your personal information (profile data, email, username) is permanently removed
  • Your reading lists, comments, likes, and votes are permanently deleted
  • Collections and personas you created are anonymized and preserved for community benefit, with all personal attribution removed

You may also request complete data deletion by contacting us directly at support@getspines.com.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion (Right to be Forgotten): Delete your account and personal data through Profile Settings, or request complete deletion by contacting us
  • Portability: Request transfer of your data to another service
  • Objection: Object to certain processing of your personal information

To exercise these rights, you can manage your account through Profile Settings or contact us at privacy@getspines.com

11. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience and understand how our service is used. When you first visit our site, you will see a cookie consent banner where you can choose which types of cookies to accept.

11.1 Types of Cookies We Use

Essential Cookies (Required)

These cookies are necessary for the website to function properly. They enable core functionality such as authentication, security, and accessibility. Essential cookies cannot be disabled.

  • Authentication session cookies
  • Security tokens
  • Cookie consent preferences

Analytics Cookies (Optional)

With your consent, we use analytics cookies to understand how visitors interact with our website. This helps us improve our service and user experience.

  • PostHog: Collects page views, feature usage, and user interactions to help us understand usage patterns
  • Microsoft Clarity: Provides session recordings and heatmaps to identify usability issues (does not record keystrokes or sensitive data)

Marketing Cookies (Optional)

These cookies would be used for advertising purposes. We currently do not use marketing cookies, but may in the future with your consent.

Preference Cookies (Optional)

These cookies remember your settings and preferences to provide enhanced, personalized features across visits.

11.2 Managing Your Preferences

You can manage your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of any page. You can also adjust your preferences through your browser settings. Note that blocking certain cookies may impact your experience on our site.

11.3 Google Consent Mode

We implement Google Consent Mode v2 to ensure your privacy preferences are respected across all tracking technologies. When you update your cookie preferences, these changes are immediately communicated to all integrated services.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: privacy@getspines.com