The Living Library

Privacy Policy

Last updated: April 2026

Who we are

The Living Library ("the Service") is operated by Nexlify Studios Ltd, a company registered in England and Wales with its registered office at 128 City Road, London, United Kingdom, EC1V 2NX. For the personal data described in this Policy, Nexlify Studios Ltd is the data controller and is responsible for deciding how it is processed. You can reach us at jasonplant44@gmail.com.

What we collect

  • Account info — email address and display name when you sign up.
  • Recent book data — book titles and authors you open, used to show your recent conversations. We do not store your message transcripts.
  • Billing info — handled securely by Stripe. We never see or store your card details; we receive only the subscription status, plan, and customer identifiers we need to grant access.
  • Usage data — basic counters (e.g. number of replies) used for limits and improvements.
  • Technical data — IP address, device and browser information collected automatically to keep the Service secure and reliable.

How we use it

We use your information to:

  • Provide and personalize the Service.
  • Generate AI responses. Your messages are sent to AI providers only as needed to produce the reply.
  • Process payments and manage subscriptions.
  • Communicate with you about your account or important updates.
  • Detect abuse, prevent fraud, and improve reliability.

Legal basis for processing

Where data protection law applies (such as the UK GDPR or EU GDPR), we rely on the following legal bases:

  • Performance of a contract — to create your account, deliver the Service, and process subscription payments.
  • Legitimate interests — to keep the Service secure, prevent abuse, debug issues, and improve the product — balanced against your rights and expectations.
  • Consent — for any optional communications you have specifically opted into. You can withdraw consent at any time.
  • Legal obligation — to comply with tax, accounting, and other legal requirements.

Who we share with

We share data only with trusted recipients needed to run the Service:

  • Hosting and database providers — to store your account, subscription status, usage counters, and recent book metadata.
  • AI model providers — to generate the responses you see, on a per-request basis.
  • Stripe — for checkout, subscription management, payments, invoicing, and refunds.
  • Professional advisers — such as accountants or lawyers, where reasonably necessary.
  • Authorities — where required by law, regulation, or valid legal process.

We do not sell your personal data.

International transfers

Some of our service providers are based outside the UK and EEA. When we transfer your data internationally, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or equivalent UK transfer mechanisms.

Security

We use appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS/HTTPS), encryption at rest for sensitive fields, strict access controls, row-level security on user data, principle of least privilege for staff and systems, and regular review of our infrastructure. No system is perfectly secure, but we work continuously to keep your information safe.

Cookies and local storage

We use cookies and similar browser storage strictly to operate the Service: keeping you signed in, remembering your theme preference, and storing your recent conversations locally in your browser. We do not use third-party advertising or cross-site tracking cookies. You can clear cookies and local storage at any time from your browser settings.

Your rights

Depending on your location, you may have the right to access, correct, delete, restrict, port, or object to our processing of your personal data, and to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local data protection authority (in the UK, the Information Commissioner's Office). To exercise any of these rights, email jasonplant44@gmail.com and we will respond within one month.

Data retention

We retain account data, subscription status, usage counters, and recent book metadata for as long as your account is active. We do not store message transcripts. When you delete your account, we delete or anonymize your data within a reasonable timeframe, except where we are legally required to retain it (for example, billing records for tax purposes).

Changes

We may update this Policy from time to time. Material changes will be posted here with a revised "Last updated" date.

Contact

Questions about your privacy? Reach Nexlify Studios Ltd at jasonplant44@gmail.com.

← Back to the library