Privacy Policy
Last updated: March 22, 2026
The operator of BlueReader (“we”, “us”, or “our”) sets out this Privacy Policy (“Policy”) to explain how we handle personal information and other user information in connection with BlueReader (the “Service”).
1. Basic Policy
We comply with applicable privacy laws, regulations, and guidelines, and we handle personal information and user information appropriately in providing the Service.
2. Information We Collect
We may collect the following information in connection with the Service.
(1) Information you register or provide
- Name, display name, email address, profile image, and other information entered when you create an account or configure your profile
- Inquiry details and information provided to verify your identity
- Any other information you enter, send, or otherwise provide through the Service
(2) Information obtained through Google OAuth
When you log in or connect using a Google Account, we may obtain the following information from Google within the scope you authorize.
- A unique identifier associated with your Google Account
- Email address
- Display name and profile image
- Other information required for authentication or account linking
(3) Information stored in the Service
- Books, documents, uploaded files, and other data you store in the Service
- Notes, highlights, bookmarks, reading positions, settings, and other information you create or save in the Service
(4) Information related to paid features
- Subscription plan, subscription status, billing status, payment status, renewal status, cancellation status, and other information required to provide paid features
- Credit card numbers and other payment credentials may be collected and managed directly by Paddle, our payment processor, rather than by us
(5) Information collected automatically
- IP address
- Cookies, local storage identifiers, advertising identifiers, and similar identifiers
- Device information, operating system information, browser information, and language settings
- Access date and time, access history, browsing history, and operation history
- Log information, error information, crash information, and communication records
- Information generated or collected for advertising delivery, measurement, analytics, and related purposes
3. How We Collect Information
We collect information through the following methods.
- Information you input, upload, send, or configure
- Authentication and account linking through Google OAuth and other external services
- Automatic collection arising from your use of the Service
- Cookies, SDKs, analytics tools, log collection tools, and similar technologies
- Notices or integrations from payment processors, authentication providers, advertising providers, and other service providers or partners
4. Purposes of Use
We use collected information for the following purposes.
- To accept registrations, verify identity, authenticate logins, and manage accounts
- To provide, maintain, and improve features such as ebook reading, document handling, notes, bookmarks, and synchronization
- To display, synchronize, store, recover, and support data you save in the Service
- To provide paid features, process billing, verify payments, manage recurring billing, prevent fraud, and manage subscriptions
- To respond to inquiries, send important notices, and provide user support
- To analyze usage, improve quality, develop new features, and investigate issues
- To detect, investigate, and respond to fraud, Terms of Use violations, security incidents, and other improper use
- To deliver advertising, measure advertising effectiveness, optimize display, and show more relevant advertising
- To comply with law, protect rights, and operate the Service appropriately
5. Sharing with Third Parties
Except where permitted by law, we do not provide personal data to third parties without the consent of the individual concerned.
However, if you use services, products, functions, or campaigns involving external service providers, business partners, or other third parties, we may provide order information, contract information, account identifiers, and other related data to those third parties to the extent necessary for the relevant transaction or integration. In such cases, the handling of information by those third parties is subject to their own terms, privacy policies, and other applicable conditions.
When you make a payment, order, contract, or payment-related information may be shared with payment processors, card issuers, and other payment-related parties for fraud detection, fraud prevention, identity verification, and payment processing.
We may create anonymized information or statistical information in accordance with applicable law and may provide or sell such information to third parties. If we provide or sell anonymized information, we will disclose the categories of information included and the method of provision as required by law.
The above does not apply where:
- disclosure is required by law;
- disclosure is necessary to protect life, body, or property and obtaining consent is difficult;
- disclosure is particularly necessary to improve public health or promote the sound development of children and obtaining consent is difficult;
- cooperation with a national or local government authority, or a party entrusted by such authority, is necessary to perform duties prescribed by law and obtaining consent could interfere with that performance;
- disclosure is made in connection with outsourcing described in Section 6; or
- disclosure is made in connection with a business succession or change in the operating entity of the Service where permitted by law.
6. Outsourcing
We may entrust all or part of the handling of personal data to external service providers to the extent necessary for operation of the Service. In such cases, we will appropriately select those providers and exercise necessary and appropriate supervision through contracts or other measures.
7. External Services
We may use the following external services in providing the Service.
As a result of using external services, we may provide user data to the relevant service providers to the extent necessary for such integration or outsourcing. The handling of information by those providers is subject to their own terms, privacy policies, and other applicable conditions.
(1) Google OAuth
We use Google OAuth for sign-in and account authentication with Google Accounts. If you use Google OAuth, Google’s terms and privacy policy also apply.
Data Accessed
BlueReader accesses only the Google user data necessary for sign-in and account linking.
- A unique identifier associated with your Google Account
- Email address
- Display name
- Profile image
- Account linkage information necessary to create, maintain, and protect the authenticated session
BlueReader does not request additional scopes for Gmail, Google Drive, Google Calendar, Google Photos, or other Google API data beyond basic sign-in profile information.
Data Usage
We use Google user data obtained through Google OAuth only for the following purposes.
- To authenticate sign-in, verify identity, and create or maintain your BlueReader account
- To maintain sessions, restore signed-in state, and display your account information in the Service
- To respond to support requests, contact you about account matters, and verify account ownership
- To detect, prevent, and investigate fraud, impersonation, security incidents, and other abuse
We do not use Google user data obtained through Google OAuth for ad targeting, ad profiling, or any unrelated purpose that is not reasonably expected by users.
Data Sharing
We do not sell Google user data. We do not share Google user data with third parties for advertising, retargeting, data brokerage, or similar commercial resale purposes.
We may share or disclose Google user data only in the following limited situations.
- With infrastructure, database, storage, monitoring, or security service providers acting on our instructions and only to the extent necessary to operate the Service
- To comply with applicable law, legal process, court orders, or lawful requests from public authorities
- To investigate, prevent, or respond to fraud, abuse, security incidents, or rights violations
- In connection with a merger, acquisition, or transfer of business, where permitted by law and subject to appropriate procedures where required
Data Storage & Protection
Google user data and related account linkage information may be stored or processed in BlueReader’s application database and operational infrastructure. We protect this data by taking measures such as:
- limiting access to personnel and systems that need the data to operate the Service;
- using HTTPS and other encrypted communication channels;
- applying access controls to authentication data, session data, and logs;
- maintaining logging, monitoring, and incident response processes; and
- supervising service providers that process data on our behalf.
Data Retention & Deletion
We retain Google user data for as long as your BlueReader account remains active and as long as the data is needed to provide sign-in, account management, and related security functions.
You can request deletion of account-related data, including Google user data, in either of the following ways.
- By using the account deletion function on the settings page in BlueReader
- By contacting us through the contact information in Section 15
After account deletion, we delete, anonymize, or otherwise render Google user data unusable unless retention is required for legal compliance, dispute handling, fraud prevention, unpaid obligations, or another legitimate reason.
(2) Paddle
We use Paddle for payment processing and recurring billing management for paid features. The handling of payment information is subject to Paddle’s terms and privacy policy.
(3) Google AdSense and other advertising services
We may use Google AdSense and other advertising services to deliver ads. As a result, third-party ad providers may use cookies and similar technologies to display ads based on your past access information.
(4) Analytics, log collection, error tracking, and similar services
We may use analytics, log collection, error tracking, and similar external services to improve the Service and respond to issues.
8. Use of Cookies and Similar Technologies
We may use cookies, local storage, and similar technologies to improve convenience, maintain sign-in state, analyze usage, prevent fraud, deliver advertising, measure advertising effectiveness, optimize display, and otherwise provide and improve the Service.
Third-party advertising providers, including Google, may use cookies to deliver ads based on your prior visits to the Service or other websites.
Through Google’s use of advertising cookies, Google and its partners may display appropriate advertising based on your access information for the Service or other websites.
You may be able to control or disable personalized advertising through browser settings or Google’s advertising settings. However, doing so may make some or all features of the Service unavailable.
9. Handling of Related Information
If we receive or provide cookies, advertising identifiers, access history, or other related information from or to third parties, we will handle such information appropriately in accordance with applicable law. Such information may be treated as personal data when combined with other information by us or the recipient.
10. Security Measures
We take necessary and appropriate measures to prevent leakage, loss, or damage of personal data and to otherwise manage personal data securely. The main measures include:
- establishing a basic policy for handling personal data;
- limiting authorized personnel and controlling access;
- appropriately managing account credentials;
- using encrypted communications and other technical safeguards;
- retaining logs and conducting audits;
- appropriately selecting and supervising outsourced providers; and
- maintaining an incident response structure.
If you request more detail about our security measures for retained personal data, we will respond in accordance with applicable law.
11. Disclosure, Correction, Suspension of Use, and Related Requests
Subject to applicable law, you may request disclosure, correction, addition, deletion, suspension of use, erasure, or suspension of third-party provision of your retained personal data.
When handling such requests, we will verify your identity and respond appropriately in accordance with applicable law. For details on procedures, please contact the point of contact in Section 15.
12. Retention Period and Deletion
We retain collected information only for as long as necessary to achieve the purposes of use. When information is no longer needed, we will delete, anonymize, or otherwise take appropriate measures unless retention is required by law.
You may request deletion of account-related data and information obtained through Google OAuth by using the account deletion function on the settings page or by contacting the point of contact in Section 15.
Even after you delete your account or the Service ends, we may retain information to the extent necessary for legal compliance, dispute handling, fraud prevention, handling unpaid obligations, record retention, or other legitimate reasons.
13. Information of Minors
If a minor uses the Service, the minor must do so with the consent of a parent or legal guardian. If we handle personal information of minors, we will do so with appropriate care.
14. Changes to This Policy
We may change this Policy when necessary due to legal amendments, changes to the Service, or other reasons. When we change this Policy, we will notify users of the revised content and effective date by posting it in the Service or by another appropriate method.
15. Contact
For inquiries about this Policy, requests described above, or other communications regarding personal information, please contact:
- Operator: CraftGear
- Email: bluereader@googlegroups.com