Privacy Policy
Effective date: July 11, 2026
Passage is built on the belief that your reading life is private. This policy explains exactly what data we collect, what we do with it, and what we don't do. Plain language, no legalese.
1. What we collect
On your device (local-first): Your library, book metadata, reading progress, page numbers, notes, reading streaks, and all app state are stored exclusively on your device using SwiftData. We have no access to this data.
Account data (if you sign in): If you create an account with email and password or sign in with Apple or Google, we store your email address and a hashed identifier in our authentication provider (Supabase). We do not store your password in plaintext.
AI feature usage: When you use AI features (book chat, character lookup, recommendations), your question and limited book context are sent to our backend and forwarded to OpenAI to generate a response. We do not persistently store your questions or OpenAI's responses on our servers — they are processed in transit and discarded.
Crash and error data: We may collect anonymized crash reports to improve stability. These contain no personally identifiable information and no book content.
2. What we don't collect
- We do not collect your reading history or reading behavior for advertising
- We do not sell your data to any third party, ever
- We do not read the contents of books you import
- We do not track your location
- We do not use behavioral analytics or cross-app tracking
3. How we use your data
Data we collect is used exclusively to:
- Authenticate your account and maintain your session
- Process AI requests and return responses to your device
- Verify Premium subscription status via Apple's StoreKit
- Investigate and fix crashes when reported
4. Third-party services
Supabase: Authentication provider. Stores your email and user ID. Privacy policy: supabase.com/privacy
OpenAI: Used to generate AI responses. Your questions and book context are sent to OpenAI per their API terms. OpenAI's privacy policy: openai.com/policies/privacy-policy. We do not use OpenAI's API in training mode.
Apple StoreKit: In-app purchases and subscription management. Apple handles all payment processing — we never receive your payment information.
Open Library (Internet Archive): Book search and catalog data. Queries include only book titles and authors. No personal information is sent.
5. Data retention
Account data (email and user ID) is retained for as long as your account exists. You may delete your account at any time by contacting us at the email below, and we will remove all associated data within 30 days.
AI query data is not retained — it is processed in transit and not stored on our servers.
6. Children
Passage is not directed at children under 13 and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
7. Security
We use industry-standard measures to protect your data in transit (TLS) and at rest. Account credentials are managed by Supabase, which maintains its own security certifications. Your on-device data is protected by iOS device encryption.
8. Your rights
You have the right to access, correct, or delete your personal data at any time. To exercise any of these rights, email us at the address below. We will respond within 30 days.
If you are in the European Economic Area, you have additional rights under GDPR including the right to data portability and the right to lodge a complaint with your local supervisory authority.
9. Changes to this policy
If we make material changes to this policy, we will update the effective date above and notify you through the app. Continued use of Passage after changes constitutes acceptance of the updated policy.
10. Contact
Questions about this policy? We're a small team and we actually read our email.