Privacy Policy

Last updated: August 21, 2025 • Applies to the Read to Lead mobile app and marketplace (readtolead.store).

This page explains what data we collect, why we collect it, how we use it, and the choices you have. We keep things minimal and useful—no creepy stuff.

Quick Jump

1. Scope & Who We Are
2. Data We Collect
3. How We Use Data
4. Our Legal Bases (GDPR)
5. When We Share Data
6. Data Retention
7. International Transfers
8. Your Rights & Choices
9. Children’s Privacy
10. Security
11. Third‑Party Services & SDKs
12. App Permissions
13. How to Contact Us
14. Changes to This Policy
15. Glossary

In Short

We collect just enough data to run Read to Lead, personalize recommendations, process purchases, and improve the experience. We don’t sell your personal data We don’t sell data.

You can access, correct, or delete your data, and you can opt out of non‑essential analytics or marketing at any time.

1) Scope & Who We Are

This Privacy Policy covers the Read to Lead mobile application (the “App”) and our marketplace at readtolead.store (together, the “Services”). “Read to Lead”, “we”, “us”, or “our” refers to the Read to Lead team operating from Cairo, Egypt.

We act as a data controller for personal data we process about you when you use the Services.

2) Data We Collect

A. You Provide

Account & Profile: name, email, password (hashed), profile preferences (e.g., language, reading interests).
Content & Activity: saved books, highlights, notes, bookmarks, likes, playlists, and in‑app search queries.
Purchases: order history, shipping details (if you buy physical books in supported markets), and subscription choices.
Customer Support: messages and attachments you send us.

B. Collected Automatically

Device & Usage: app version, device type, OS, approximate region, crash logs, performance, and session events (e.g., screen views).
Cookies/Web Storage (web marketplace): essential cookies for sign‑in and cart; optional analytics cookies with your consent where required.

C. From Third Parties

Payments: confirmation of purchase/subscription status from app stores or payment processors (no full card numbers stored by us).
Social/Single Sign‑On (if enabled): basic profile and authentication tokens.

Sensitive data? We do not seek to collect special category data (e.g., health, biometric, political views). Please don’t share it in notes/highlights.

3) How We Use Data

Provide the Services: account creation, syncing, bookmarks/highlights, search, library, recommendations.
Transactions: process subscriptions, in‑app purchases, and marketplace orders; prevent fraud.
Personalization: tailor content suggestions (e.g., book summaries, courses, podcast episodes) to your interests.
Communication: send service notifications (e.g., receipts, policy updates). Marketing emails are optional and include an unsubscribe link.
Improve & Secure: debug, measure performance, run analytics (aggregated where possible), and keep the platform safe.
Legal: comply with law, enforce Terms, and protect rights.

4) Our Legal Bases (GDPR)

Contract: to deliver features you request (e.g., your account, library, purchases).
Legitimate Interests: security, crash analytics, minimal product analytics, and personalization proportional to your expectations.
Consent: non‑essential analytics/marketing where required; you can withdraw any time.
Legal Obligation: tax/financial record keeping, regulatory requests.

6) Data Retention

We retain personal data only as long as needed for the purposes above:

Account data: kept while your account is active.
Content (highlights/notes): kept until you delete them or delete your account.
Transaction records: kept per tax/accounting rules (typically 5–10 years depending on jurisdiction).
Crash/analytics: kept in aggregated or de‑identified form where possible.

7) International Transfers

We may process data in countries outside your own. Where required, we use safeguards such as standard contractual clauses or equivalent transfer mechanisms.

8) Your Rights & Choices

Access, correct, delete your personal data.
Export/portability of data you provided where feasible.
Object/Restrict certain processing (e.g., personalization, analytics) depending on your location laws.
Consent controls: toggle analytics/marketing where offered; unsubscribe from emails anytime.

California (CPRA): you can request disclosures, deletion, and to limit the use of sensitive personal information. We do not sell or share personal information for cross‑context behavioral advertising.

To make a request, see Contact Us. We’ll verify requests to protect your privacy.

9) Children’s Privacy

The Services are not directed to children under 13 (or under 16 in the EU/UK). We do not knowingly collect personal data from children. If you believe a child provided data, please contact us and we’ll delete it.

10) Security

Technical: encryption in transit (HTTPS), hardened infrastructure.
Organizational: access controls and least‑privilege practices.
Your part: use a strong, unique password and keep your device secure.

No method is 100% secure, but we work to protect your data and review practices regularly.

11) Third‑Party Services & SDKs

To operate the Services, we may integrate third‑party tools (e.g., analytics, crash reporting, payments, notifications). These providers process limited data on our behalf under their terms.

Analytics/Crash: may include Firebase Analytics & Crashlytics or equivalents.
Payments: App Store / Google Play billing; third‑party processors for marketplace orders.
Comms: email delivery and in‑app notifications.

We maintain an internal register of vendors and will update app store disclosures as integrations change.

12) App Permissions

Notifications — optional; for updates, reminders, and receipts.
Microphone / Speech (if you use voice features) — to capture your voice locally and convert to text; we don’t access recordings unless you actively submit feedback/voice notes.
Photos/Media/Files (if you export notes/highlights) — to save files you request.
Camera (optional) — only if a feature explicitly needs it; we’ll ask first.
Location — not collected by default; if enabled (e.g., regional marketplace), we use approximate location to show relevant content or pricing.

13) How to Contact Us

For privacy questions or requests (access, deletion, objection, etc.), reach us at:

Email: privacy@readtolead.store
Address: Read to Lead, Cairo, Egypt

To help us verify your identity, please include the email associated with your account and indicate your country/region.

14) Changes to This Policy

We may update this Policy to reflect product, legal, or operational changes. If updates materially affect your rights, we’ll provide notice (e.g., in‑app message or email). The “Last updated” date shows the latest revision.

15) Glossary

Personal data / personal information: information that identifies or can be reasonably linked to an individual.
Controller: entity deciding why/how personal data is processed.
Processor: entity processing personal data on behalf of a controller.
CPRA: California Privacy Rights Act. GDPR: EU General Data Protection Regulation.