Privacy Policy
Introduction
The operator of BookLens collects and uses user information only as needed to provide the service. This policy explains how BookLens handles information for email OTP authentication, book material analysis, Google Docs export, in-app purchases, notifications, support, analytics, and monitoring.
Information we collect
We may collect or generate the following information.
- Account information: email address used for email OTP authentication, authentication challenge state, user ID, session or authentication tokens.
- Book, material, and analysis data: book title, cover, uploaded images and videos, material status, AI analysis results, page structure, Markdown, and content exported to Google Docs.
- Google Docs integration data: Google account email, drive.file scope, encrypted refresh token, and identifiers and URLs for documents created by the service.
- Billing and credit data: Apple or Google Play product IDs, transaction IDs, purchase tokens, purchase verification data, and purchase, usage, refund, and adjustment ledger records. We do not store credit card numbers.
- Notification and device data: push tokens, device IDs, platform, app version, OS, device category, and notification open events when notifications are enabled.
- Support data: inquiry category, message, reply email address, device metadata, and correspondence needed for support.
- Usage and diagnostics: screen names, button actions, successful analysis, purchase, and export events, feature flags, request IDs, error categories, processing time, and privacy-safe correlation IDs.
Purposes of use
- Authenticate users by email OTP, maintain sessions, and prevent abuse.
- Store and analyze book materials, structure pages, provide viewing, export to Google Docs, and send analysis completion notifications.
- Verify in-app purchases, grant credits, reserve credits, consume credits, process refunds or adjustments, prevent duplicate grants, and maintain accounting and audit records.
- Respond to inquiries, investigate incidents, monitor security, apply rate limits, verify log redaction, and improve service quality.
- Analyze usage without personal information or book content, improve the first-run flow, and deliver feature flags.
- Comply with laws, platform rules, the Google API Services User Data Policy, and Apple App Store and Google Play requirements.
Zero Training Policy
We do not use uploaded book materials, Google Docs export content, analysis results, or inquiry messages to train AI models for BookLens or any third party.
- BookLens uses the Google Gemini API for analysis. Google API data handling is governed by Google contracts and policies.
- Gemini File API resources and temporary storage objects used for analysis are deletion targets after analysis completion or scheduled cleanup. Leaked temporary resources older than 24 hours are also cleaned up.
- If support or incident investigation requires reviewing content, access is limited to authorized personnel and the specific purpose.
Handling of Google API data
Google Docs export is an optional integration separate from login. BookLens requests only the drive.file scope through Google OAuth and uses Google Drive / Docs only for files created by the service or files explicitly selected by the user.
Google refresh tokens are encrypted at rest and used only for Google Docs export, integration status, and re-link checks. Google Docs URLs and content are not included in structured logs, Sentry, Slack alerts, or analytics events.
Compliance with the Google API Services User Data Policy
BookLens use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including Limited Use requirements. Google API Services User Data Policy
Third-party services and processors
We may send or store information with the following external services when necessary to provide BookLens. Each service receives only the information needed for its role.
- Google Gemini API: book material analysis, page structuring, and temporary analysis file processing.
- Google Drive / Docs APIs: Google Docs exports initiated by the user.
- Cloudflare Workers, D1, R2, Queues, Email Service, and Logpush: API hosting, data storage, email OTP delivery, queue processing, and log storage.
- Apple App Store, StoreKit, Google Play Billing, and Google Play Developer API: in-app purchase verification, refund and revocation notifications, and purchase history reconciliation.
- APNs, Firebase Cloud Messaging, and Expo Notifications: push notifications such as analysis completion notices.
- PostHog and Microsoft Clarity: usage analytics without personal information or book content, feature flags, screen names, and button/action events.
- Sentry and Slack: incident monitoring, inquiry notifications, and operations. Tokens, email addresses, inquiry messages, book content, signed URLs, and purchase tokens are excluded from logs and alerts by policy.
Retention and deletion
- When a user requests account deletion, we disable account use and delete related D1 account, book, page, and wallet data, user-prefixed R2 objects, and user-prefixed Gemini File API resources through deletion queues and recovery jobs.
- Google Docs integration tokens are deletion targets when the account is deleted or the integration is disconnected. Users may also revoke BookLens access from their Google Account permissions page.
- Purchase ledgers, refund or adjustment records, security logs, inquiry history, and records needed for legal or platform compliance may be retained only for the period necessary for those purposes.
- Analytics events and logs are stored without book content, image or video content, email addresses, inquiry messages, purchase tokens, or signed URLs.
AI transparency and generated outputs
BookLens analysis results are generated by artificial intelligence, including Google Gemini, or structured with AI assistance. Outputs may include errors, omissions, uncertain page numbers, or OCR mistakes. Users should verify important uses against the original material, source images, or source videos.
Security
- Raw OTP values are not stored; persisted OTP values are handled as HMAC hashes. JWTs, Google refresh tokens, purchase tokens, push tokens, signed URLs, email addresses, inquiry messages, and book content are not written to structured logs or error notifications by policy.
- Google refresh tokens are encrypted at rest and used only through the limited integration boundary.
- We use access controls, rate limits, monitoring such as Sentry, and Cloudflare infrastructure features to reduce unauthorized access, leakage, loss, and alteration risks.
User rights and contact
For requests to disclose, correct, suspend use of, delete, or confirm third-party disclosure of personal information, or to stop Google Docs integration or notifications, contact support in the app or email support@flowzenn.com. We will verify the requester and respond within a reasonable scope under applicable law.
Changes to this policy
We may change this policy when laws, platform requirements, or service features change. Material changes will be announced in the service, on the website, or by another appropriate method.
Last updated: May 30, 2026