Privacy Policy

Last updated: 19 March 2026

1. Who Is Responsible for Your Data

Your personal data is processed by Melanie Koeppen, a sole trader registered in Czech Republic ("we", "us"). The service is available at bookbridge.eu. Contact: getbookbridge@proton.me.

As we are based in the EU, this policy complies with the General Data Protection Regulation (GDPR).

2. Data We Collect

We collect the following data when you use BookBridge:

  • Email address — collected at signup, used to identify your account and send service communications.
  • Book content (PDF files) — uploaded by you for translation. Stored securely and processed by our translation partners.
  • Translation output — the translated text generated from your uploaded PDF, stored in your account.
  • Payment information — handled entirely by Stripe. We do not store your card details. We receive confirmation that a payment was completed and the associated amount.
  • Usage data — basic records of actions taken in the app (e.g. projects created, translations run), used to operate and improve the service.

3. How We Use Your Data

We use your data to:

  • Provide the translation service — uploading, processing, and returning your translated book.
  • Manage your account and credits.
  • Send essential service communications (e.g. email confirmation on signup, payment receipts).
  • Investigate support requests.
  • Improve the service over time.

We do not use your data for advertising, and we do not sell your data to third parties.

4. Legal Basis for Processing (GDPR)

We process your data on the following legal bases:

  • Contract performance (Article 6(1)(b)) — processing your uploaded PDF and managing your account is necessary to provide the service you have paid for.
  • Legitimate interests (Article 6(1)(f)) — improving the service and preventing abuse.
  • Consent (Article 6(1)(a)) — for processing your book content via third-party AI providers, as confirmed by the consent checkbox at upload.

5. Third-Party Processors

We use the following third-party services to operate BookBridge. Each acts as a data processor under a data processing agreement with us or under their published terms.

  • Supabase (Supabase Inc., USA) — database and user authentication.
  • Cloudflare R2 (Cloudflare Inc., USA) — secure storage of uploaded PDFs and translated output files.
  • DeepL (DeepL SE, Germany) — primary translation engine. Your book text is sent to DeepL for translation.
  • Anthropic (Anthropic PBC, USA) — AI quality pass. Translated text is sent to Anthropic Claude to improve literary quality.
  • Stripe (Stripe Payments Europe Ltd, Ireland) — payment processing. Stripe handles all card data and is PCI-DSS compliant.
  • Railway (Railway Corp., USA) — backend hosting.
  • Vercel (Vercel Inc., USA) — frontend hosting.

Data transfers to the USA are covered by Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework as applicable to each provider.

6. Data Retention

We retain your data for as long as your account is active. If you delete your account:

  • Your uploaded PDFs and translated output are deleted from storage immediately.
  • Your account data (email, project records) is deleted within 30 days.
  • Payment records are retained for as long as required by applicable tax law.

7. Your Rights Under GDPR

As an EU resident, you have the following rights:

  • Right of access — you can request a copy of the personal data we hold about you.
  • Right to rectification — you can ask us to correct inaccurate data.
  • Right to erasure — you can ask us to delete your data ("right to be forgotten").
  • Right to restriction — you can ask us to limit how we use your data.
  • Right to data portability — you can ask for your data in a machine-readable format.
  • Right to object — you can object to processing based on legitimate interests.
  • Right to withdraw consent — where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at getbookbridge@proton.me. We will respond within 30 days.

You also have the right to lodge a complaint with your national data protection authority. In Czech Republic, this is the Office for Personal Data Protection (Urad pro ochranu osobnich udaju, www.uoou.cz).

8. Cookies

BookBridge uses only essential cookies required to keep you logged in. We do not use advertising or tracking cookies. No cookie consent banner is required.

9. Security

We take reasonable technical and organisational measures to protect your data, including encrypted transmission (HTTPS), access controls, and use of reputable infrastructure providers. No system is completely secure; in the event of a data breach affecting your rights, we will notify you as required by GDPR.

10. Changes to This Policy

We may update this policy from time to time. We will notify you by email before significant changes take effect. The date at the top of this page always reflects the most recent update.

11. Contact

For any privacy-related questions or to exercise your rights, contact: getbookbridge@proton.me.