Agathos Books

Privacy Policy

Last updated: May 28, 2026

Our Commitment to Your Privacy

This Privacy Policy explains how Jade Systems LLC ("we," "us," "our") collects, uses, and protects your information when you use Agathos Books.

1. Information We Collect

Account Information

  • Display name (required)
  • Email address (optional, for authentication and notifications)
  • Phone number (optional, for authentication and SMS notifications)
  • Profile avatar image
  • Age bracket (13-17 or 18+, not specific birthdate)
  • Timezone

Privacy and Preferences

  • Activity visibility settings
  • Profile visibility preferences
  • Notification preferences
  • SMS consent status

Activity Data

  • Reading activity (books started, progress, completed)
  • Library membership and roles
  • Book lending and borrowing history, including loan extensions, recalls, and disputes
  • Book collection and tags
  • Reliability scores based on lending history
  • Messages you exchange within loan conversations and reports you submit about other users' messages

Technical Data

  • Device information and browser type (for service delivery)
  • IP address (for security, geolocation, and fraud prevention)
  • Push notification subscriptions, including mobile device tokens for our iOS and Android apps (registered with each platform's push delivery service)
  • Authentication tokens
  • Error logs (without personal content)

2. How We Use Your Information

  • Provide and maintain the library management service
  • Enable library discovery and facilitate book lending
  • Deliver in-app messaging between members of a loan or library
  • Moderate content, review reports, and enforce platform safety policies
  • Send notifications about loans, due dates, and library updates
  • Authenticate users and protect account security
  • Prevent fraud, abuse, and unauthorized access
  • Improve the platform based on usage patterns
  • Comply with legal obligations
  • Enforce our Terms of Service

3. Information Sharing

Within Libraries

  • Library Members: Your display name and avatar are visible. Reading activity is visible only if you enable it in your privacy settings (disabled by default for ages 13-17)
  • Profile Visibility: You control profile visibility per library. When visible, members may see your reading statistics based on your settings
  • Activity Feed: Your reading activities may appear in library feeds. You can hide individual activities or enable retroactive hiding of all past activities
  • Library Administrators: Admins can see your email address (not phone), membership status, lending history, and reliability scores
  • Book Owners: When you request a book, the owner sees your name and reliability scores
  • Supervisors: If you add a supervisor, they can view basic account information and library participation, and can toggle your profile visibility and direct loan messaging settings
  • Messages: Peer-to-peer messages on member-owned loans are visible only to the borrower, the lender, and our staff for safety review — not to library administrators. Library-owned loan conversations are visible to administrators of the relevant library. Escalation threads are visible only to the escalating user and the library's administrators
  • Contact Information: Your email and phone are never visible to regular library members

Service Providers

We share information with third-party services that help operate the platform:

  • Email and SMS delivery services (for notifications and authentication)
  • Email and phone validation services
  • Payment processing (via our merchant of record)
  • Cloud database hosting (with encryption at rest)
  • Image hosting and content delivery
  • Security and bot protection services
  • Book metadata providers (for cover images and book information)
  • Error monitoring services (no personal content included)
  • Geocoding and geolocation services (for library discovery and timezone detection)
  • Push notification delivery (for mobile and browser notifications, including platform-provided push services for iOS and Android)

Legal Requirements

We may disclose information when required by law, court order, or legal process, or to protect rights, property, or safety.

What We Do Not Do

  • We do not sell your personal information
  • We do not share your data for advertising purposes
  • We do not provide your information to data brokers
  • We do not use your data for AI training purposes

Messages and Moderation

  • We store messages you send through in-app messaging so we can deliver them and keep a conversation history accessible to the participants
  • Messages may be screened by content moderation, which may hold a message for review, flag it for an administrator, or deliver it as normal. Conversations that involve a user under 18 are always screened by content moderation regardless of other settings
  • If you delete a message you sent, it is removed from the conversation but its content may be retained for a reasonable period for moderation, safety review, and dispute resolution
  • Reports, moderation actions, blocks, and dispute records may be retained as long as needed for safety and platform integrity

4. Data Security

We implement security measures to protect your information:

  • Encryption in transit (HTTPS) and at rest
  • Passwordless authentication with one-time codes
  • Token versioning for session security
  • Rate limiting to prevent brute force attacks
  • Bot protection at signup
  • Row-level database security policies
  • Regular security monitoring

5. Your Rights and Choices

Access and Control

  • Access: View and update your profile and preferences in Settings
  • Delete: Permanently delete your account in Settings → Account (after resolving loans and library ownership). Contact us if you cannot complete deletion in the app
  • Library export: Library owners on eligible subscription plans may export library books, loans, and member lists (CSV) from library settings (Advanced). This does not include a full export of all personal data we hold about you
  • Other rights: Where applicable law gives you additional rights (such as access or portability), you may submit a verifiable request using the contact information in Section 11. We will respond as required by applicable law

Privacy Controls

  • Activity Privacy: Control whether reading activity is visible to library members
  • Profile Visibility: Set profile visibility level (limited or full)
  • Activity Hiding: Hide individual activities from feeds
  • Retroactive Hiding: Option to hide all past activities when enabling privacy
  • Direct Messaging: Turn direct loan messaging on or off. When off, the composer is hidden on loan conversations but existing message history stays readable and you can still open an escalation thread with library administrators
  • Supervision: Add or remove parental supervision at any time (ages 13-17)
  • Blocking: Block another user. A block applies in both directions and across the platform — it prevents new messages on shared loan threads, prevents either party from requesting or being offered loans from the other, hides the blocked user's reading activity from your community feed, and reduces their public profile (as you see it) to name and avatar. Existing loans already in progress complete normally. You can unblock from the blocked user's profile or from Settings → Blocked Users
  • Reporting: Report messages that violate our policies for review by library administrators or our team

Communication Preferences

  • Customize notification channels (push, email, SMS) per notification type
  • Opt out of SMS by replying STOP to any message
  • Essential service communications cannot be disabled

Account Deletion

You can delete your account in Settings → Account. Requirements:

  • Return all borrowed books and resolve active loans
  • Transfer or delete any libraries you own
  • Deletion is permanent and cannot be undone
  • Supervised accounts will lose their supervisor connection

6. Data Retention

  • Account data is retained while your account is active
  • Inactive accounts may be deleted after 2 years of inactivity
  • Deleted libraries have a 90-day recovery window before permanent deletion
  • Messages are retained while the related loan exists. Deleted messages may be retained for a reasonable period for moderation, safety review, and dispute resolution
  • Moderation reports, user blocks, and dispute records may be retained as long as needed for safety and platform integrity
  • We may retain certain information as required by law
  • Payment records are retained by Paddle according to their policies

7. Children's Privacy (COPPA Compliance)

Age Requirements

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13 in compliance with COPPA. Users must confirm they are at least 13 years old during account creation. If we learn that we have collected information from a user under 13, we will delete that account.

Privacy for Users Ages 13-17

  • Private by Default: Reading activity is hidden from library members
  • Limited Profile: Profile visibility defaults to limited
  • Messaging Off by Default: For new accounts, direct loan messaging is off by default. The minor (or their supervisor, if any) can change this in Settings. Escalation to library administrators is always available, even when direct messaging is off
  • Minor-Involved Threads Always Moderated: Our automated moderation system always screens messages in conversations that involve a user under 18, regardless of other settings
  • Minimal Data: We do not collect birthdates or unnecessary information
  • Contact Protection: Email and phone are protected for all users
  • Optional Supervision: Minors can add a parent or guardian to supervise
  • User Control: Minors can modify settings and supervision at any time

Parental Rights

Parents or guardians of users ages 13-17 may:

  • Be added as supervisor (minor must add you)
  • View basic account information of supervised accounts
  • Toggle the minor's profile visibility and direct loan messaging settings from the Supervised Accounts dashboard
  • Request information about their minor's account by contacting us (subject to verification)
  • Request deletion of their minor's account, or the minor may delete from Settings → Account when eligible

Limitations

We provide privacy controls and supervision options but do not actively monitor user interactions. Parents are responsible for supervising their children's online activities. Libraries using our platform for youth programs are responsible for their own safety protocols.

8. Geographic Discovery

For public library discovery, we collect location data:

  • Browser geolocation (with your permission)
  • IP-based location estimation (as fallback)
  • Saved location preference (stored locally for 7 days)
  • Library addresses (for administrators setting up public libraries)

You can deny location permission and manually enter a ZIP code for discovery. Address and ZIP code lookups are sent to a third-party geocoding service to convert them to a map location. Location data is used only for finding nearby libraries and is not used for advertising or sold to data brokers.

9. Cookies, Local Storage, and Mobile Apps

On the web, we use browser storage for:

  • Authentication tokens (localStorage)
  • Theme preference (dark/light mode)
  • Last used login method
  • Location cache for library discovery

We do not use tracking cookies or third-party advertising cookies.

On our native iOS and Android apps, equivalent data is stored locally on your device. The apps also register for push notifications so we can deliver them to your device. You can disable push notifications at any time in your device settings or your in-app notification preferences.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date and, for significant changes, by email or in-app notification. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

For questions about this Privacy Policy or our privacy practices:

Company: Jade Systems LLC (Texas)

Email: [email protected]

Subject Line: Privacy Policy Question

To exercise privacy rights under applicable law, email us with subject line Privacy Request and include the email or phone number on your account so we can verify your identity. We will respond within the timeframe required by applicable law (typically within 30 days). Account deletion is available in the app; use this contact method for deletion only if you cannot complete it in Settings.