Summarsky

Privacy Policy

Last updated: February 28, 2026

1. Introduction

This Privacy Policy explains how Summarsky ("we," "us," or "our") collects, uses, stores, and shares information about you when you use our website and services (collectively, the "Service"). By using the Service, you agree to the practices described in this policy.

If you have questions or concerns, you may contact us at support@summarsky.com.

2. Information We Collect

2.1 Account Information

When you sign in with Google, we receive and store your name, email address, and profile picture URL from your Google account. We also store an internal user identifier and the timestamp your account was created.

2.2 Uploaded Book Content

When you upload a book, we store the file itself along with metadata we extract from it, including: title, authors, publisher, contributors, publication year, ISBN and other identifiers, subject categories, language, and rights information. We also store the extracted plaintext of each chapter for AI processing and the book's file size, MIME type, and original filename.

2.3 AI-Generated Content

We store the summaries, running narrative summaries, book synopses, character profiles, character timelines, and setting information generated by the Service from your uploaded books. This Generated Content is associated with your account.

2.4 Billing and Credit Information

We store your Stripe customer ID and, if you subscribe, your Stripe subscription ID, subscription status, and billing period dates. We maintain a complete ledger of your credit transactions, including credits granted, reserved, consumed, and refunded. We do not store full payment card numbers — those are handled exclusively by Stripe.

2.5 Usage Data

We collect operational usage metrics tied to your account, including the number of upload bytes, processing jobs started, and AI tokens consumed per billing period. We also store processing job details such as job status, progress, error messages, and the number of processing attempts per chapter.

2.6 Session Data

We use session cookies to keep you signed in. Session tokens are stored in your browser and correspond to records in our database. These expire when you sign out or after a period of inactivity.

2.7 Public Library Activity

If you publish a book to the public library, that book's metadata and generated summaries become visible to all users, including guests. If you save a bookmark on a public book, that association is stored in your account.

3. How We Use Your Information

  • To create and manage your account and authenticate your identity;
  • To process your uploaded books and generate summaries and other outputs;
  • To manage your credit balance and process subscription or one-time payments;
  • To display your books, summaries, and reading history within the Service;
  • To operate and maintain the public library;
  • To send you transactional emails about your account, including billing receipts, processing status, and security notices;
  • To detect and prevent abuse, fraud, and violations of our Terms of Service;
  • To diagnose technical problems, monitor system health, and improve the reliability of the Service;
  • To comply with applicable legal obligations.

We do not sell your personal data to third parties. We do not use your book content to train AI models on our own behalf.

4. Third-Party Services

We rely on the following third-party services to operate the Service. Each has its own privacy policy governing how it handles data:

4.1 Google (Authentication)

We use Google OAuth 2.0 for sign-in. When you authenticate, Google shares your name, email address, and profile picture with us. Your interactions with Google during sign-in are governed by Google's Privacy Policy.

4.2 Stripe (Payments)

We use Stripe to process subscription and one-time payments. When you make a purchase, your payment card details are entered directly into Stripe's secure form and are never transmitted to or stored on our servers. Stripe may store billing address information and transaction history. Stripe's data practices are described in Stripe's Privacy Policy.

4.3 OpenRouter (AI Processing)

We use OpenRouter to route AI processing requests to large language models. When a book is processed, the extracted text of each chapter is transmitted to OpenRouter (and onwards to the underlying AI model provider) to generate summaries and other outputs. Your personal account information is not included in these requests. Please review OpenRouter's privacy policy for details on how they handle content submitted for processing.

4.4 Object Storage (Hetzner / S3-Compatible)

Uploaded book files and extracted cover images are stored in an S3-compatible object storage service. Files are stored server-side and access is controlled by our application. We use server-side encryption where supported by the storage provider.

4.5 OpenLibrary (Book Metadata)

When you search for a book title in the public library, we may query the Open Library API (openlibrary.org) to provide autocomplete suggestions. Only the search query string is sent; no account data is transmitted.

5. Cookies and Local Storage

We use cookies to maintain your authenticated session. These are essential cookies required for the Service to function; the Service cannot be used without them. We do not use advertising cookies or track you across third-party websites.

Third-party services embedded in the Service (such as Stripe's checkout flow) may set their own cookies subject to their respective privacy policies.

6. Data Storage and Security

Your data is stored on servers located in the European Union. We implement industry-standard technical and organizational measures to protect your data, including encrypted connections (HTTPS), server-side storage encryption, hashed session tokens, and access controls limiting data access to authorized personnel and systems.

No method of transmission or storage is 100% secure. If you become aware of any security concern, please contact us immediately at support@summarsky.com.

7. Data Retention

We retain your account data, book files, summaries, and credit records for as long as your account is active. When you delete a book, the associated file and generated content are permanently deleted from our storage systems.

When you close your account, we delete or anonymize your personal data within a reasonable period, except where retention is required by applicable law (for example, for tax or financial record-keeping purposes). Billing records may be retained for up to 7 years to comply with financial regulations.

Aggregated, non-identifiable usage statistics derived from your activity may be retained indefinitely.

8. Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal data:

  • Access: Request a copy of the personal data we hold about you;
  • Correction: Request correction of inaccurate or incomplete data;
  • Deletion: Request deletion of your personal data (subject to legal retention requirements);
  • Portability: Request an export of your data in a portable format;
  • Restriction: Request that we restrict processing of your data in certain circumstances;
  • Objection: Object to our processing of your personal data where we rely on legitimate interests.

To exercise any of these rights, contact us at support@summarsky.com. We will respond within 30 days. We may need to verify your identity before fulfilling a request.

9. International Data Transfers

Your data may be transferred to and processed in countries other than the country in which you reside, including for AI processing via OpenRouter and its underlying model providers, which may be located in the United States. We take steps to ensure that such transfers are made in compliance with applicable data protection laws. By using the Service, you consent to these transfers.

10. Children's Privacy

The Service is not directed to children under the age of 13, and we do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by displaying a prominent notice on the Service before the changes take effect. Your continued use of the Service after the effective date constitutes your acceptance of the revised policy.

12. Contact

Questions about this Privacy Policy or our data practices? Contact us at support@summarsky.com.