Privacy Policy

Last Updated: December 23, 2024

KDP CoverLab ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our book cover design service.

1. Information We Collect

1.1 Personal Information

We collect information that identifies you personally when you:

• Create an Account: Email address, name, and authentication credentials (via Auth0)
• Subscribe: Payment information (processed securely by Stripe – we never store your full credit card details)
• Use Our Service: IP address, browser type, device information, and usage data

1.2 User-Generated Content

When you create book covers, we temporarily process:

• Images you upload
• Text content (titles, author names, descriptions)
• Design preferences and settings

Your uploaded images and designs are processed client-side in your browser and are NOT stored on our servers permanently.

1.3 Automatically Collected Information

• Cookies: We use essential cookies for authentication (Auth0) and session management
• Analytics: We may use privacy-friendly analytics to improve our service
• Log Data: Access logs, error reports, and security monitoring data

2. How We Use Your Information

We use your information to:

• ✅ Provide and maintain the KDP CoverLab service
• ✅ Process your subscription payments via Stripe
• ✅ Authenticate your account via Auth0
• ✅ Send important service updates and security notifications
• ✅ Improve our service and develop new features
• ✅ Prevent fraud and ensure security
• ✅ Comply with legal obligations

We will NEVER:

• ❌ Sell your personal information to third parties
• ❌ Use your uploaded images for any purpose other than providing the service
• ❌ Share your designs publicly without your permission
• ❌ Send you marketing emails without your consent

3. Third-Party Services

We use trusted third-party services to operate KDP CoverLab:

3.1 Authentication - Auth0

• Purpose: Secure user authentication and account management
• Data Shared: Email address, login credentials
• Privacy Policy: https://auth0.com/privacy

3.2 Payment Processing - Stripe

• Purpose: Secure payment processing and subscription management
• Data Shared: Billing information, email address
• Privacy Policy: https://stripe.com/privacy
• Note: We never store your full credit card details

3.3 Hosting - Netlify

• Purpose: Website hosting and content delivery
• Data Shared: Access logs, IP addresses
• Privacy Policy: https://www.netlify.com/privacy/

3.4 CDN Services

• Cloudflare: Content delivery and security
• Google Fonts: Web font delivery
• cdnjs: JavaScript library hosting

4. Data Storage and Security

4.1 Where We Store Data

• User accounts: Stored by Auth0 (encrypted at rest)
• Subscription data: Stored by Stripe (PCI DSS compliant)
• Application data: Stored on Netlify servers (encrypted in transit)
• Your designs: Processed locally in your browser, not permanently stored

4.2 Security Measures

• 🔒 HTTPS encryption for all data transmission
• 🔒 Content Security Policy (CSP) headers
• 🔒 Secure authentication via Auth0 (OAuth 2.0)
• 🔒 Regular security audits and updates
• 🔒 Access controls and monitoring

5. Your Rights (GDPR/CCPA Compliance)

You have the right to:

5.1 Access Your Data

Request a copy of all personal data we hold about you.

5.2 Rectification

Update or correct inaccurate information in your account settings.

5.3 Deletion ("Right to be Forgotten")

Request deletion of your account and associated data. Contact us at privacy@kdpcoverlab.com

5.4 Data Portability

Request your data in a machine-readable format.

5.5 Withdraw Consent

Opt-out of optional data processing (like analytics) at any time.

5.6 Lodge a Complaint

Contact your local data protection authority if you believe we've mishandled your data.

To exercise these rights, email: privacy@kdpcoverlab.com

6. Data Retention

• Active accounts: Data retained while your subscription is active
• Canceled accounts: Data deleted within 30 days of cancellation (unless required by law)
• Uploaded images: Not stored permanently; deleted after export
• Payment records: Retained by Stripe for 7 years (tax/legal compliance)

7. Cookies and Tracking

7.1 Essential Cookies

We use cookies necessary for the service to function:

• auth0.*.is.authenticated - Authentication status
• auth0.*.ssodata - Single sign-on data

7.2 Your Cookie Choices

You can disable cookies in your browser, but this may affect functionality.

8. Children's Privacy

KDP CoverLab is not intended for users under 18. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact us immediately at privacy@kdpcoverlab.com.

9. International Data Transfers

Your data may be transferred to and processed in countries outside your residence, including the United States. We ensure appropriate safeguards are in place (Standard Contractual Clauses) to protect your data.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Updating the "Last Updated" date at the top
• Sending an email notification (for material changes)
• Displaying a notice on our website

11. Contact Us

For privacy questions, concerns, or to exercise your rights:

Email: privacy@kdpcoverlab.com
Website: https://www.kdpcoverlab.com

By using KDP CoverLab, you acknowledge that you have read and understood this Privacy Policy.