privacy policy

spine is a private reading journal. we collect what you need to sign in and what you choose to log about your reading — nothing more. we do not sell your data, and we do not show you ads.

account. your email address, a display name, a username, and a password hash. these are stored by our authentication provider, Supabase.

your reading data. the books, entries, quotes, ratings, moods, notes, reflections, and re-reads you create. this is your journal — it belongs to you.

book metadata. when you add a book, we fetch its cover, page count, ISBN, and genres from the Hardcover API. we do not send Hardcover any information about you.

imports. if you import your library from Goodreads, we parse the CSV you upload and store the resulting entries in your account. the original file is not retained.

we use your data to run spine — to show you your library, your calendar, your streaks, and your year in review. that is the extent of it.

we do not use your reading journal to train models, build profiles, or share insights with third parties.

spine relies on a small number of trusted services to operate:

• Supabase — authentication and database.
• Vercel — hosting.
• Hardcover — book metadata (no personal data sent).

each operates under its own privacy policy. we do not share your data with anyone else.

spine uses a session cookie to keep you signed in, and local storage to remember your theme preference. we do not use analytics or advertising cookies.

you can edit or delete any entry, quote, or book at any time from within spine. if you would like to export everything you have logged, or delete your account entirely, send us a note at the address below and we will take care of it.

if we change how spine handles your data, we will update this page and adjust the date at the top. material changes will also be surfaced to signed-in readers.

questions, requests, or concerns — hello@spinereads.com.

← back to spine