Curious Minds

Privacy Policy

Last updated: December 2024

Overview

Summer Reading Challenge (“we,” “our,” or “the app”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our iOS application.

Information We Collect

Personal Information You Provide

  • Account Information: Name, email address, and authentication credentials
  • Profile Customization: Avatar initials and color preferences
  • Reading Data: Book titles, ratings (1-5 stars), personal comments, and reading dates
  • Learning Entries: Personal notes about things you’ve learned
  • Activity Data: Step counts and activity logs you choose to record
  • Social Interactions: Emoji reactions and responses to other users’ posts

Information Automatically Collected

  • Device Information: iOS version, device model (for compatibility and security)
  • App Usage Data: Features used, session duration, and navigation patterns
  • Technical Data: App version, crash reports, and performance metrics
  • Authentication Data: Secure tokens and session information

Biometric Information

  • Face ID/Touch ID: Used only for local device authentication
  • Local Processing: All biometric data is processed on your device and never transmitted to our servers
  • Apple’s Security: We rely on Apple’s secure biometric authentication system

How We Use Your Information

Core Functionality

  • Reading Tracking: Store and display your book logs, ratings, and progress
  • Social Features: Enable sharing entries, reactions, and leaderboards with other users
  • Personalization: Customize your app experience with your preferred settings

AI-Powered Features

  • Book Recommendations: Send your reading history (book titles and ratings) to OpenAI’s API to generate personalized book suggestions
  • Content Enhancement: Improve recommendation accuracy based on your reading patterns

App Improvement

  • Analytics: Understand app usage to improve features and user experience
  • Performance: Monitor app stability and fix technical issues
  • Security: Detect and prevent unauthorized access

Data Sharing and Third-Party Services

OpenAI Integration

  • Purpose: Generate personalized book recommendations
  • Data Shared: Book titles, ratings, and comments you’ve added
  • Processing: OpenAI processes this data to provide recommendations but does not store it permanently
  • Privacy: Subject to OpenAI’s privacy policy and data handling practices

Apple Services

  • Sign in with Apple: Secure authentication without sharing your email (optional)
  • iCloud Keychain: Secure storage of authentication credentials
  • App Store: App download and update functionality

Social Features

  • Public Visibility: Your reading entries, reactions, and leaderboard position are visible to other app users
  • User Control: You can delete your own entries at any time
  • Anonymization: Only your chosen display name and avatar are shown to others

Data Security

Encryption and Protection

  • Password Security: All passwords are hashed using PBKDF2 with random salt and 100,000 iterations
  • Secure Storage: Sensitive data stored in iOS Keychain with hardware encryption
  • Network Security: All data transmission uses HTTPS with TLS 1.2+ encryption
  • API Security: OpenAI API keys stored securely and rotated regularly

Access Controls

  • Biometric Authentication: Optional Face ID/Touch ID for app access
  • Session Management: Automatic logout after extended inactivity
  • Local Processing: Sensitive operations performed on-device when possible

Data Retention and Deletion

Retention Periods

  • Active Accounts: Data retained while your account is active and in use
  • Inactive Accounts: Accounts inactive for 2+ years may be deleted after notification
  • Legal Requirements: Some data may be retained longer if required by law

Your Deletion Rights

  • Individual Entries: Delete specific book logs, learning entries, or step records
  • Account Deletion: Request complete account and data deletion
  • Processing Time: Deleted data permanently removed within 30 days
  • Backup Cleanup: Deleted data removed from all backups within 90 days

Your Privacy Rights

Access and Control

  • Data Access: View all personal data we have about you
  • Data Correction: Update or correct any inaccurate information
  • Data Export: Download your reading data in a portable format
  • Sharing Control: Manage visibility of your entries to other users

Communication Preferences

  • Notifications: Control what app notifications you receive
  • Recommendations: Opt out of AI-powered book recommendations
  • Analytics: Request exclusion from usage analytics (where technically feasible)

Children’s Privacy

  • Age Requirement: This app is designed for users 13 years and older
  • Parental Consent: Users under 18 should have parental permission
  • Data Minimization: We collect only essential information for app functionality
  • Educational Use: Suitable for educational reading programs with proper supervision

International Data Transfers

  • Global Service: Your data may be processed in countries other than your residence
  • Adequate Protection: We ensure appropriate safeguards for international transfers
  • OpenAI Processing: Book recommendation data processed by OpenAI in their global infrastructure

Changes to This Privacy Policy

Updates and Notifications

  • Material Changes: We’ll notify you of significant privacy policy changes through the app
  • Review Reminder: We recommend reviewing this policy periodically
  • Continued Use: Using the app after changes indicates acceptance of updates

Version History

  • Current Version: December 2024
  • Previous Versions: Available upon request

Contact Information

Privacy Questions

For any privacy-related questions or concerns:

  • In-App: Use the contact form in app settings
  • Email: support@curious-minds.dev
  • Response Time: We aim to respond within 48 hours

Data Requests

To request access, correction, or deletion of your data:

  • Process: Submit request through app settings or email
  • Verification: We may require identity verification for security
  • Timeline: Most requests processed within 30 days

Legal Basis for Processing

Legitimate Interests

  • App Functionality: Processing necessary for core reading tracking features
  • User Experience: Improving app performance and fixing issues
  • Security: Protecting user accounts and preventing misuse

Consent

  • Optional Features: AI recommendations and advanced social features
  • Biometric Authentication: Face ID/Touch ID usage
  • Marketing: Future promotional communications (opt-in only)

Contractual Necessity

  • Account Management: Creating and maintaining your user account
  • Service Delivery: Providing the reading tracking and social features you requested

Effective Date: This privacy policy is effective as of December 2024 and applies to all users of the Summer Reading Challenge app.

Last Review: This policy was last reviewed and updated in December 2024 to reflect current app features and data practices.