Privacy Policy

How Zybrarium handles data

Last updated: June 15, 2026

This Privacy Policy explains how Zybrarium collects, uses, stores, and shares information when you use the app, including the book builder, public library, profile tools, and AI-assisted features.

Information we collect

  • Account data from sign-in, including Firebase or SSO user ID, email, name, and admin status when applicable.
  • Profile data you provide, such as display name, about text, favorite categories, audience preferences, and photo.
  • Preference data, including favorite categories, reader settings, and whether you enable category-matched book notification emails.
  • Content you create, including books, prompts, pages, intros, notes, generated images, uploaded images, covers, print settings, export settings, and character data.
  • Interaction data, including favorites, ratings, review comments, book views, and library browsing choices.
  • Z-Coin wallet and usage data, including daily allowance, spent coins, remaining balance, app wallet ID, usage ledger entries, generated image counts, request metadata, and estimated AI provider cost data.
  • Technical data needed to operate the service, including authentication cookies, session state, download and export request metadata, error IDs, and server logs.

How we use information

  • Operate core features like login, profile management, and library access.
  • Store and display your books, author profile, ratings, and comments in app experiences according to the visibility settings and features you use.
  • Personalize recommendations based on profile preferences and favorites.
  • When you opt in, send email notifications when a newly saved public book matches one of your selected favorite categories.
  • Generate story text, book ideas, character details, illustrations, covers, backgrounds, PDFs, and print-file packages when you use creator and export tools.
  • Display and enforce Z-Coin allowances for AI image generation, including free daily coins, usage debits, purchased or future coin pack balances, and admin unlimited access where applicable.
  • Maintain service integrity, security, and troubleshooting logs.
  • Review, moderate, restrict, or remove content and accounts when needed to enforce rules or protect users and the service.

How information is shared

  • Public books and related metadata may be visible to other users and visitors in the library, category pages, search results, book pages, and downloads.
  • Private books are not listed publicly, but they remain stored so you can access and edit them while signed in.
  • Ratings and reviews can be shown with your profile display name (or a generic reader label if no display name is set).
  • We use service providers for authentication, SSO, cloud storage, database hosting, secret management, image processing, and AI generation workflows.
  • If you enable book notification emails, our configured email provider receives the recipient email address and the message contents needed for delivery. A notification may include the matching category, public book title, introductory text, reading link, and the same stored cover-preview image used by Zybrarium's book preview.
  • When you create a character with ZyForge from inside Zybrarium, character details, prompts, style settings, generated images, account identifiers, and related usage records may be sent between Zybrarium and ZyForge to complete the request, save the character, meter Z-Coin usage, and support troubleshooting.
  • Prompts, page text, character details, images, and style settings may be sent to integrated AI providers when you request generated content.
  • When you download print files, the service may process saved book text, images, cover data, page layouts, and print settings to prepare the requested PDF or zip package.
  • Z-Coin usage records may be stored with operational metadata such as user ID, email, IP address, action type, generated image count, debited coin amounts, and estimated AI usage costs.
  • We may disclose data when required by law or to protect the service.

Book notification emails

Book notification emails are optional. When enabled in your profile, Zybrarium compares the category of a newly saved public book with your selected favorite categories. If there is a match, Zybrarium may send a notification to the email address associated with your account. The author of the new book is excluded from notifications for that book, and private books are not used for these notifications.

To make the message useful, Zybrarium may process and embed the public book's stored cover-preview image directly in the email. Email applications and providers may scan, cache, proxy, resize, suppress, or otherwise process message content and images under their own policies.

Z-Coins and usage records

Zybrarium uses Z-Coins to meter certain AI actions. Standard users currently receive 36 free Z-Coins per day for Zybrarium, and each generated image uses 3 Z-Coins, including character images created with ZyForge from inside Zybrarium. Admin accounts may have unlimited Z-Coin access for operational and support purposes.

To operate this feature, we store wallet state, usage ledgers, and usage events. These records help show balances in the app, prevent overuse, troubleshoot generation issues, estimate service costs, and detect abuse or attempts to bypass limits.

Cookies and sessions

Zybrarium uses essential authentication cookies and session state to keep you signed in, protect SSO login flows, and support security features such as inactivity logout. Google Analytics 4 loads only after you grant analytics consent. It measures aggregate page paths, sessions, engagement, device category, referral source, campaign information, and coarse country-level location. We do not send account identifiers, book content, prompts, generated content, or non-campaign URL query parameters to Google Analytics. Global Privacy Control disables analytics, and Cookie Settings lets you change your choice. Analytics data is retained according to the settings configured for the Zideons Google Analytics property.

Performance caching

To improve performance and reduce loading times, Zybrarium uses in-memory caching to temporarily store frequently accessed data such as book listings, user profiles, and categories.

  • Cache is stored in server memory and cleared when the application restarts.
  • Cached data expires automatically based on configured timeouts (typically 1-15 minutes).
  • Cache is invalidated when underlying data is updated to ensure freshness.
  • Caching is used solely for performance optimization and does not change how your data is stored, shared, or retained.

Data storage and retention

Zybrarium stores data in backend services used by this project, including Firebase services, Google Cloud services, and integrated AI APIs. We retain data while your account and content are active, or as needed for legitimate operational, security, moderation, backup, and legal reasons.

You can update profile data, modify or delete your own books, and remove saved character records through available in-app features. Z-Coin wallet and usage records may be retained as operational, security, abuse-prevention, accounting, and support records.

Downloaded print packages are prepared from stored book content when requested. The generated download package is delivered to your browser and is not intended to be a separate permanent copy stored by Zybrarium beyond ordinary operational logs, temporary processing, backups, or troubleshooting records.

Deleting a book through the user dashboard retires it, removes it from public display, and marks it private. Administrative deletion tools may permanently remove books, related database records, stored files, and references from user favorites. Account deletion requests may require help from support.

Children and family use

Zybrarium is designed for family-friendly reading and creator workflows. Accounts and submissions should be managed by parents, guardians, educators, or other authorized adults. Do not submit personal information about children beyond what is necessary for a story or profile, and avoid uploading sensitive child data.

Zybrarium is not intended for children under 13 to create accounts or submit content without verifiable parent, guardian, or educator involvement.

Security

We use reasonable technical and organizational safeguards, but no system can be guaranteed to be fully secure.

Your choices and requests

You can use the in-app profile, dashboard, builder, favorites, and character tools to update or remove many records yourself. You can enable or disable book notification emails and change the favorite categories used for matching from your profile. For privacy, account deletion, or content removal requests, contact privacy@bookbuildr.app.

Changes to this policy

We may update this Privacy Policy from time to time. Updates are effective when posted on this page with a revised "Last updated" date.