Legal
Privacy Policy
Last updated · 14 June 2026
This Privacy Policy explains how NovelRadar (the “Service”), operated by [operator legal name, address](the “controller”), processes your personal data and your rights under the EU General Data Protection Regulation (GDPR). For our full operator identity, see the Impressum.
1. Data we collect
- Account data — when you create an account, the email address and any name you provide.
- Billing data — when you subscribe, our payment provider processes your payment details. We receive only the information needed to manage your subscription (e.g. plan, status, last four digits, country for tax); we do not store full card numbers.
- Technical / usage data — server logs generated when you visit, such as IP address, browser/device information, pages requested, and timestamps, processed by our hosting provider for security and operation.
- Cookies — strictly necessary cookies for session and security. We do not currently use third-party advertising or analytics trackers.
2. Why we process it, and our legal basis
- To provide accounts and the Service — performance of a contract (Art. 6(1)(b) GDPR).
- To process subscriptions and payments — contract and legal obligation (Art. 6(1)(b) and (c), e.g. tax/accounting retention).
- To keep the Service secure and operational and to prevent abuse — legitimate interests (Art. 6(1)(f)).
- For any future non-essential cookies or marketing — only with your consent (Art. 6(1)(a)), which you can withdraw at any time.
3. Providers who process data for us
We use the following processors / sub-processors, who act on our instructions under data-processing agreements:
- Vercel — application hosting and content delivery.
- Neon — managed PostgreSQL database.
- Paddle / Lemon Squeezy — payment processing and, as merchant of record, tax handling (the active provider depends on our configuration). They are independent controllers for the payment data you submit to them.
Some providers are based in or transfer data to the United States. Where personal data leaves the EU/EEA, we rely on appropriate safeguards such as the EU Standard Contractual Clauses and, where applicable, the EU–US Data Privacy Framework.
4. How long we keep it
We keep account data for as long as your account is active and delete or anonymise it within a reasonable period after closure, except where we must retain certain records (e.g. invoices) to meet legal obligations. Server logs are kept only for a short period for security and diagnostics.
5. Your rights
Under the GDPR you have the right to:
- access the personal data we hold about you;
- have inaccurate data corrected;
- have your data erased (“right to be forgotten”);
- restrict or object to certain processing;
- receive your data in a portable format;
- withdraw consent at any time, without affecting prior processing;
- lodge a complaint with a supervisory authority — for users in Germany, the data protection authority of the relevant federal state.
To exercise any of these, contact us at privacy@novelradar.app.
6. Children
The Service is not directed to children under 16, and we do not knowingly collect their personal data.
7. Changes to this policy
We may update this policy and will post the new version here with a revised “last updated” date. Material changes will be communicated where required.
8. Contact
Controller contact for privacy matters: privacy@novelradar.app. See also our Terms of Service.