BookAmor – GDPR Summary

BookAmor is operated by Pronunciator LLC (Wyoming, USA). BookAmor is a lightweight, library-specific discovery tool for public libraries. It does not create user accounts, does not store personal identifiers, and does not track users across visits. Its purpose is to help library patrons find reading recommendations and locate items in their library’s catalog.

What Data We Process

BookAmor processes only the minimal information necessary for the service to function.

1. Temporary Access Information

Depending on a library’s access settings, BookAmor may check:

  • The visitor’s IP address to determine in-library access (when the library enables IP-based authentication).
  • The library-card number at the moment of access, when a library chooses card-based authentication. Card numbers are validated against simple pattern rules and are not stored permanently. BookAmor creates an opaque, random “remember-me” token so the visitor does not need to re-enter the card on the same device.

2. Anonymous Usage Events

BookAmor logs anonymous events so participating libraries can understand general usage. Logged events may include:

  • Page views
  • Recommendation requests
  • “Ask AI” requests
  • “Find in Library” clicks

No personal identifiers are stored. Logged fields include only library ID, media type, seed title (truncated), access method (such as “ip”, “card”, or “none”), and timestamp.

3. Ask-AI Reading Aide Messages

When a user asks BookAmor’s Reading Aide a question, BookAmor sends only the title, media type, and question text to the backend AI endpoint. No user identifiers are sent.

Legal Basis for Processing

We process the above data under the following legal bases:

  • Legitimate Interests (Article 6(1)(f) GDPR): To provide library-authorized access and service functionality.
  • Contractual Necessity (Article 6(1)(b) GDPR): To provide BookAmor functionality requested by the patron via the library.

Data Storage & Retention

BookAmor is designed to minimize data storage. In particular:

  • Access logs and anonymous usage logs are stored in a secure database.
  • Remember-me tokens are stored with an expiry (typically 60–90 days) and are deleted automatically after expiry.
  • No reading history is created.
  • No user profiles are created.
  • No cross-site tracking occurs.

International Transfers

BookAmor is hosted in the United States (Wyoming). Libraries using BookAmor acknowledge that data necessary to provide the service may be processed in the United States. When applicable, OpenAI (used for the “Ask AI” feature) processes text under contractual terms intended to comply with GDPR requirements.

Your Rights

Library patrons in the EU/EEA have the right to:

  • Request access to the minimal data BookAmor processes (which in practice is usually none that can identify a person).
  • Request rectification or deletion of any identifiable data, if present.
  • Object to processing in cases where it affects them, noting that this may disable access if the library requires authentication.

To exercise these rights, patrons should contact their library. For questions specific to BookAmor’s processing, you may also contact Pronunciator LLC at support@pronunciator.com.