This GDPR Privacy Notice explains how WizRead (“Company,” “we,” “us,” and “our”) processes personal data of individuals located in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland (collectively, the “European Region”) when they use our website at https://wizread.io and related services (our “Services”).

This notice supplements our Privacy Policy and our Cookie Policy. If there is any conflict between this GDPR Privacy Notice and those documents for individuals in the European Region, this notice will prevail to the extent of the conflict.

1. Who is the data controller?

For purposes of the EU General Data Protection Regulation (“GDPR”) and similar laws, the data controller responsible for your personal data when you use our Services is:

WizRead
Email: support@wizread.io

If we appoint a Data Protection Officer (DPO) or an EU/UK representative, we will update this page with their contact details.

2. What personal data do we process?

The categories of personal data we process are consistent with those described in our Privacy Policy and may include:

• Account and identification data – such as your name or display name, username, email address, password, and any profile information you choose to add (for example, an avatar or short bio).
• Service usage and reading activity data – such as books and files you add, reading progress and statistics, highlights and notes, goals, and other information related to your use of the Services.
• Device and technical data – such as IP address, browser type and version, operating system, language and region settings, device identifiers, and log data (including pages viewed, actions performed, and error logs).
• Communication and support data – such as messages or information you send through our contact forms, support channels, or feedback tools, as well as our related responses.
• Payment and contribution data (if applicable) – if you choose to support us or buy paid features, we may receive limited information about the transaction (for example, payment status, transaction ID, and timestamp) from our payment providers. Full payment card details are processed and stored by those third-party providers, not by us.

We do not intentionally collect sensitive categories of personal data (such as information about health, religion, or political opinions) through the Services.

3. Why do we process your personal data, and on what legal bases?

Under the GDPR, we must have a valid legal basis to process your personal data. Depending on the context, we may rely on one or more of the following legal bases:

• Performance of a contract
  We process personal data that is necessary to create and manage your account, provide and personalize the Services, sync your reading data and preferences, and respond to your requests.
• Your consent
  We may process certain data based on your consent, for example when you accept non-essential cookies (e.g., analytics), subscribe to optional communications, or participate in surveys or beta programs. You can withdraw your consent at any time (see Section 7 below).
• Legitimate interests
  We process personal data where it is necessary for our legitimate interests and where these are not overridden by your interests or fundamental rights and freedoms. This includes improving and securing our Services, preventing abuse and fraud, understanding how our users interact with WizRead in aggregated form, and defending our legal rights.
• Compliance with legal obligations
  We may process personal data when necessary to comply with legal obligations, such as tax, accounting, or regulatory requirements, or to respond to lawful requests from public authorities.
• Protection of vital interests
  In rare situations, we may process data where necessary to protect the vital interests of you or another person, for example to help prevent serious harm.

4. With whom do we share your personal data?

We may share your personal data with third parties as described in our Privacy Policy, including:

• Service providers who process data on our behalf, such as hosting, infrastructure, analytics, customer support, and payment providers. These service providers are bound by contractual obligations to protect your personal data and to use it only according to our instructions.
• Other users when you choose to share content publicly (for example, if you make certain lists or other content visible to others within the Services).
• Public authorities or other third parties when we are required to do so by law or when it is necessary to establish, exercise, or defend legal claims.

We do not sell your personal data.

5. International transfers of personal data

Our servers and some of our service providers may be located outside the country where you reside. If we transfer personal data from the European Region to countries that do not provide the same level of data protection as your home jurisdiction, we will take appropriate safeguards to protect your personal data, such as:

• relying on adequacy decisions issued by the European Commission, where applicable;
• using Standard Contractual Clauses approved by the European Commission or other relevant authorities; and
• implementing additional technical and organizational safeguards where appropriate.

You can contact us at support@wizread.io if you would like more information about the safeguards used for international transfers.

6. How long do we keep your personal data?

We retain your personal data only for as long as reasonably necessary to fulfill the purposes described in this notice and our Privacy Policy, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

• Data associated with your account and reading activity is typically kept for as long as your account is active.
• If you request deletion of your account, we will delete or irreversibly anonymize your personal data, unless we are required or permitted by law to keep certain information for a longer period.
• Support and communication records may be retained for a limited period after closure of your request, for example to improve our support processes and for record-keeping.

When data is no longer needed, we will delete it or anonymize it so that it can no longer be associated with you.

7. Your rights under the GDPR

If you are located in the European Region, you have the following rights in relation to your personal data, subject to applicable law and certain conditions:

• Right of access – to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of the personal data we hold about you.
• Right to rectification – to have inaccurate or incomplete personal data corrected or completed.
• Right to erasure – to request deletion of your personal data in certain circumstances, for example where the data is no longer necessary for the purposes for which it was collected.
• Right to restriction of processing – to request that we restrict processing of your personal data in certain situations (for example, while we verify its accuracy or consider an objection you have raised).
• Right to data portability – to receive personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit that data to another controller where technically feasible.
• Right to object – to object to our processing of your personal data that is based on our legitimate interests, and to object at any time to the use of your personal data for direct marketing.
• Right to withdraw consent – where processing is based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing carried out before such withdrawal.
• Right to lodge a complaint – you have the right to lodge a complaint with your local data protection authority if you consider that our processing of your personal data infringes applicable data protection laws.

8. How to exercise your rights

To exercise your rights or ask questions about how we handle your personal data, you can contact us at:

Email: support@wizread.io
Contact form: https://wizread.io/contact

To help protect your privacy and security, we may need to verify your identity before responding to a request. We will respond within the time frames required by applicable law.

9. Cookies and similar technologies

We use cookies and similar technologies on our Website for purposes such as operating the site, enhancing your experience, and performing analytics. Your choices regarding cookies, including how to accept or reject non-essential cookies, are explained in more detail in our Cookie Policy.

10. Changes to this GDPR Privacy Notice

We may update this GDPR Privacy Notice from time to time, for example to reflect changes in our practices or in applicable law. When we do so, we will update the “Last updated” date at the top of this page. In some cases, we may also provide you with additional notice (such as by email or through the Services).

11. Contact us

If you have any questions about this GDPR Privacy Notice or our privacy practices, please contact us at:

WizRead
Email: support@wizread.io