Privacy Policy

Last updated: April 23, 2026

This Privacy Policy explains how Library of Love GmbH (“Library of Love,” “we,” “us,” or “our”) collects, uses, shares, and protects personal data when you use libraryoflove.app, the Library of Love mobile application, and related services (together, the “Service”).

We aim to keep this policy reasonably clear and human-readable. In short: we collect the data needed to operate the Service, secure it, improve it, and provide the features you choose to use.

1. Who We Are

The controller responsible for processing your personal data is:

Library of Love GmbH
Moststraße 6
90762 Fürth
Germany

Registered seat: Fürth
Commercial Register: Amtsgericht Fürth, HRB 22517

Contact: legal@libraryoflove.app

2. Where This Privacy Policy Applies

This Privacy Policy applies to personal data processed through:

• libraryoflove.app
• the Library of Love mobile app
• related support and communication channels we operate in connection with the Service

If we launch a feature that requires a separate privacy notice, that separate notice will apply to that feature.

3. Data We Collect

We collect personal data in three main ways: (1) data you provide directly, (2) data collected automatically when you use the Service, and (3) data we receive from third parties where relevant.

A. Data you provide directly

Depending on how you use the Service, you may provide:

Account Data

• email address, password, account preferences and settings
• display name / username, profile information you choose to provide

Content You Create

• wishes, indulgences, favors, duties, rules, notes, comments, journal-like entries, and other text you create in the Service
• profile details and other information you choose to store in your library
• avatars, profile images, uploaded photos, feed images, and other media you choose to upload or share through the Service
• reports, appeals, or moderation-related submissions you send through in-app reporting or support channels

Relationship / Sharing Data

• information connected to invitations, connections, and shared relationship features
• content visibility choices and sharing settings
• data related to linked accounts or partner-style app features, where applicable

Support Communications

• information you send to us when you contact us for support or legal/privacy requests

B. Data collected automatically

When you use the Service, we may automatically collect certain technical and usage data, such as:

Technical Data

• IP address, device type and model, operating system and version, app version
• language, region, and time zone, basic network and diagnostic information

Usage Data

• interactions with app features, screen or feature usage events
• timestamps and session-related metadata, general analytics about how the Service is used

Safety and Upload Metadata

When you upload content, we may generate or collect technical and safety-related metadata such as file type, upload timestamps, basic media metadata, perceptual hashes or similar fingerprints, classification results, flag categories, rate-limit events, and moderation workflow status.

For photos attached to log entries, we compute a perceptual hash on our infrastructure and transmit only that hash to Project Arachnid Shield (Canadian Centre for Child Protection) for child-sexual-abuse-material matching; we send the image and its caption to OpenAI for automated content classification. Match and classification outcomes may be stored as described below.

Where possible, we aim to keep analytics limited and proportionate. Analytics are configured to focus on behavioral and technical event data rather than the plain-text personal content you write inside the Service.

C. Data from third parties

• infrastructure and hosting providers
• analytics and advertising-measurement providers, including the TikTok pixel on our public website, which we load only after you accept the on-site cookie/tracking banner
• app distribution platforms such as Apple App Store or Google Play, where relevant
• authentication providers when you sign in or link an account with Google or Apple (for example, identifiers and profile or contact details those providers share with us according to your sign-in choices and their terms)

4. Sensitive Data

Because Library of Love is designed for personal reflection, relationships, boundaries, desires, goals, and other intimate or emotionally meaningful topics, some content you choose to enter may be considered sensitive personal data under certain laws.

You provide this information voluntarily. Where required by applicable law, we process such data on the basis of your explicit consent and/or because processing is necessary to provide the Service you intentionally use.

You should only enter sensitive information into the Service if you are comfortable doing so.

5. How We Use Data

We use personal data for the following purposes:

A. To provide and operate the Service

• create and manage your account, authenticate users
• store, sync, display, and organize your library content
• enable sharing and relationship-based features you choose to use
• provide app functionality, settings, and personalization

B. To maintain and improve the Service

• understand product usage, improve usability, reliability, and performance
• fix bugs and technical issues
• develop, test, and refine existing and future features

C. To communicate with you

• send essential service-related messages
• respond to support, legal, and privacy inquiries
• notify you about important changes to the Service or this policy

D. To protect the Service and its users

• detect and prevent abuse, fraud, unauthorized access, and misuse
• classify and flag uploaded content for safety and moderation purposes
• investigate user reports and suspected policy violations
• apply rate limits, anti-spam protections, and abuse-prevention controls
• investigate security incidents
• enforce our Terms and other applicable policies
• preserve relevant evidence where reasonably necessary for safety, legal compliance, or dispute handling

E. To comply with legal obligations

• comply with applicable law, legal process, accounting requirements, and regulatory obligations
• establish, exercise, or defend legal claims where necessary

F. Automated safety processing

We use automated systems to help detect spam, abuse, suspected illegal content, and other policy violations. For photos in log entries, this includes:

• sending a perceptual hash to Project Arachnid Shield (Canadian Centre for Child Protection) for child-sexual-abuse-material detection, without sending the image itself for that step;
• sending the image and caption to OpenAI's content-moderation service for category classification (for example explicit content, violence, self-harm), with processing described by OpenAI as in-memory and without retention for model training; and
• storing classification results with the attachment, using them together with user reports to remove disallowed content where our policies provide, applying per-account upload rate limits, and logging confirmed hash matches where the law requires reporting to authorities (in Germany: Bundeskriminalamt / INHOPE).

If you believe content was removed in error, you may contact us for review during the retention period described under Data Retention.

G. Artificial intelligence

We do not use your personal data to train artificial intelligence or machine-learning models in any way, whether for our own systems or for resale to others.

If Library of Love ever offers a feature that would use your data for model training or similar AI development, that feature would be opt-in and clearly disclosed in the product and in this Privacy Policy before you could use it.

6. Legal Bases for Processing

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we generally rely on one or more of the following legal bases under applicable data protection law:

• Performance of a contract — where processing is necessary to provide the Service you requested
• Legitimate interests — where processing is necessary for product improvement, security, fraud prevention, service administration, and related operational purposes, provided those interests are not overridden by your rights
• Consent — where required, including for certain types of sensitive data or permissions-based features
• Legal obligation — where processing is required by law

Where we rely on consent, you may withdraw it at any time, although this does not affect the lawfulness of processing that occurred before withdrawal.

7. How We Share Data

We do not share personal data except as described in this Privacy Policy or where you direct us to do so.

A. With other users, according to your choices

If you use shared or relationship-based features, information may be visible to other users according to the visibility settings, permissions, and sharing choices built into the Service.

B. With service providers

We use service providers for hosting, infrastructure, database and backend services, authentication, analytics, email delivery, app distribution, and, where applicable, trust-and-safety, image analysis, moderation support, or abuse-detection services. These providers process data on our behalf under appropriate contractual and technical safeguards.

On our public website we additionally use the TikTok pixel to measure the effectiveness of our advertising. It is only loaded after you accept our on-site cookie/tracking banner; if you decline, no pixel events are transmitted. Sign-in, account, and in-app pages do not load the pixel.

For photo moderation specifically, Project Arachnid Shield (operated by the Canadian Centre for Child Protection) receives perceptual hashes only for matching against known child-sexual-abuse material, and OpenAI receives images and captions submitted for automated content classification, as described in sections 3 and 5 of this policy.

Library of Love GmbH accesses Shield by Project Arachnid https://projectarachnid.ca, a program of the Canadian Centre for Child Protection Inc., to facilitate the detection and removal of child sexual abuse material and harmful-abusive material of children and survivors of child sexual abuse on its services.

C. For legal or safety reasons

We may disclose personal data where reasonably necessary to comply with legal obligations, respond to valid legal requests, protect rights and safety, or investigate fraud, abuse, or security incidents.

D. In connection with a business transaction

We do not sell your personal data to advertisers, data brokers, or unrelated third parties. However, if Library of Love is involved in a merger, acquisition, or similar transaction, personal data may be transferred to the relevant party as part of that transaction, subject to applicable law and appropriate safeguards.

8. International Data Transfers

Our primary infrastructure is intended to be hosted in the European Union. If we transfer personal data outside the EEA, UK, or Switzerland, we will do so only where appropriate safeguards are in place (e.g. adequacy decisions, Standard Contractual Clauses).

Some providers we use — including TikTok for advertising measurement on our public website — are based outside the EEA. Where you accept the on-site cookie/tracking banner, the resulting pixel events may be transferred to and processed by those providers in their respective jurisdictions under their own terms and safeguards.

9. Your Rights

Depending on where you live, you may have rights regarding your personal data, including the right to access, correct, delete, restrict, or object to certain processing, receive a portable copy of data, withdraw consent, and lodge a complaint with a supervisory authority.

To exercise privacy rights, contact us at legal@libraryoflove.app. We may need to verify your identity before fulfilling certain requests.

10. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy. Account and library data may be retained for as long as your account remains active; support and legal correspondence as needed for recordkeeping; technical logs and analytics for limited periods; backup data until overwritten in the ordinary backup cycle.

Content reports, moderation records, safety flags, and related account or technical logs may be retained for longer where reasonably necessary to investigate abuse, enforce our Terms, comply with law, resolve disputes, or protect users and the Service.

Photos removed for trust-and-safety reasons are generally retained for 30 days so you can appeal, then permanently deleted, subject to longer retention where law or a specific investigation reasonably requires it.

When data is no longer needed, we will delete it or anonymize it where reasonably possible.

11. Security

We use reasonable technical and organizational measures to protect personal data. No method of storage or transmission is completely secure, and we cannot guarantee absolute security.

12. Children's Privacy

Library of Love is not intended for anyone under the age of 18. We do not knowingly collect personal data from children under 18. If you believe that a child has provided us with personal data, please contact us at legal@libraryoflove.app.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may notify you through the Service, on our website, or by other reasonable means. The “Last updated” date at the top indicates when this policy was most recently revised.

14. Contact

Library of Love GmbH
Moststraße 6, 90762 Fürth, Germany
Email: legal@libraryoflove.app