Privacy Policy

1. Introduction

Welcome to Becomes ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you understand how we collect, use, and safeguard your personal information.

This Privacy Policy explains our practices regarding personal data when you visit our website, use our application, or interact with our services. It applies to all users, including those in the European Economic Area (EEA), United Kingdom (UK), and United States.

2. Information We Collect

Information You Provide Directly

• Account Information: When you sign up for our beta or create an account, we collect your name, email address, and any other information you choose to provide.
• User Content: Books you add, highlights you import or create, notes, and any other content you input into the service.
• Communications: Information you provide when contacting us for support or feedback.

Information Collected Automatically

• Device Information: Browser type, operating system, device identifiers, and screen resolution.
• Usage Data: Pages visited, features used, time spent on pages, click patterns, and interaction data.
• Log Data: IP address, access times, referring URLs, and error logs.
• Location Data: General geographic location based on IP address (country/region level only).

Information from Third Parties

• Analytics Providers: We receive aggregated analytics data from services like Meta (Facebook) and TikTok.
• Integrated Services: If you connect third-party services (such as reading apps for highlight import), we receive data you authorize those services to share.

3. How We Use Your Information

We use your information for the following purposes and legal bases:

To Provide Our Services (Contractual Necessity)

• Create and manage your account
• Process and display your book highlights and insights
• Generate personalized skill paths and mindset connections
• Enable features you request

With Your Consent

• Send marketing communications about new features and updates
• Use cookies for analytics and advertising purposes
• Process special categories of data, if applicable

For Legitimate Interests

• Improve and optimize our services and user experience
• Analyze usage patterns to develop new features
• Ensure security and prevent fraud
• Communicate important service updates

For Legal Compliance

• Comply with applicable laws and regulations
• Respond to legal requests and prevent harm
• Enforce our terms of service

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities.

Types of Cookies We Use

• Essential Cookies: Required for basic site functionality and security. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our website.
• Advertising Cookies: Used to deliver relevant advertisements and measure campaign effectiveness.

Third-Party Tracking Services

• Meta (Facebook) Pixel: We use Meta Pixel to measure advertising effectiveness and deliver targeted ads. Meta may collect data about your browsing activity across websites. View Meta's Privacy Policy
• TikTok Pixel: We use TikTok Pixel for advertising measurement and optimization. View TikTok's Privacy Policy

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block all cookies
• Clear cookies when you close your browser

Note: Blocking certain cookies may impact your experience on our site.

Do Not Track

Some browsers have a "Do Not Track" (DNT) feature. We currently do not respond to DNT signals, as there is no industry standard for handling these requests. We will update this policy if a standard is established.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers

We work with trusted third-party companies that help us operate our business, including:

• Cloud hosting and infrastructure providers
• Analytics and measurement services
• Customer support tools
• Email delivery services

These providers are contractually bound to protect your data and use it only for the services they provide to us.

Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

With Your Consent

We may share your information for other purposes with your explicit consent.

6. Data Retention

We retain your personal information for as long as necessary to:

• Provide you with our services
• Comply with legal obligations
• Resolve disputes and enforce our agreements

Specifically:

• Account Data: Retained while your account is active and for up to 30 days after deletion request
• User Content: Retained while your account is active; deleted upon account termination
• Analytics Data: Aggregated and anonymized data may be retained indefinitely
• Legal Records: Retained as required by applicable law (typically 3-7 years)

7. Your Rights and Choices

For All Users

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Opt-Out: Unsubscribe from marketing communications at any time

For EEA and UK Residents (GDPR)

Under the General Data Protection Regulation, you have additional rights:

• Right to Portability: Receive your data in a structured, machine-readable format
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing)
• Right to Lodge a Complaint: File a complaint with your local data protection authority

We do not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on you.

For California Residents (CCPA/CPRA)

Under the California Consumer Privacy Act and California Privacy Rights Act, you have the right to:

• Know: Request disclosure of personal information collected, used, and disclosed
• Delete: Request deletion of your personal information
• Correct: Request correction of inaccurate personal information
• Opt-Out of Sale/Sharing: We do not sell personal information. We share data with advertising partners for targeted advertising, which you may opt out of
• Limit Use of Sensitive Personal Information: Request limits on how we use sensitive data
• Non-Discrimination: Exercise your rights without discriminatory treatment

To submit a request, contact us using the information below. We will verify your identity before processing your request.

For Other U.S. State Residents

If you reside in Virginia, Colorado, Connecticut, Utah, or other states with comprehensive privacy laws, you may have similar rights to access, delete, correct, and opt-out. Contact us to exercise these rights.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States.

When we transfer data from the EEA or UK, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions where applicable
• Other lawful transfer mechanisms

By using our services, you acknowledge that your data may be processed in jurisdictions with different data protection laws than your own.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Employee training on data protection

While we strive to protect your data, no method of transmission or storage is 100% secure. If you have reason to believe your account has been compromised, please contact us immediately.

10. Children's Privacy

Our services are not directed to children under the age of 16 (or 13 in the United States). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us. If we learn we have collected personal information from a child without proper consent, we will delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes:

• We will update the "Last updated" date at the top of this policy
• We will notify you by email or through our service for significant changes
• We may ask for your consent again if required by law

We encourage you to review this policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have questions about this Privacy Policy, want to exercise your rights, or have concerns about our data practices, please contact us:

For EEA residents, you also have the right to lodge a complaint with your local data protection authority. A list of EU data protection authorities is available at the European Data Protection Board website.

For UK residents, you may contact the Information Commissioner's Office (ICO) at ico.org.uk.