Privacy Policy

Atticus Interactive Inc. ("Atticus," "we," "us," or "our") provides an AI-powered interactive reading platform that lets you have real-time conversations with books and authors across audiobooks, eBooks, and digital textbooks (the "Services").

This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our mobile apps, websites, and other online products that link to this Privacy Policy, or join our private beta as a reader, author, publisher, or other early partner.

By using the Services in the private beta, you agree to the practices described here. If you do not agree, please do not use the Services.

This Policy is for general information only and does not constitute legal advice.

1. Scope & Roles

This Privacy Policy applies to:

• Readers using Atticus apps or web experiences
• Authors & publishers using Atticus tools or participating in analytics programs
• Visitors to our marketing sites, waitlists, and landing pages

It does not apply to third-party websites or apps we don't control (for example, external book retailers or social networks). Their privacy policies will govern their own practices.

For most of the processing described in this Policy, Atticus acts as the "controller" (under EU/UK law) or "business" (under US state privacy laws) determining how and why your personal information is processed. In some cases—such as certain analytics or services we provide purely on behalf of a publisher—we may act as a "processor" or "service provider" instead. In those situations, our use of your information is also governed by our contracts with that publisher.

2. Information We Collect

We collect three main types of information: (1) Information you provide directly, (2) Information collected automatically when you use the Services, and (3) Information from third parties.

2.1 Information You Provide Directly

Account & Profile Information

• Name, email address, password
• Country/region and language
• Optional profile data like photo, reading interests, and short bio

Reader Activity & Library

• Books you add, open, or interact with
• Bookmarks, highlights, notes, and reading or listening progress
• Custom shelves, collections, and other library organization data

AI Conversations & Inputs

• Questions you ask and messages you send to Atticus AI, Book AI, or Author AI
• Conversation transcripts, timestamps, and conversation metadata
• Reactions, ratings, and feedback on specific responses

Voice & Audio Inputs

When you use voice features to interact with Atticus:

• We process your audio to convert it to text (transcription).
• We retain the text transcript as part of your conversation history.
• We delete the raw audio file within 24 hours of processing—we do not store your original voice recording.
• We do not create voiceprints, perform speaker identification, or use your voice for biometric purposes.

If we change how we handle voice data in the future (for example, to offer voice-cloned narration), we will notify you and obtain explicit consent before enabling any such features.

Author / Publisher Account Data

• Professional contact details and organization information
• Titles you onboard, license, or manage through Atticus
• Settings for AI twins, content rules, and analytics dashboards

Purchases & Subscription Details

• Subscription tier, status, and renewal events
• Billing address and limited payment details (last four digits of card, expiration date). Full card data is processed by our payment processors, not stored by Atticus.

Communications & User-Generated Content

• Emails or messages you send to support
• Survey responses, feature requests, or bug reports
• Reviews, comments, or other content you post within Atticus communities (if enabled in beta)

2.2 Information We Collect Automatically

When you use the Services, we automatically collect:

Device & Technical Data

• IP address, device type, operating system, app version, browser type
• Device identifiers (such as mobile device ID)
• Language and time zone

Usage & Interaction Data

• Pages/screens viewed, features used, buttons clicked
• Session duration, in-app navigation, and referring/exit pages
• Reading and listening behavior (e.g., sections revisited, time spent, completion rates)

Approximate Location

• Country, city, or region inferred from your IP address
• We do not collect precise GPS location unless you explicitly enable a feature that needs it.

Log & Diagnostic Data (Private Beta)

Because this is a private beta, we collect more technical logs than we expect to in production, for example:

• Error reports, crash logs, and performance metrics
• Metadata about AI requests and responses (e.g., latency, failure codes)

2.3 Information from Third Parties

We may receive information about you from:

• Social sign-in providers (e.g., Apple, Google) — typically your name, email, and an identifier, if you choose to sign in this way
• Payment processors — confirmation of payments, fraud-prevention signals
• Analytics partners — aggregated insights about how people use the product
• AI infrastructure partners — limited metadata needed to run conversations (e.g., model performance metrics)
• Authors & publishers — book metadata, author bios, and other content we display inside the Services

We combine this information with other data we collect to operate and improve Atticus.

3. How We Use Your Information

3.1 To Provide and Maintain the Services

We use your information to:

• Create and manage your Atticus account
• Deliver reading and listening experiences (including syncing progress across devices)
• Run AI conversations and generate responses grounded in the relevant book content
• Remember your preferences and settings
• Provide customer support and respond to your requests
• Operate, maintain, and secure our infrastructure

3.2 To Personalize and Improve Your Experience

We use information to:

• Recommend books, authors, and topics you might like
• Tailor AI responses based on your reading progress and goals
• Avoid spoilers by limiting AI responses to portions of books you've already consumed, where technically feasible
• Run experiments and analyses to improve UX, accuracy, and performance

3.3 How We Use Data to Improve Atticus (And How We Don't)

We distinguish between improving our own systems and training third-party AI models:

1. Atticus Systems (Yes, with aggregated and de-identified data):

We may use aggregated and de-identified interaction data to improve our retrieval logic, ranking algorithms, and response quality—for example, learning which passages best answer common question types. Before analysis, we remove or obfuscate direct identifiers (like names and email addresses) and take steps to reduce the risk that data can be linked back to an individual.

2. Foundation Models (No):

We do not use your identifiable conversation transcripts, personal information, or licensed book content to train the standalone large language models (LLMs) that power Atticus. We do not build a general-purpose foundation model from your conversations or publishers' books.

3. Third-Party AI Providers (Configured to prevent training on your data):

We configure and contract with AI infrastructure providers (such as xAI, OpenAI, or Anthropic) so that data transmitted through Atticus is not used to train their standalone general-purpose models, where such controls are available. Where a provider offers zero-data-retention or no-training modes, we use those settings for Atticus production traffic. These providers may still temporarily log limited information as needed to operate, secure, or monitor their services, but not to train their general-purpose models.

This approach protects both reader privacy and author/publisher intellectual property—a core commitment of the Atticus platform.

3.4 Analytics & Insights for Authors and Publishers

We analyze usage and conversation data to generate aggregated and de-identified insights for authors and publishers, such as:

• Which sections of a book are most discussed
• Frequently asked questions or themes
• Engagement trends over time

3.5 Communication & Marketing

We use your information to:

• Send transactional emails (e.g., account creation, receipts, policy updates)
• Notify you about new features, beta updates, or service changes
• With your consent, send you newsletters, promotions, or invitations related to Atticus and participating authors/publishers

You can opt out of marketing communications at any time (see Section 9).

3.6 Legal, Security, and Compliance

We also use information to:

• Detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activity
• Enforce our Terms of Use and other agreements
• Comply with legal obligations and respond to lawful requests, such as subpoenas or court orders

4. AI Conversations & Content Processing

4.1 How Book & Author AI Works

Atticus uses a Rights-Safe Retrieval-Augmented Generation (RAG) architecture designed to protect both reader privacy and publisher content:

Content Isolation

• Each book's content is processed into a secure, isolated vector database.
• By default, Book A's content is not used when answering questions about Book B, unless rights holders have authorized a cross-book experience.
• Publisher and author content is never merged into a single, shared knowledge base used to train a general-purpose model.

How Retrieval Works

• When you ask a question, Atticus searches only the book(s) you have access to for relevant passages.
• Those passages are provided to the AI model as temporary context to generate a response.
• Retrieved content is used to answer your question and is not added to any training dataset used to personalize or generate responses for other users.

Publisher Controls

• Rights holders can define access boundaries, prohibited topics, and response parameters for their content.
• Content can be immediately removed from our systems at a rights holder's request, subject to limited backups and logs.
• We maintain audit trails showing how content is accessed and used.

What This Means for You

Your conversation about one book does not determine how we answer another reader's questions about a different book, and we don't share your personal reading journey with other users. Each book exists in a secure environment, and your personal reading context stays with you.

4.2 Conversation Data During Private Beta

During the private beta, we:

• Store AI conversation transcripts so you can revisit, continue, or delete past conversations
• Log metadata such as timestamps, book context, and model parameters
• Allow a small, authorized internal team to manually review a subset of conversations to debug issues, improve response quality, monitor abuse, and validate analytics

Where possible, internal reviewers see minimized or pseudonymized data. All reviewers are bound by confidentiality obligations.

We do not sell or share conversation transcripts or related metadata with advertisers, data brokers, or other third parties for their own independent marketing purposes.

4.3 Sharing Insights with Authors & Publishers

We provide analytics dashboards to authors and publishers that may include:

• Aggregated engagement metrics (e.g., time spent, completion rates, most-revisited sections)
• Common question themes and topics
• De-identified conversation summaries and trends

By default, we do not show authors or publishers your name, email, or full conversation transcript unless you explicitly agree to share your details or we are required to share information to comply with law.

5. Cookies & Tracking Technologies

We (and our service providers) use cookies, SDKs, and similar technologies to:

• Keep you logged in and remember your preferences
• Measure usage, performance, and errors
• Understand how people find and use our Services
• In the future, support personalized marketing and attribution (not yet heavily used in private beta)

We group these into:

• Essential cookies – needed for core functionality (e.g., authentication). You can't opt out of these and still use the Services.
• Analytics & performance cookies – help us understand usage patterns and improve the product.
• Functional cookies – remember choices such as language or display settings.
• Marketing cookies (limited in private beta) – may be used in early experiments to measure the impact of campaigns.

You can manage cookies through your browser or device settings, or in-app/on-site cookie controls (where available). If you disable cookies, some features may not work properly.

We currently do not respond to browser "Do Not Track" signals.

6. Legal Bases for Processing (EEA/UK Users)

If you're in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases:

• Contract – to provide the Services you request (e.g., running conversations, syncing progress, processing subscriptions).
• Legitimate interests – to personalize experiences, run analytics, secure our systems, and communicate with you about similar products and features.
• Consent – for optional activities such as certain marketing communications or cookies where required. You can withdraw consent at any time.
• Legal obligations – to comply with applicable laws and regulations.

See Section 15 for more detail on your rights under GDPR.

7. How We Share Your Information

7.1 Service Providers (Processors)

We share information with trusted third parties who help us operate the Services, such as:

• Cloud hosting and storage providers
• AI model and infrastructure providers
• Analytics, error-monitoring, and performance tools
• Customer support and helpdesk platforms
• Email and push-notification providers
• Payment processors and fraud-prevention services

These providers are contractually required to use your information only under our instructions, implement appropriate security measures, and comply with applicable privacy laws.

7.2 Authors & Publishers

We may share:

• Aggregated and de-identified analytics and insights about how readers interact with their books.
• Your contact information only if you explicitly opt in (for example, to join an author's newsletter).

We do not give authors or publishers unfettered access to raw conversation transcripts tied to your identity.

7.3 Corporate Transactions

We may share or transfer your information in connection with a merger, acquisition, financing, or sale of all or part of our business, or bankruptcy/insolvency events. If this happens, we will require the recipient to honor this Privacy Policy or provide notice and, where required, new choices.

7.4 Legal & Safety

We may disclose information if we believe it is reasonably necessary to:

• Comply with a law, regulation, legal process, or governmental request
• Protect the safety, rights, or property of Atticus, our users, or others
• Detect, prevent, or address fraud, security, or technical issues

7.5 With Your Consent or At Your Direction

We may share your information with third parties when you ask us to—for example, connecting to an external service or participating in a specific research or beta program.

7.6 No Sale of Personal Information

For purposes of US state privacy laws like the California Consumer Privacy Act (CCPA/CPRA), we do not sell your personal information for money. In the private beta, we also do not share your personal information with third-party advertising networks for their own targeted advertising.

If this ever changes, we will update this Policy, provide any required opt-out mechanisms, and obtain additional consents where required by law.

8. Data Retention

We keep personal information only as long as necessary for the purposes described in this Policy or as required by law. Indicative retention periods (subject to change as we refine the product):

• Account information: While your account is active and up to 3 years after closure
• AI conversations: Up to 24 months in identifiable form, then either deleted or de-identified
• Analytics and logs: Aggregated or de-identified data may be retained longer for trend analysis and service improvement
• Payment and transaction records: Typically at least 7 years to satisfy tax, accounting, and legal obligations

When we no longer need data, we delete or de-identify it using reasonable measures.

9. Your Choices & Controls

9.1 Account & Content Controls

Within the app (or by contacting us), you can:

• Update your account details and profile information
• View and, where supported, delete specific AI conversations or reading history
• Close your Atticus account (subject to legal retention requirements)

Some controls may be limited or evolving during private beta, but you can always reach us at hello@readatticus.com if you don't see an in-product option for what you need.

9.2 Communication Preferences

You can:

• Unsubscribe from marketing emails using the link in the message
• Adjust notification settings in your account (where available)
• Contact us at hello@readatticus.com to update your communication preferences

We may still send you transactional or service-related messages (like security alerts or policy updates).

9.3 Cookie & Tracking Choices

You can use browser or device controls to manage cookies and tracking, or use in-product controls where available.

9.4 Privacy Rights (Access, Deletion, etc.)

Depending on where you live, you may have rights to:

• Access and obtain a copy of personal information we hold about you
• Request correction of inaccurate or incomplete data
• Request deletion of your personal information
• Object to or restrict certain processing
• Receive your data in a portable, machine-readable format
• Opt out of certain profiling or automated decision-making, where applicable

You can exercise these rights by emailing hello@readatticus.com. We will verify your identity and respond within the timeframes required by applicable law.

For California and other US state residents, see Section 14. For EEA/UK users, see Section 15. We will not discriminate against you for exercising these rights.

10. Children's Privacy

Our Services are not intended for children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children in those age groups without verifiable parental consent.

If you believe a child has provided us with personal information in violation of this Policy, please contact us at hello@readatticus.com, and we will take steps to delete the information and, if applicable, close the account.

11. Security

We use a combination of technical and organizational measures to protect your information, including:

• Encryption in transit (e.g., TLS) and at rest where appropriate
• Access controls and role-based permissions for internal systems
• Secure development and deployment practices
• Regular security reviews and vulnerability management
• Vendor due diligence and data-processing agreements

However, no system is 100% secure. Please use a strong, unique password, enable multi-factor authentication (MFA) if available, and notify us immediately at hello@readatticus.com if you suspect unauthorized access to your account.

11.1 Data Breach Response

In the unlikely event of a security incident affecting your personal information, we will:

• Investigate promptly and take steps to contain and remediate the incident
• Notify affected users and relevant regulatory authorities as required by applicable law
• Provide information about what data was involved and steps you can take to protect yourself

We maintain incident response procedures and conduct regular security reviews to minimize this risk.

12. International Data Transfers

Atticus is currently based in the United States, and we may process and store your information in the US and other countries that may have different data-protection laws than your home country.

Where required, we use appropriate safeguards to protect international transfers, such as:

• European Commission-approved Standard Contractual Clauses (SCCs)
• UK International Data Transfer Addendum
• Contractual commitments with service providers

You can contact us for more information about these safeguards.

13. Changes to This Policy

Because the product—and the law—will evolve, we may update this Privacy Policy from time to time.

For material changes, we will notify you via email, in-app message, or a notice on our website.

The "Effective Date" at the top indicates when the latest version took effect.

If you continue to use the Services after a change, you are agreeing to the updated Policy.

14. Additional Information for Certain US State Residents

If you are a resident of California, Virginia, Colorado, Connecticut, or other states with similar privacy laws, this section applies in addition to the rest of the Policy.

14.1 Categories of Personal Information

In the last 12 months, we have collected the following categories of personal information (as defined by applicable law):

• Identifiers (e.g., name, email address, account ID, IP address)
• Customer records (e.g., billing address, subscription information)
• Commercial information (e.g., purchase history, interactions with books)
• Internet or network activity (e.g., usage data, logs, analytics)
• Approximate location (from IP address)
• Inferences drawn from the above to create usage or preference insights

We collect these categories for the purposes described in Sections 3–4 and share them with the types of recipients described in Section 7.

14.2 Your State Privacy Rights

Subject to certain exceptions, you may have the right to:

• Know what categories of personal information we collect, use, and disclose
• Access specific pieces of personal information we hold about you
• Correct inaccurate personal information
• Delete personal information we collected from you
• Opt out of "selling" or "sharing" personal information (as defined by state law), and certain profiling or targeted advertising practices
• Appeal a decision we make regarding your request (for certain states)

As noted in Section 7.6, we do not sell your personal information for money, and in the private beta we do not share it with third-party advertising networks for their independent targeted advertising.

You can submit a request by emailing hello@readatticus.com with "US State Privacy Request" in the subject line.

15. Additional Information for EEA & UK Users (GDPR)

If you are located in the European Economic Area or the United Kingdom, you have additional rights under GDPR-style laws.

15.1 Your GDPR Rights

Subject to certain conditions, you have the right to:

• Access your personal data and receive a copy
• Rectify inaccurate or incomplete data
• Erase your data ("right to be forgotten")
• Restrict processing of your data
• Object to processing based on our legitimate interests, including profiling
• Data portability — receive data you provided us in a machine-readable format
• Withdraw consent at any time where processing is based on consent
• Lodge a complaint with your local supervisory authority

For most processing activities described in this Policy, Atticus Interactive Inc. is the "controller" of your personal data.

You can exercise these rights by contacting hello@readatticus.com. We may ask you to verify your identity.

15.2 EU/UK Representatives & Data Protection Officer

If and when required by law, we will appoint an EU and/or UK representative and/or a Data Protection Officer (DPO). When appointed, their contact details will be posted here and in the product.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our practices, you can contact us at:

Email: hello@readatticus.com

We aim to acknowledge requests within a few business days and respond within 30 days, or as required by applicable law.