Privacy Policy

Your Data, Your Rights: ScribeCount's Commitment to Privacy

Effective date: May 1, 2026 · ScribeCount LLC, Florida

Note: This Privacy Policy has been updated and is pending final attorney review before it takes effect. Until then, our prior policy remains in force. Questions? Contact privacy@scribecount.com.

1. Overview and Scope

This Privacy Policy describes how ScribeCount LLC ("ScribeCount," "we," "us," or "our") collects, uses, stores, shares, and protects personal information in connection with the ScribeCount platform, including ScribeCount Email and all related products, features, integrations, and services (the "Platform").

This Policy applies to: Authors and publishers who create ScribeCount accounts; visitors to scribecount.com; readers and subscribers whose personal data is processed through the Platform on behalf of Authors; and any other individual whose personal information we process in connection with the Platform.

By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy.

ScribeCount as data controller and data processor. For Author account data, ScribeCount acts as the data controller. For reader data collected through Author email lists, ScribeCount acts as the data processor — Authors are the data controllers for personal data they collect from their readers. Authors using ScribeCount Email are solely responsible for ensuring they have a lawful basis for that collection, providing appropriate privacy notices to their readers, and complying with all applicable data protection laws.

2. Information We Collect

2.1 Information Authors Provide Directly

Account and identity: Full name, author name or pen name, email address, password (stored in hashed form), profile photograph, billing name and address, business name and address.
Payment information: We do not store payment card numbers or bank details. All payment processing is handled by third-party payment processors. We retain transaction records including amounts, dates, subscription tier, and processor-assigned transaction identifiers.
Store and publishing data: Store platform API keys and webhook endpoints; book titles, ISBNs, cover images, and catalog metadata; sales data and royalty data from connected platforms.
Email marketing content: Email campaigns, flows, templates, and subject lines; subscriber lists and segments; automation rules and flow logic; sender identity information.
Communications with us: Support requests, feedback submissions, and survey responses.

2.2 Information We Collect Automatically

Device and connection information: IP address and approximate geolocation, browser type and version, operating system and device type, referring URL.
Usage and behavioral data: Pages and features accessed, actions taken within the Platform, session duration and frequency.
Email performance data: Delivery status, open events (subject to limitations of Mail Privacy Protection), click events, unsubscribe and spam complaint events, bounce type classification.

2.3 Reader Data Collected Through ScribeCount Email

When Authors use ScribeCount Email, the following categories of reader personal data are processed by ScribeCount on behalf of the Author: email address; first and last name; physical location; subscription status and opt-in date; purchase history on the Author's connected store; email engagement history; tags and segment memberships.

ScribeCount processes Reader data solely as a data processor. ScribeCount does not use Reader personal data for its own marketing purposes, does not sell Reader data to third parties, and does not combine Reader data across different Author accounts.

3. How We Use Personal Information

We use Author personal data for: account creation and management; service delivery; billing and payment processing; platform communications; customer support; product improvement; security and fraud prevention; legal compliance; and, where you have opted in, marketing communications.

We process Reader personal data solely on behalf of Authors for sending email communications, managing subscriber list membership, recording email performance metrics, enforcing unsubscribe requests, processing store events to trigger automated email flows, and applying Author-configured tags and automation logic.

4. How We Share Personal Information

ScribeCount does not sell personal information. We do not share personal information with third parties for their own marketing purposes. We share personal information only in the following circumstances:

Service providers and subprocessors: Third-party providers who process data on our behalf, including cloud infrastructure providers, payment processors, email delivery providers, customer support software providers, and analytics services.
Store and platform integrations: When you connect a third-party store or publishing platform, we exchange data with that platform as necessary to deliver the integration.
Legal requirements: Where required by law, court order, or enforceable governmental request.
Business transfers: In the event of a merger, acquisition, or sale of assets, we will provide notice before personal information is transferred.
With your consent: For purposes not described here when we have obtained your explicit consent.

5. Data Retention

Data category	Retention period
Author account data	Duration of active account + 3 years following account closure
Billing and transaction records	7 years following transaction date
Email campaign and flow data	Duration of active account; deleted within 90 days of account closure
Reader subscriber data	Duration of Author's active account; deleted within 90 days of account closure
Email performance metrics (individual-level)	24 months
Email performance metrics (aggregated/anonymized)	Retained indefinitely
Webhook and activity logs	90 days
Support communications	3 years from date of last communication
Security and fraud prevention logs	Up to 12 months, or longer where required for an active investigation

6. Third-Party Integrations and Subprocessors

ScribeCount integrates with the following categories of third-party platforms and services to deliver Platform features. Where ScribeCount acts as a data processor, the integrations below are subprocessors engaged pursuant to our Data Processing Agreement with Authors.

Store and e-commerce platforms: Shopify, WooCommerce, Payhip, Gumroad (when connected by the Author). ScribeCount receives completed order events, cart abandonment events, and subscription events. No payment card data is received.
Payment processors: Stripe (stripe.com/privacy) and PayPal (paypal.com/privacy). ScribeCount does not store payment credentials.
Digital delivery services: BookFunnel. Receives recipient email address and product reference for secure download link delivery.
Analytics and monitoring: Google Analytics, Microsoft Clarity. Data is used to understand Platform usage and improve performance.
Customer support: Third-party support software used to manage support requests.

A complete and current subprocessor list is available on request at privacy@scribecount.com.

7. Data Security

ScribeCount implements technical and organizational measures to protect personal data, including: TLS 1.2 or higher encryption in transit; AES-256 encryption at rest; API authentication using secure, rotatable API keys with scoped permissions; role-based access controls; regular security assessments; incident response procedures; and vendor security reviews.

No method of transmission or storage is completely secure. In the event of a data breach affecting your personal information, we will notify you in accordance with applicable law.

8. International Data Transfers

ScribeCount LLC is incorporated and operates in the United States. Personal data may be transferred to, stored, and processed in the United States or other countries where ScribeCount or its subprocessors maintain facilities.

For transfers from the EEA, UK, or Switzerland to countries not recognized as providing adequate protection, ScribeCount relies on Standard Contractual Clauses approved by the European Commission, the UK International Data Transfer Agreement (IDTA) for UK transfers, and equivalent mechanisms for other jurisdictions.

9. Your Privacy Rights

Rights Available to All Users

Right to access: Request a copy of the personal data we hold about you.
Right to correction: Request correction of inaccurate or incomplete personal data.
Right to deletion: Request deletion of your personal data, subject to legal retention obligations.
Right to data portability: Request your personal data in a structured, machine-readable format.
Right to opt out of marketing: Opt out at any time via the unsubscribe link in any marketing email or by contacting us.

Additional Rights for EEA, UK, and Swiss Residents (GDPR)

Right to restrict processing in certain circumstances.
Right to object to processing based on legitimate interests or for direct marketing purposes.
Right to withdraw consent at any time without affecting lawfulness of prior processing.
Right to lodge a complaint with your local supervisory authority.

California Residents (CCPA / CPRA)

California residents have rights to know what personal information is collected, to delete it, to correct inaccuracies, and to opt out of sale or sharing. ScribeCount does not sell or share personal information as defined under the CCPA.

How to Exercise Your Rights

Contact us at privacy@scribecount.com. We will respond within the timeframe required by applicable law — generally within 30 days.

10. Cookies and Tracking Technologies

ScribeCount uses cookies and similar tracking technologies on our website and Platform. For full details, please see our Cookie Policy.

ScribeCount Email uses tracking pixels in emails sent on behalf of Authors to record open events. Authors can disable open tracking in their ScribeCount Email settings.

11. Email Marketing Compliance

ScribeCount maintains sending infrastructure with SPF, DKIM, and DMARC authentication configured; processes unsubscribe requests immediately and permanently suppresses unsubscribed addresses; and provides tools to support Authors' compliance with GDPR, CASL, and CAN-SPAM requirements.

Authors who use ScribeCount Email are solely responsible for obtaining and documenting a lawful basis for sending email to each subscriber, providing subscribers with an accurate privacy notice, including their physical mailing address in all commercial emails, honoring opt-out requests, and not importing purchased or non-consensually obtained email lists.

12. Children's Privacy

The Platform is not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe your child has provided personal information to ScribeCount without your consent, contact us at privacy@scribecount.com and we will take steps to delete that information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will post the updated Policy with a revised effective date and send notice to Authors via email or in-Platform notification at least 30 days before material changes take effect. Your continued use of the Platform after the effective date constitutes your acceptance of the changes.

14. Contact Information

Email	privacy@scribecount.com
Mailing address	248 Nokomis Ave S, Venice, FL 34285
Legal entity	ScribeCount LLC, a Florida limited liability company

This Privacy Policy was last updated on May 1, 2026.

Ready to Take Control of Your Author Career?

Join thousands of authors who trust our platform to manage their sales, streamline their reporting, and focus on what they love—writing!

Start Your 14-Day Free Trial