Thank you for visiting our Privacy Policy (Policy), we are Bookalope Technologies Pty Ltd, ACN 654 500 231 (Bookalope, we, our, us and other similar terms). We are committed to providing quality services to you and this Policy outlines our ongoing obligations in respect of how we manage your Personal Information. It applies to the Bookalope Terms and Conditions and other agreements we may form with you.
When we talk about Personal Information, we mean information or an opinion about an identifiable individual (not a company), whether or not that information or opinion is true or in a material form (Personal Information).
While your privacy is important to us, nothing in this Privacy Policy constitutes a voluntary opt-in to any privacy laws, anywhere in the world, which we are not statutorily bound to comply with.
3.1 How we collect Personal Information
We collect Personal Information in the ordinary course of our business, which is the provision of goods and services related to creating accessible ebooks, print-ready books, and books in other publishing file formats. Personal Information is collected when you:
Information will only be collected directly from you unless you authorise another person to provide the information.
3.2 What Personal Information is collected?
The types of Personal Information we collect include your name, address, telephone number, email and any additional information you provide to us.
Where you contact us on behalf of your employer, the information you provide often contains information about your employment, position and employers contact details. In those circumstances certain employment information is collected.
Books and manuscripts provided to us for conversion via the Bookalope SaaS package may contain Personal Information. That Personal Information is under the control of the user of our software and not us. We rarely interact with that Personal Information and would only do so to provide support to our clients.
4.1 Why we collect Personal Information
We collect your Personal Information for the primary purpose of providing our goods and services to you. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.
Examples of when we may use your Personal Information include:
4.2 Direct marketing
Where you provide us with consent to do so (e.g. if you have subscribed to our email lists or have indicated that you are interested in receiving offers or information from us), we may send you marketing communications by email about products and services that we feel may be of interest to you.
We (or an appointed third party) may also conduct surveys or market research and may seek other information from you on a periodic basis. These surveys will provide us with information that allows improvement in the type, quality and the manner in which our goods and services are offered to you.
You can opt out of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
5.1 What are cookies
Cookies are small text files that are placed on your computer by the websites you visit. They are processed and stored by your web browser. When you visit a website or engage with a business through social media, certain information is stored by and may be collected from cookies. This is generally anonymous information which does not reveal your identity. In and of themselves, cookies are harmless and serve crucial functions. They are widely used in order to make websites work more efficiently and improve the user experience, as well as to provide information about the use of a website.
5.2 Why we use cookies
By storing and using information about your use of our website, including preferences and habits, we are able to make your visit to our website more productive and secure. We use the following types of cookies:
We do not use any marketing or social media related cookies and do not store or share any personal, private, or other information except as noted above.
5.3 How you can remove cookies
Your web browser can choose whether or not to accept cookies. Most web browser software is initially set up to accept them. If you do not want your browser to use cookies, you can manage and control their use through your browser, including removing cookies by deleting them from your browser history (cache) when you leave the site. However, if you choose to reject cookies some parts of our website may not work properly.
6.1 What are bots
A bot is program code, malicious or otherwise, to automate certain activities. In particular, we have noticed the use of bots to create accounts with Bookalope, and attempts to exploit these accounts or use them to try and infiltrate our services.
6.2 Using CAPTCHA
We’re using a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) to limit the success rate with which bots interact with Bookalope’s website and services.
6.3 hCaptcha
We use the hCaptcha anti-bot service (hereinafter hCaptcha) to protect Bookalope’s website and services, and its Privacy Policy and Terms of Service apply.
This service is provided by Intuition Machines, Inc., a Delaware US Corporation (IMI). hCaptcha is used to check whether the data entered on our website (such as on a login page or contact form) has been entered by a human or by an automated program. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the “invisible mode” may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge. Data processing is based on Art. 6(1)(f) of the European Union General Data Protection Regulation (GDPR): the website or mobile app operator has a legitimate interest in protecting its site from abusive automated crawling and spam. IMI acts as a “data processor” acting on behalf of its customers (Bookalope) as defined under the GDPR, and a “service provider” for the purposes of the California Consumer Privacy Act (CCPA).
7.1 Security mechanisms we employ
Generally, we store your Personal Information using secure servers protected from unauthorised access, modification and disclosure. However, like most businesses, we hold some information on our staff’s computers (such as emails from you) and where necessary as hard copy files (such as printed invoices).
Our systems are located in Berlin, Germany and are managed by us and our service providers. Personal Information that we store or transmit is protected by security and access controls, including username and password authentication and data encryption (such as Let’s Encrypt) where appropriate.
In our dealings with third party service providers, we take care to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.
7.2 How long we keep your Personal Information
We retain your Personal Information for as long as is necessary to provide our goods and services to you, as required for our internal business operations, and to comply with our legal obligations.
If we hold Personal Information about you, and we do not need that information for any purpose, we will take reasonable steps to destroy or de-identify that information, in accordance with the Australian Privacy Principles (APP) and the GDPR, unless we are prevented from doing so by law.
Under Australian law, financial records, such as those relating to financial transactions, must be retained for 7 years after the transactions associated with those records are completed.
If you no longer want us to use your Personal Information, you can request that we erase it and, where you have an account with us, close your account. Where possible we will do so in accordance with the APPs and GDPR. However, where you request the erasure of your Personal Information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations or requests by government, a court of law, or law enforcement authorities, enforce the terms of service and take other actions permitted by law. Any information we retain will be handled in accordance with this Policy.
8.1 Who we share your Personal Information with?
Your Personal Information may be disclosed to:
We will not disclose your Personal Information other than in accordance with this Policy without your consent.
8.2 Offshore transfers
We may disclose your Personal Information to third party contractors, service providers and suppliers with whom we have a business association who operate in Australia, Germany and the United States.
While we do not otherwise actively disclose your Personal Information to overseas entities, our engagement of service providers, such as those who operate cloud services, may have international data centres and disaster recovery sites. Consequently, these providers may have access to your information offshore. We rely solely on reputable organisations for such cloud services.
If you contact us with a general enquiry, we may interact with you anonymously or through the use of pseudonyms. However, you are required to provide true and accurate details when requesting the supply of goods or provision of services. You agree you will provide accurate information if we require it.
We endeavour to only hold Personal Information that is accurate, complete and up-to-date. You have the right to make a request to access Personal Information which we hold about you and to request corrections of any errors in that data. To make an access or correction request, contact us using the contact details provided at the end of this Policy.
If you have an account with us, you can access some of the Personal Information that we collect about you. By logging into your account, you can update or correct certain information.
In order to protect your Personal Information, when you contact us, we may require identification from you before releasing the requested information or making the correction.
We do not, and do not permit another party to, train any Artificial Intelligence (AI) in any way on data and information provided to us directly or through your account without your prior written consent. For purposes of this Privacy Policy, “AI” means any system, platform or tool that is designed to operate with a level of autonomy (i.e. without express programming), taking inputs and using algorithmic, mathematical or modelling techniques (such as machine learning) to generate output. For the avoidance of doubt, the terms “Artificial Intelligence” and “AI” exclude software or tools that incidentally incorporate AI-related features as ancillary or non-primary functionality (e.g., automated recommendations within general-purpose software such as Microsoft Word or similar programs).
For the purposes of the GDPR, we are a “data controller” of Personal Information. If you’re a citizen or resident of the European Economic Area, the following rights apply to you.
You are entitled to ask us to port your Personal Information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing and where we have asked for your consent to process your data, to withdraw this consent.
These rights are limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your Personal Information. In some instances, this means that we may retain some data even if you withdraw your consent.
Where we require your Personal Information to comply with legal or contractual obligations, then provision of such data is mandatory and if you do not provide it then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In those cases, you must provide us with your Personal Information, otherwise the provision of requested Personal Information is optional.
If you have unresolved concerns, you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority in the country:
Your privacy is important to us. If you have any complaints, concerns or questions about our handling of your Personal Information, we ask that you first contact our privacy officer whose contact details are listed below. We will investigate your complaint and reply to you in writing if you provide us with contact details and request us to do so.
If, after we have conducted our investigations you are still not satisfied, then we ask you to consult with the Office of the Australian Information Commissioner:
We will need to change this Policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the Policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this Policy will always be available on this page.
This Privacy Policy was last updated on 30 November 2025.