TomeVox is operated by Daniel Shilansky, Kastanienallee 16, 12627 Berlin, Germany ("we", "us", "our"). This policy explains what data we collect about users of tomevox.com and app.tomevox.com, how we use it, and your rights under applicable law including the EU General Data Protection Regulation (GDPR/DSGVO).
Account data: When you create an account, we collect your email address and a hashed password.
Uploaded files: Manuscripts you upload (EPUB, PDF, DOCX, TXT) are stored to process your audiobook order. Files are deleted from our servers within 14 days of delivery.
Generated audio: Audio files we produce for you are stored for 90 days after delivery. You can download and delete them at any time from your account.
Payment data: We use Stripe for payments. We never see or store your full card number. Stripe's privacy policy governs payment data.
Usage data: We collect anonymised usage statistics via Umami Analytics. Umami uses browser localStorage — not cookies — and collects no personally identifiable information. It does not track you across other websites. If you accept optional analytics, PostHog (our analytics/product-improvement provider) also captures pageviews, our fixed product events, click/scroll heatmap data, and session recordings on both tomevox.com and app.tomevox.com. On app.tomevox.com, session recordings mask typed input and on-screen text, since the app displays your account details and manuscript information. On tomevox.com, our public marketing site, recordings are unmasked — its only inputs are non-personal word-count calculator fields, and there is no account data to display. When you are signed in, this activity is linked to your account profile (including your email address) so we can understand product usage.
Advertising attribution: If you arrive from a paid ad and consent to marketing, we store the ad-click identifier (see "Marketing" under Cookies below) and, once you sign in, keep it on your account record for conversion measurement. If you later convert (sign up, start production, or purchase), we send that conversion to the advertising platform server-to-server together with a SHA-256-hashed version of your email address — never your raw email. Accepting marketing consent also loads Microsoft's UET browser tag, which receives some on-site engagement events (like calculator use or FAQ views) for remarketing.
Consent records: We keep a log of your cookie/consent choices (category, choice, time, and the notice version shown) so we can demonstrate compliance with consent requirements.
Newsletter subscription: If you subscribe to our newsletter, we collect your email address and record your consent via Brevo, our email marketing platform. A double opt-in confirmation email is sent to verify your address before any marketing emails are delivered.
Rights declaration log: When you upload a manuscript, you are required to confirm that you hold the rights to create an audiobook from it. We log this declaration — including your user ID, the manuscript identifier, the exact text of the declaration you confirmed, your IP address at the time, your browser type, and the UTC timestamp. This log is retained for 10 years (see Section 5). See Section 7 for the legal basis.
Server logs: Standard server logs (anonymised IP address, browser type, pages visited, timestamps) are retained for up to 30 days for security and operational purposes.
We do not sell your data. We do not use your manuscript content to train AI models. You can unsubscribe from marketing emails at any time using the link in every email.
Strictly necessary: We use a single session cookie to keep you logged in to your account. This cookie is exempt from consent requirements under GDPR, UK GDPR, and CCPA as it is essential to service operation.
Analytics: We use Umami Analytics in a first-party, privacy-conscious configuration to understand aggregate product and marketing-site usage. Umami analytics events do not use ad click identifiers and are not shared with advertising networks.
Cookie preferences: We use the cookie preference center to control PostHog, our optional analytics/product-improvement provider. Umami is not gated by this preference center.
Marketing (advertising measurement): If you consent to marketing, we measure the effectiveness
of our advertising. When you arrive from a paid ad we store a short first-party click identifier
(tv_msclkid for Microsoft Advertising, tv_gclid for Google Ads) as a cookie on
.tomevox.com, and — once you sign in — on your account record. If you later complete a conversion (such as a purchase, sign-up, or starting a
production), we send that conversion to the advertising platform server-to-server — including
the click identifier and a hashed (SHA-256) version of your email address for match purposes
(Enhanced Conversions). We never send your raw email, name, or any manuscript content to advertising platforms.
This processing happens only with your marketing consent, and you can withdraw it at any time via the "Cookie
settings" link in the footer of every page; on withdrawal we stop all further sharing and delete the stored click
identifiers. Ad-conversion measurement begins only once the marketing option is available in that preference
center — no click identifiers are stored and no conversion data is shared before you have actively been offered
and given that choice.
We use the following third-party services to operate TomeVox:
/_tvx proxy.tv_msclkid/tv_gclid) live for 30 days as a
cookie; the copy on your account record is deleted immediately when you withdraw marketing consent, and at the
latest when your account is deleted.Rights declaration logs are retained for 10 years from the date of upload. This period reflects the applicable limitation period for copyright infringement claims under German law (§ 102 UrhG in conjunction with §§ 195, 199 BGB). Rights declaration logs are exempt from deletion requests under GDPR Article 17(3)(e) (processing necessary for the establishment, exercise, or defence of legal claims).
Depending on your location, you may have the following rights regarding your personal data:
For users in the EU/EEA and UK, we process personal data under the following legal bases:
All data is transmitted over HTTPS. Files are stored encrypted at rest on Cloudflare R2. We use industry-standard security practices and conduct regular reviews.
If we make material changes to this policy, we will notify registered users by email and update the "last updated" date above. Continued use of the service after changes constitutes acceptance.
The data controller responsible for your personal data is:
Daniel Shilansky
Kastanienallee 16
12627 Berlin
Deutschland
E-Mail: privacy@tomevox.com
You have the right to lodge a complaint with the Berlin data protection authority: Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstr. 219, 10969 Berlin, datenschutz-berlin.de.
Questions about this policy? Email privacy@tomevox.com.