Privacy policy.

Effective Date: 5 February 2026 | Last Updated: 11 February 2026

1. Introduction

Shared Slate Ltd (“Shared Slate”, “we”, “us”, “our”) operates the reading application and website. We are a UK-based company located at 38 Denmark Road, London, SW19 4PQ. This policy covers our commitment to protecting the privacy of families and children.

2. COPPA & Global Children’s Privacy Compliance

We strictly adhere to the U.S. Children’s Online Privacy Protection Act (COPPA) and the UK Age Appropriate Design Code.

  • Verifiable Parental Consent: Adult status is verified via a monetary transaction or credit card check through our payment processing partner.

  • Parental Rights: You may review, delete, or revoke consent for your child’s data at any time by contacting privacy@sharedslate.com.

3. Information We Collect

3.1 From Adults

  • Identity & Auth: Name, email, and hashed passwords managed via our identity provider.

  • Billing: Payment metadata and subscription status.

  • Configuration: Family settings and approved "Trusted Contacts."

3.2 From Children

  • Profile Data: A display name (pseudonyms encouraged).

  • Activity: Reading progress and session duration.

  • Proprietary Voice Processing: All Text-to-Speech (TTS) and reading analysis is powered by Shared Slate’s proprietary engine and processed locally on your device. We do not use third-party AI voice processors.

3.3 Automatically Collected

  • Technical Data: IP addresses (for security), device type, and crash reports. We do not perform cross-site tracking.

4. How We Use Information

We use your data to:

  • Provide the reading service and maintain your library.

  • Facilitate secure Peer-to-Peer (P2P) video calling.

  • Maintain the security of our cloud hosting infrastructure.

5. Information Sharing

We do not sell personal information. Data is shared only with essential sub-processors. A current list of these providers and their functions is maintained in Schedule A of this document.

6. Video Calling Features

Video calling is Peer-to-Peer (WebRTC). Data flows directly between users. We do not record, store, or have the technical ability to view your video calls. We log only the basic technical metadata necessary to establish the connection.

7. Data Retention

  • Active Accounts: Retained for the life of the account.

  • Deletion: Account deletion triggers an immediate request to our identity and database providers to wipe your active profile.

  • Backups: Residual data in encrypted backups is purged according to our standard technical rotation cycle.

8. Data Security

We use TLS/HTTPS encryption for all data in transit and AES-256 encryption at rest. Adult access is protected by secure industry-standard authentication protocols.

9. Parental Rights and Data Portability

  • ePub Retrieval: If you choose to leave the service, you may retrieve the raw ePub files you have purchased or uploaded. Shared Slate’s proprietary enhancements (TTS layers) are stripped upon export.

  • No Institutional Tracking: We do not provide "educational dossiers" or data exports for schools.

10. Cookies and Local Storage

  • Essential Only: We use only necessary cookies for security and login.

  • No Tracking: We do not use advertising or third-party analytics cookies.

11. International Users & GDPR

For UK and EU users, Shared Slate Ltd is the Data Controller. Our primary data residency is in the United Kingdom.

Schedule A: Sub-processor List

To ensure transparency and infrastructure flexibility, we maintain the following list of service providers.

Cloud Hosting - Fly.io - UK (London)

Identity & Auth - Auth0 - UK / EU

Payment & VPC - Stripe - Global

Email Delivery - Resend - Global

P2P Signaling - Google / Cloudflare - Global