Privacy Policy

Apex Fiction Studio ("AFS", "we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights in relation to it. By submitting an application or using our writer dashboard, you agree to the practices described here.

1. Who We Are

Apex Fiction Studio is a co-publishing platform that partners with fiction writers on a revenue-share basis. We operate the website at apexfictionstudio.com (the "Site") and the private writer dashboard accessible at apexfictionstudio.com/dashboard.

For purposes of applicable data protection law, AFS is the data controller of your personal information.

2. Information We Collect

Application Data

When you submit a writer application, we collect:

• Your full name and email address
• Your writing experience and platform history
• Your book logline and writing sample (Chapters 1–3)
• The date and time of your submission

Account Data

If your application is approved and we create your writer account, we additionally hold:

• Your email address and encrypted password (managed via Supabase Auth)
• Your pen name and profile information
• Device trust tokens stored in your browser's local storage (to avoid repeated verification prompts)

Earnings and Performance Data

As part of our transparency commitment, your private dashboard displays:

• Daily and cumulative royalty figures attributed to your books
• Reader engagement data (read counts, review excerpts) sourced from the publishing platform
• Chapter submission history and editorial notes

Communication Data

Messages exchanged via the in-dashboard chat between you and AFS staff are stored to maintain an accurate record of your editorial relationship.

Technical Data

We use Supabase's managed infrastructure. Standard server logs (IP addresses, browser type, timestamps) may be retained by our infrastructure provider for security purposes.

3. How We Use Your Information

• To evaluate your application — we read every submission to assess commercial fit.
• To manage your contract — earnings records, chapter reviews, and communication are necessary to administer the partnership.
• To send you account-related emails — device verification codes, password resets, income notifications, and editorial updates.
• To protect account security — device trust verification is performed when you sign in from a new device or after 30 days of inactivity.
• To improve our platform — aggregated, anonymised usage patterns help us improve the dashboard experience.

4. Legal Basis for Processing

Where GDPR or equivalent legislation applies, we process your data under the following legal bases:

• Contractual necessity — processing required to fulfil the partnership agreement (earnings records, editorial workflow).
• Legitimate interests — application review and platform security, where these interests are not overridden by your rights.
• Consent — where you have explicitly submitted an application or signed up for communications.

5. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with:

• Supabase Inc. — our database and authentication provider. Your data is stored on Supabase servers. Supabase processes data in accordance with their own Privacy Policy.
• Email delivery providers — used solely to send transactional emails (verification codes, invite links, notifications).
• Publishing platforms — book titles and pen names are shared with the distribution platforms where your books are listed. No contact details or financial information are shared.
• Legal authorities — if required by law, court order, or to protect our legal rights.

6. Data Retention

• Applications — retained for 24 months from submission, regardless of outcome, to support future correspondence.
• Active writer accounts — retained for the duration of the contract and for 7 years after termination for financial record-keeping compliance.
• Chat messages — retained for the duration of the active contract.
• Device trust tokens — stored in your browser's local storage and automatically expire after 30 days.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access — request a copy of the personal data we hold about you.
• Correction — ask us to correct inaccurate or incomplete data.
• Erasure — request deletion of your data where we no longer have a legal basis to retain it.
• Portability — receive your data in a machine-readable format.
• Restriction — ask us to restrict processing in certain circumstances.
• Objection — object to processing based on legitimate interests.

To exercise any of these rights, contact us at privacy@apexfictionstudio.com. We will respond within 30 days.

8. Cookies and Local Storage

The Site itself sets no advertising or analytics cookies. The writer dashboard uses browser local storage to persist your authentication session and device trust status. This is strictly functional and not used for tracking or advertising.

9. Security

All data is transmitted over HTTPS. Passwords are never stored in plain text — authentication is managed entirely by Supabase's secure Auth service. We apply row-level security policies to ensure each writer can only access their own data.

10. Changes to This Policy

We may update this policy as our platform evolves. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify active writers by email. Continued use of the dashboard after changes constitutes acceptance.

11. Contact

For privacy questions, data requests, or complaints, contact:
Apex Fiction Studio
privacy@apexfictionstudio.com