top of page

Privacy Policy

Last updated: July 13, 2026

 

This Privacy Policy describes how Dmesis, Inc. ("Dmesis," "we," "us," or "our") collects, uses, discloses, and protects information when you use AI Book Editor ("AIBE" or "the App"), a product owned and operated by Dmesis, Inc., and the website https://aibookeditor.com (the "Website"). It is intended to comply with applicable United States privacy laws (including state laws such as the California Consumer Privacy Act (CCPA), as amended by the CPRA, where applicable) and the European Union General Data Protection Regulation (GDPR) where it applies.

 

1. WHO WE ARE

 

The App and Website are operated by Dmesis, Inc. AI Book Editor is a product of Dmesis, Inc. For purposes of GDPR, Dmesis, Inc. is the data controller for personal data described in this policy.

 

Contact details are in Section 13.

 

2. INFORMATION WE COLLECT AND HOW WE USE IT

 

2.1 Account and authentication information

 

When you create or use an account (through the App or Website), we collect and process:

 

- Email address

- Password (stored in hashed/encrypted form by our authentication infrastructure; we do not store your plaintext password)

- Account identifiers (such as a user ID) used to link your account to your profile and usage

- Email verification and sign-in status

 

Optional sign-in with Google: If you choose Google sign-in on the App or the Website, we receive your email address, name, and profile picture URL from Google. We use the email address to identify your account. Our authentication provider may retain basic Google profile metadata (such as name and profile picture URL) in your account record as part of the sign-in integration. We do not display your Google name or profile picture in the App or Website unless you explicitly choose otherwise in product settings.

 

We use this information to create and secure your account, authenticate requests, send service-related and transactional messages (such as verification, password reset, billing notices, security alerts, and policy or Terms updates where permitted by law), and provide the service. We do not send marketing or promotional emails unless you separately opt in where we offer that option.

 

2.2 Profile, subscription, and usage information

 

We store the following in your user profile, linked to your account:

 

- Subscription and usage information related to your account (such as subscription status, word credit balances, and usage meters including remaining words and periodic usage counts)

- Billing information from our payment processor (we do not store full payment card numbers). When you subscribe, upgrade, downgrade, or manage billing through Stripe Checkout or the Stripe Customer Portal (linked from your account on the Website), payment card and billing details are collected and processed by Stripe under its privacy policy; we receive subscription status, customer identifiers, and related billing metadata

- Records of your Terms of Service acceptance, including when you accept updated Terms as described in Section 1.1 of our Terms of Service

 

When you affirmatively accept our Terms of Service in the App (or where we record acceptance on the Website), we may store a record linked to your account that can include:

 

- The version of the Terms you accepted (such as an effective date, last-updated date, or other version identifier we display)

- The date and time of acceptance

- Your account identifier (user ID)

- IP address and browser or client user-agent string at the time of acceptance

- A snapshot of the acceptance metadata we need to demonstrate which version you agreed to

 

If we publish an updated version of the Terms, we may require you to review and accept or reject the new version before you continue using the App. Each time you accept a version, we may create a new acceptance record. Acceptance of an earlier version does not mean you have accepted a later version.

 

We use this information to provide the service, enforce subscription and word limits, process billing events, determine whether you have accepted the current Terms, and demonstrate that you agreed to a specific version of our Terms of Service. If you delete your account, we may retain Terms of Service acceptance records in a dedicated archive as needed to demonstrate agreement or resolve disputes, for up to five (5) years, where permitted by law.

 

2.3 Your writing and documents

 

Your original writing (manuscripts, drafts, and related content you create in the App) is stored on your device when you save your work. You control those files. We do not maintain copies of your writing in our remote databases.

 

When you use AI-powered features, the text needed to perform the feature you requested is sent securely for processing and is used only to generate the response for that request. We do not retain your writing on our servers after that processing is complete. AI-generated feedback and related results may be saved locally in your project if you choose to save your work. For some fiction projects, genre or style classifications derived from your writing (such as age category or commercial style labels) may be stored locally in your project file; we do not retain those classifications in our remote databases as document storage.

 

Our AI service provider processes the text we send on our behalf solely to provide the feature you requested. Their handling of that data is governed by their own privacy policy and may be subject to U.S. export control and sanctions requirements, as described in Section 11 and in our Terms of Service.

 

2.4 Website account flows and forms

 

When you use account-related features on the Website, we process the information needed for that feature. Depending on the flow, this may include your email address, password (for email/password sign-up), verification or reset tokens, account identifiers, and network metadata (such as IP address). Flows include:

 

- Creating an account (email/password or optional Google sign-in)

- Signing in, signing out, and session management

- Email verification and password or account-email reset

- Downloading the App installer (when offered on the Website)

- Deleting your account

- Submitting the signed-in Contact form (see Section 2.7)

- Opening account or billing pages from the App (a short-lived session bridge may temporarily store authentication tokens so the Website can sign you in securely, then expire)

 

These flows may use embedded forms or pages on our website host and our authentication infrastructure. We may use a bot-verification service (hCaptcha) on sign-up, sign-in, password reset, account deletion, software download, and the Contact form to reduce abuse. That service may process basic device and network information under its own policy.

 

2.5 Information on your device

 

The App may also store information locally on your computer, such as sign-in credentials, application preferences and settings, saved project files, and recovery copies in case of an unexpected shutdown. Recovery copies may include your user identifier and document location metadata needed to restore your session. We do not remotely collect the contents of your saved writing from your device.

 

These files remain under your control unless you delete them or uninstall the App.

 

2.6 Network, location, and compliance-related information

 

To provide the App, secure accounts, and comply with applicable law (including U.S. export control and economic sanctions requirements and geographic availability restrictions described in Section 11 and in Section 4 of our Terms of Service), we and our service providers may process:

 

- IP address and approximate geographic location derived from IP or similar network signals

- Device, browser, or client identifiers and related network metadata

- Billing country or region and other payment-related location indicators from our payment processor

- Records of geo-blocking, IP screening, account verification, or other compliance actions we take

 

We use this information to detect and prevent fraud and abuse, enforce geographic and restricted-party restrictions (including Unsupported Territories described in Section 11), and comply with export control and sanctions obligations. We do not use this information for cross-context behavioral advertising. When network headers alone do not identify country, we or our providers may look up the country associated with an IP address using a third-party geolocation service.

 

2.7 Support and contact requests

 

If you contact us for support, we collect the information you provide. Contact options include:

 

- Email at support@aibookeditor.com

- The signed-in Contact form on the Website (available when you are logged in to your account, typically on the account page)

 

Through these channels we may collect:

 

- Your account email address (on the Contact form, this is taken from your signed-in account)

- Your name

- Subject line and message content

- An optional file attachment you choose to upload (such as a screenshot or document, up to 10 MB)

- A record that you acknowledged our Privacy Policy when submitting the Contact form (required to submit)

- Bot-verification data from hCaptcha on the Contact form

 

We use this information to respond to your request, provide support, troubleshoot issues, and maintain reasonable records of communications. We generally reply to the email address associated with your account. Contact submissions are processed through our website hosting and forms provider (Wix Forms). Please do not include passwords, full payment card numbers, or other highly sensitive information.

 

2.8 Account deletion

 

You may delete your account through the self-service flow on the Website when signed in. Account deletion requires authentication and bot verification. Account deletion is not available from the desktop App; use the Website account page.

 

If you have a paid subscription that is still set to renew (or otherwise remains subject to further billing), you must first cancel that subscription through your account billing settings on the Website (including the Stripe Customer Portal where available) before self-service account deletion will succeed. After you have canceled renewal (including when cancellation takes effect at the end of the current billing period), you may delete your account even if the paid period has not yet ended. Deleting your account does not refund fees already charged for the current period, unused word credits, or remaining time on a canceled subscription, except where required by law. Account deletion does not by itself cancel billing with our payment processor; you must cancel as described above and in our Terms of Service. Records related to payments may remain with our payment processor after your account is deleted.

 

When you delete your account, we remove your account and active profile data from our production systems (including word credit balances). Certain records may be retained or archived as described in Section 5 (including Terms of Service acceptance records and compliance-related logs where permitted by law). Contact form submissions stored with our website host are retained as support records as described in Section 5 and are not automatically erased solely because you delete your account. Deleting your account also does not by itself delete files stored locally on your device; you are responsible for removing local App data if you no longer want it on your computer.

 

2.9 Information we do not collect

 

We do not sell personal information or use personal information for cross-context behavioral advertising. We do not knowingly collect sensitive categories of data (such as government IDs or health information) as part of the service. Website usage analytics (where used) are described in Section 8 and our Cookie Policy; in the United Kingdom, European Union, and European Economic Area, non-essential analytics require your consent.

 

3. HOW WE USE INFORMATION

 

We use information as described above to:

 

- Provide, operate, secure, and improve the App and Website

- Authenticate you and manage your account, subscription, and word quota

- Process payments and billing events through our payment processor

- Record and prove Terms of Service acceptance (including which version you accepted and when) where permitted by law

- Determine whether you must accept an updated version of the Terms before continuing to use the App

- Comply with law, including U.S. export control and economic sanctions requirements (see Section 11)

- Enforce geographic availability and restricted-party restrictions, including geo-blocking of Unsupported Territories and IP screening

- Protect our rights, users, and the public

- Respond to support requests and contact form submissions

 

We do not use your information for cross-context behavioral advertising or for selling personal information.

 

4. LEGAL BASES FOR PROCESSING (GDPR)

 

Where GDPR applies, we rely on:

 

- Contract: Processing necessary to provide the App and related services (including account, subscription, usage, processing your writing when you use AI features, and recording Terms of Service acceptance when you use the App)

- Legal obligation: Retaining Terms of Service acceptance records and processing necessary to comply with export control, sanctions, and other legal requirements; establishing, exercising, or defending legal claims

- Legitimate interests: Security, fraud prevention, abuse reduction, sanctions and export compliance screening, enforcement of geographic availability restrictions, responding to support and contact requests, and internal audit logging, balanced against your rights; we do not use this for marketing profiling

 

Where we rely on consent (for example, optional OAuth, acknowledging the Privacy Policy when submitting the Contact form, or non-essential cookies on the Website), you may withdraw consent as described in Section 9.2. Withdrawing consent for the Contact form means you should use email instead if you need to reach us.

 

5. RETENTION

 

- Active account and profile data: Until you delete your account, then removed from active systems.

- Terms of Service acceptance records: While your account is active, the current acceptance state is stored in your profile. If you accept updated Terms, we may retain records of each acceptance. After account deletion, acceptance records may be archived and retained for up to five (5) years, where permitted by law.

- Support and contact submissions: Retained as reasonably necessary to resolve your request and maintain support records, generally up to three (3) years, then deleted or anonymized where permitted by law.

- Writing submitted for AI features: Processed to fulfill your request; not retained in our databases as document storage.

- Compliance-related logs (such as IP screening or geo-blocking records): Retained as reasonably necessary to demonstrate compliance, investigate violations, and defend legal claims, then deleted or anonymized where permitted by law.

- Local device data: Until you delete it or uninstall the App.

 

6. DISCLOSURES AND SERVICE PROVIDERS

 

We do not sell personal information. We disclose information only as follows:

 

6.1 Service providers (processors)

 

We use companies that process data on our behalf under contract, including providers for:

 

- Hosted infrastructure, authentication, and database services (account, profile, Terms of Service acceptance, and operational data)

- Website hosting, embedded forms, and contact-form submissions (Wix)

- Payment processing through Stripe (payment card data is collected by Stripe; we receive billing status, customer identifiers, and related metadata)

- AI inference (writing you submit for AI features, processed to provide those features)

- Email delivery for authentication and service messages

- Bot verification on the Website (hCaptcha)

- IP geolocation lookup for compliance and geo-blocking (where used)

- Google (only if you choose Google sign-in)

- Google Analytics (only on the Website, and only where you consent in the UK, EU, or EEA, or where local law does not require consent)

 

Our service providers may process data in the United States and other countries. Where required by law, we rely on appropriate safeguards provided under our agreements with those providers (such as standard contractual clauses for transfers from the EEA or UK). We require service providers to handle personal data only as instructed and in compliance with applicable law, including U.S. export control and sanctions restrictions where relevant.

 

6.2 Legal and safety

 

We may disclose information if we believe in good faith that disclosure is required by law, regulation, legal process, or governmental request (including requests related to export control or sanctions enforcement), or necessary to protect the rights, safety, or property of Dmesis, Inc., our users, or the public.

 

6.3 Business transfers

 

If we are involved in a merger, acquisition, or sale of assets, personal information may transfer as part of that transaction, subject to this policy or notice to you.

 

6.4 International transfers

 

We are based in the United States. If you access the App or Website from outside the United States, your information may be transferred to, stored in, and processed in the United States and other countries where we or our service providers operate. Those countries may have data-protection laws that differ from those in your jurisdiction. Where GDPR or similar laws require it, we implement appropriate safeguards for such transfers as described in Section 6.1.

 

7. SECURITY

 

We take the security of your information seriously and use reasonable administrative, technical, and organizational measures designed to protect it, including encryption in transit, secure authentication, and access controls on account data.

 

However, no online service can guarantee absolute security. We cannot warrant that unauthorized access, data breaches, or other security incidents will never occur. If we become aware of a breach that affects your personal information, we will respond as required by applicable law. You are responsible for safeguarding your account credentials and your device.

 

8. COOKIES AND SIMILAR TECHNOLOGIES

 

The Website uses cookies or similar technologies for essential operations (such as session management, security, and account functions). In the United Kingdom, European Union, and European Economic Area, we also ask for your consent before non-essential analytics cookies (such as Google Analytics). Outside those regions, we may use analytics cookies without a consent banner except where local law requires otherwise. We do not use cookies for cross-site advertising tracking. The desktop App does not use browser cookies; it uses token-based authentication stored on your device as described above.

 

For a detailed list of cookies used on the Website, their purposes, retention periods, and how to manage them, see our Cookie Policy at https://aibookeditor.com/cookie-policy.

 

9. YOUR RIGHTS AND CHOICES

 

9.1 United States (including CCPA/CPRA-style rights where applicable)

 

Depending on your state, you may have the right to know, access, correct, delete, and obtain a copy of personal information we collect; to opt out of sale or sharing (we do not sell or share for cross-context behavioral advertising); and to non-discrimination for exercising rights. Where applicable, you may designate an authorized agent to submit a request on your behalf, subject to verification requirements under applicable law.

 

To exercise rights, contact us (Section 13) at support@aibookeditor.com or through the signed-in Contact form on the Website. We will verify your request as required by law. Deletion may be subject to exceptions (for example, retaining proof of Terms of Service acceptance—including version and timestamp—or compliance records where permitted by law). If we deny a request where your state provides an appeal right, we will explain how to appeal as required by law.

 

9.2 GDPR (EEA/UK)

 

You may have the right to access, rectification, erasure, restriction, portability, objection, and withdrawal of consent where applicable, and to lodge a complaint with a supervisory authority.

 

To exercise GDPR rights, contact us at support@aibookeditor.com or through the signed-in Contact form on the Website (Section 13). We will respond within one month, subject to permitted extensions.

 

10. CHILDREN

 

The service is not directed to anyone under 18, and you must be at least 18 to use the App under our Terms of Service. We do not knowingly collect personal information from anyone under 18. If you believe we have collected such information, contact us at support@aibookeditor.com and we will delete it.

 

11. EXPORT CONTROLS, SANCTIONS COMPLIANCE, GEOGRAPHIC RESTRICTIONS & RESTRICTED JURISDICTIONS

 

The App, Website, and related services (including software download, subscription access, AI critique and rewrite features, and associated data processing) are subject to U.S. export control laws, including the Export Administration Regulations (EAR), economic sanctions administered by the Office of Foreign Assets Control (OFAC), and possibly the International Traffic in Arms Regulations (ITAR). You must comply with all applicable U.S. and other export and import laws.

 

11.1 Sanctions, export controls, and restricted parties

 

By using the App or Website, you represent and warrant that you (and any person or entity you authorize to use the service) are not:

 

(a) Located in, a national or resident of, or accessing or using the App or Website from any comprehensively sanctioned jurisdiction under U.S. law (currently including Cuba, Iran, North Korea, Syria, and the Crimea, Donetsk, and Luhansk regions of Ukraine, or any other country or territory subject to comprehensive U.S. economic sanctions or embargoes administered by OFAC);

 

(b) Identified on the U.S. Treasury Department's Specially Designated Nationals and Blocked Persons List (SDN List) or any other list of sanctioned, prohibited, or restricted parties maintained by OFAC, the Bureau of Industry and Security (BIS), or any other U.S. government agency;

 

(c) Subject to any other U.S. export control, sanctions, or trade restriction that would prohibit or restrict use of the App or Website.

 

11.2 Geographic availability and Unsupported Territories

 

We do not make the App or Website available in all countries and territories. We may restrict access from certain locations ("Unsupported Territories") for legal, regulatory, export-control, payment-processor, security, operational, or similar reasons, in our discretion. Unsupported Territories are enforced through technical and administrative measures and may change from time to time without notice. We are not obligated to publish a complete list of Unsupported Territories.

 

You are responsible for determining whether the service is available in your location before you access or use it. You agree not to access or use the App or Website from locations where we block or restrict the service, or to circumvent geographic restrictions we enforce.

 

We do not knowingly offer the App or process personal data for users who access from comprehensively sanctioned jurisdictions or other locations where we restrict the service, as described in Sections 11.1 and 11.2. Word credits, subscription features, and AI usage are available only in permitted jurisdictions and to permitted users, as further described in our Terms of Service (Section 4).

 

11.3 Enforcement

 

To enforce these restrictions, we may use geo-blocking, IP screening, account verification, payment and billing checks, and other technical or administrative measures. We may process IP addresses, approximate location, billing country, and related network or account information for this purpose, as described in Sections 2.6 and 3.

 

If we reasonably believe that you are located in a comprehensively sanctioned jurisdiction, a location where we block or restrict the service, are a restricted party, or have otherwise violated export control, sanctions, or geographic availability requirements, we may immediately suspend or terminate your account, block access, limit or stop processing your personal data, and decline to provide the service, without notice or refund where permitted by law. We may also retain and disclose information as necessary to comply with applicable law or respond to lawful government requests.

 

You will not export, re-export, download, or otherwise transfer the App, service, or any related technology or personal data in violation of these laws or to any prohibited destination, end-user, or end-use. For full contractual terms, see Section 4 of our Terms of Service.

 

12. CHANGES TO THIS POLICY

 

We may update this Privacy Policy from time to time. We will post the updated version on the Website with a revised "Last updated" date. For material changes, we may provide additional notice (such as email or an in-App notice). Your continued use after the effective date constitutes acceptance where permitted by law.

 

13. CONTACT US

 

Dmesis, Inc.

(AI Book Editor)

1207 Delaware Ave #527

Wilmington, DE 19806

United States

 

Email: support@aibookeditor.com

 

You may also contact us through https://aibookeditor.com, including the signed-in Contact form on your account page when you are logged in. For privacy-related requests, include enough information for us to verify your identity and account (if applicable).

bottom of page