Legal

Privacy Policy

Last updated: 9 April 2026

1. Who we are

Alhora ("we", "us", "our") is a desktop publishing application that helps authors format books for print and digital distribution. Our website is alhora.app.

If you have any questions about this policy, please contact us at [email protected].

2. What data we collect

Account information

When you create an account we collect your email address and a hashed version of your password. If you sign in with Google, we receive your name, email address, and profile picture URL from Google. We do not store your Google password.

Billing information

Payments are processed by Stripe. We do not see or store your full card number. Stripe provides us with a customer identifier, subscription status, and invoice history so we can manage your entitlement. Please refer to Stripe's Privacy Policy for details on how they handle your payment data.

Device information

When you activate the desktop app, we store a device identifier, platform (macOS, Windows, or Linux), and the date of last use. This is used solely to enforce the per-account device limit.

Usage and analytics

We may collect anonymous, aggregated usage statistics (e.g. which features are used most often) to improve the product. We do not track individual user behaviour, and we do not use third-party advertising trackers.

Your manuscripts

Alhora is a local-first application. Your manuscript files are stored on your own computer. We do not upload, read, access, or store the content of your books on our servers.

3. How we use your data

We use the data we collect to:

  • Provide and maintain your account and subscription.
  • Authenticate you across the desktop app and website.
  • Process payments and issue invoices via Stripe.
  • Enforce the per-account device limit.
  • Send transactional emails (e.g. password resets, billing receipts).
  • Improve and develop the product based on aggregated usage patterns.

We will never sell your personal data to third parties, and we will never use your data for advertising.

4. Legal basis for processing (UK GDPR)

We process your data on the following bases:

  • Performance of a contract — to provide the service you have signed up for.
  • Legitimate interests — to improve our product, prevent fraud, and ensure security.
  • Consent — where you have opted in to receive marketing communications (you can withdraw consent at any time).

5. Data sharing

We share data only with the following categories of service provider, and only to the extent necessary to operate Alhora:

  • Stripe — payment processing.
  • Google — if you choose to sign in with Google.
  • Render — cloud hosting infrastructure.

We do not share data with data brokers, advertisers, or any other third parties.

6. Data retention

  • Account data is retained for as long as your account is active. If you delete your account, we remove your personal data within 30 days.
  • Billing records may be retained for up to 7 years after the end of your subscription to comply with UK tax and accounting obligations.
  • Server logs containing IP addresses are automatically deleted after 90 days.

7. Your rights

Under UK GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — ask us to correct inaccurate data.
  • Erasure — ask us to delete your data ("right to be forgotten").
  • Portability — request your data in a structured, machine-readable format.
  • Object — object to processing based on legitimate interests.
  • Withdraw consent — where processing is based on consent.

To exercise any of these rights, email [email protected]. We will respond within 30 days.

8. Cookies

The Alhora website uses only strictly necessary cookies and localStorage tokens for authentication. We do not use tracking cookies, analytics cookies, or advertising cookies.

9. Security

We protect your data with:

  • HTTPS encryption on all connections.
  • Passwords hashed with industry-standard algorithms (never stored in plain text).
  • JWT-based authentication with short-lived access tokens.
  • Webhook signature verification for all Stripe events.

No system is 100% secure. If you become aware of a security vulnerability, please report it to [email protected].

10. International transfers

Our servers are hosted by Render in the United States. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses).

11. Children

Alhora is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the website. The "last updated" date at the top of this page indicates when the policy was last revised.

13. Contact

For any questions or requests regarding this privacy policy: