Last updated: 8 July 2026
Storyfinch is an ebook delivery and mailing-list signup tool for authors.
Authors use Storyfinch to offer a free ebook (a “reader magnet”), collect readers’ email addresses with explicit consent, connect a mailing-list provider, and deliver the book securely. This Privacy Policy explains how Storyfinch collects, uses, stores, and protects information when you use the Storyfinch website and application.
By using Storyfinch, you agree to the collection and use of information in accordance with this policy.
For information about account holders, website visitors, customers, payments and support, Storyfinch is the data controller. For information collected through an author’s reader-magnet signup page (such as a reader’s email address and consent record), the author is the controller and Storyfinch acts as a processor, handling that data on the author’s behalf so we can provide the service. Authors are responsible for their own mailing-list use and for giving their readers appropriate privacy information.
When you create an author account, we may collect information including:
To host signup pages and deliver books, we collect and store the reader magnets you create, including:
When a reader signs up on an author’s page, we collect (on the author’s behalf) information such as:
Readers do not need a Storyfinch account to receive a book.
We may collect technical information necessary to operate and improve the service, including:
We do not use the contents of uploaded book files for analytics or monitoring purposes.
We use information to:
Your uploaded ebooks, PDFs and covers are processed only to host your signup page and deliver the book to your readers. Storyfinch does not claim ownership of your files.
Storyfinch does not use uploaded files to train artificial intelligence models and does not provide them to AI training systems. We do not sell your files.
Book files are delivered through secure, expiring links rather than permanent public URLs. Storyfinch does not provide digital rights management and cannot prevent a reader from copying or sharing a file after download.
Storyfinch helps authors collect explicit mailing-list consent and records the exact wording a reader agreed to, along with the time and the request details, as evidence. These consent records are treated as immutable and are kept even if the reader magnet is later deleted, so the author retains their audit trail. Authors can export their consent records at any time.
Storyfinch can connect to third-party mailing providers such as EmailOctopus, Mailchimp, MailerLite, Kit, Brevo, ActiveCampaign, SendFox and Beehiiv, or send a signed webhook to a service such as Zapier or Make. When a reader consents, we send their email address and relevant consent information to the provider the author has chosen. The author is responsible for their relationship with that provider and for the emails they send.
We collect information about how Storyfinch is used, including events such as:
This helps us understand product usage, improve functionality, and monitor service performance. Where possible, analytics information is aggregated or pseudonymised and does not include the contents of uploaded book files.
We use monitoring and error-reporting tools to identify and diagnose technical problems. These tools may receive technical information such as:
We take reasonable steps to avoid sending uploaded book files or other sensitive user data to monitoring systems.
Payments are processed by a third-party payment provider (Stripe). Storyfinch does not store full payment card numbers on its own servers. Payment information is handled in accordance with the payment provider’s policies.
Storyfinch may use cookies and similar technologies for:
You can control cookies through your browser settings, although some functionality may not work correctly if cookies are disabled.
We may share information with trusted service providers that help operate Storyfinch, including providers of:
We may also disclose information:
We do not sell personal information.
We retain information for as long as necessary to:
When information is no longer required, we will take reasonable steps to delete or anonymise it.
You may delete your account and its associated data from your account settings, or by contacting us. This removes your reader magnets and their files, subscribers, integrations and billing, and cancels any active subscription. Some information may be retained where required for legal, accounting, fraud-prevention, or legitimate business purposes.
We take reasonable technical and organisational measures to protect information against unauthorised access, loss, misuse, alteration, or disclosure. This includes HTTPS, encryption of stored credentials and API keys, access controls, private file storage and secure, expiring delivery links. No online service can guarantee absolute security, but we work to protect information using industry-standard practices where appropriate.
Storyfinch is intended for authors aged 18 or over and is not directed at children. Authors must not knowingly use Storyfinch to collect personal data from children where this would require special safeguards.
Information may be stored and processed by Storyfinch and its service providers in the United Kingdom, the European Economic Area, or other jurisdictions where those providers operate.
Where applicable, we process personal information because:
We may update this Privacy Policy from time to time. If significant changes are made, we will update the date above and, where appropriate, notify users through the service or by email.
If you have questions about this Privacy Policy, please contact [email protected].
Back home