Last updated: March 2026
We collect your Google account information (email, name, profile picture) when you sign in. We also store your library credentials (card number and PIN) in encrypted form to automate library holds on your behalf. Your conversation history and reading preferences are stored to improve recommendations.
We store facts you share — reading preferences, favourite genres, authors you like, family details — to improve future recommendations. You can view and delete these facts at any time in the Memory panel inside the app.
Your book interactions (ratings, hold status, reading progress) are stored to power personalised recommendations. This data is associated with your account and deleted when you delete your account.
Your data is used to operate the Mandro service — to make book recommendations, place library holds, and remember your preferences. We do not sell your data or share personally identifiable information with third parties except as required to operate the service.
To make Mandro's recommendations better for everyone, we may use anonymised, aggregated signals — specifically a child's age group and which books were well-received by children of that age. No names, no library card numbers, no account identifiers, and no personally identifiable information are used or retained for this purpose. You cannot be identified from this data.
Library credentials are encrypted at rest using AES-256. All data is transmitted over HTTPS. Your LLM key (if provided) is also stored encrypted.
Account data is retained until you delete your account. Deleting your account permanently removes all your data — credentials, reading history, memory facts, and chat history — within 24 hours.
You can permanently delete your account and all associated data at any time.
Questions? Email support@getmandro.com