Privacy Policy
Last updated: June 2026
The short version
The LitCat desktop application does not automatically collect or transmit your data. Your library catalog, patron records, and circulation history live entirely on your computer by default in a local SQLite database. The app contains no telemetry, no usage tracking, and no analytics. The only information that ever leaves your computer is (1) the ISBN or title you look up when adding a book, (2) a once-a-day check for updates and license revocations that sends no personal data, (3) a crash report or feedback message that you explicitly choose to send — and review in full — first, and (4) when you enable cloud-assisted pairing (off by default) and direct WiFi pairing fails, phone-scan barcodes and circulation data travel through a LitCat relay end-to-end encrypted — the relay cannot read the data and stores nothing.
What the app does
LitCat makes outbound network requests for these purposes only:
- ISBN/metadata lookups — when you add a book, the app may query Open Library (openlibrary.org) or Google Books to retrieve title, author, cover image, and other metadata. These requests include only the ISBN or title you're looking up. They are governed by Open Library's and Google's own privacy policies.
- Update & revocation check — about once a day the app fetches a small signed file from litcat.app to learn whether a newer version or a security advisory is available, and whether a license has been revoked. This is a plain download: it sends no personal data, and the only metadata it leaves behind is the standard web-server access log described under "This website" below.
- Crash reports & feedback — only when you choose to send them. If the app crashes you can review the crash report and click Send; you can also send a suggestion or feature request from Help → Send Feedback. Crash reports are automatically scrubbed of personal file paths, email addresses, and license keys, and you see the exact contents before sending. When you send, the message is delivered to our support inbox via Resend and Cloudflare; we do not store it on our servers — it simply arrives as an email. Nothing is ever sent automatically, and you can turn the crash-report dialog off in Preferences.
- Cloud-assisted phone pairing — off by default; only active if you turn it on and direct WiFi pairing fails. When you turn on cloud-assisted pairing and direct WiFi pairing fails, the barcodes and circulation data from a phone-scanning session travel through a LitCat relay end-to-end encrypted: the relay forwards opaque data it cannot read and stores nothing. Leave the setting off to keep phone scanning entirely on your local network.
License purchases
If you purchase LitCat Pro, your payment is processed by Lemon Squeezy. We receive your email address and order ID from Lemon Squeezy in order to generate and deliver your license key. We store the following in our own database solely to support your license:
- Email address
- Order ID
- License tier (e.g. "pro")
- Issue date and valid-through date
Your license key is delivered by email via Resend. We retain the above data for as long as you hold a valid license, and for a reasonable period afterward to handle support and refund requests. We do not sell or share this data with any third party for marketing purposes.
This website
The litcat.app website is a static site hosted on Cloudflare Pages. It does not set cookies, does not run JavaScript analytics, and does not collect form submissions. Cloudflare may log basic access metadata (IP address, timestamp, page requested) in accordance with their own privacy policy.
Contact
Questions about this policy: support@litcat.app.