ShamelaTranslate
Search
Sign in
ShamelaTranslate

© 2026 ShamelaTranslate. Scholarly Open-Access Project.

AboutContactDonateImprintPrivacyTermsRight of WithdrawalCancel a subscription

Privacy Policy

Last updated: 2026-07-11

This is a convenience translation; the German version of this Privacy Policy is legally binding.

1. Controller

The controller under the GDPR is: Muhammad Farzat, Theresienstr. 43, 97421 Schweinfurt, Deutschland.

Email: support@shamelatranslate.com

Phone: +49 1525 7370675

2. Your rights

You have the right at any time to:

  • Access to the data stored about you (Art. 15 GDPR),
  • Rectification of inaccurate data (Art. 16),
  • Erasure (Art. 17) and restriction of processing (Art. 18),
  • Data portability (Art. 20),
  • Object to processing based on legitimate interests (Art. 21),
  • Lodge a complaint with a data protection supervisory authority (Art. 77).

You may withdraw any consent you have given at any time, with effect for the future.

3. Hosting & infrastructure

The site runs on Vercel; database, authentication and file storage on Supabase. Necessary technical data is processed to deliver the site securely. For background jobs (e.g. translation runs and scheduled processes such as account deletions) we use the service Inngest; only the job data required for this is processed briefly (e.g. technical user identifiers, and for account deletions the email address for the final notice). The legal basis is our legitimate interest in secure, stable operation (Art. 6(1)(f) GDPR). Any transfer to a third country (e.g. the USA) is based on the EU Standard Contractual Clauses.

4. Server log files

On each request we process IP address, timestamp, requested resource, status code and user agent for delivery and security (Art. 6(1)(f)); stored only briefly.

5. Account & sign-in

Sign-in is exclusively via Google (OAuth); we receive your email and name to run your account (Art. 6(1)(b)). We store no passwords.

6. Search

Search queries are sent to our search service (Meilisearch) to return results (Art. 6(1)(f)). We do not build personal search profiles.

7. Security & abuse prevention

To limit abuse (e.g. excessive searching) we use a short-lived counter on Upstash Redis bound to a technical identifier (Art. 6(1)(f)).

8. Email

Transactional emails (e.g. account deletion) are sent via an SMTP service, processing your email address for delivery (Art. 6(1)(b)/(f)).

9. Machine translation

Book content is translated server-side and only administratively via an AI service (Google Gemini); book text is processed, but no personal user data.

10. Audience measurement

For audience measurement and load performance (Web Vitals) we use Vercel Analytics and Vercel Speed Insights. They process aggregated usage and performance data (e.g. pages viewed, device category, load times) WITHOUT cookies and without building personal profiles; individuals are not identified (Art. 6(1)(f) GDPR).

11. Error monitoring

To detect and fix technical errors we use Sentry. When an error occurs, technical diagnostic data (e.g. error message, affected page, browser type) is transmitted. IP addresses and additional personal data are disabled. The legal basis is our legitimate interest in stable, secure operation (Art. 6(1)(f)). The data is processed in Sentry's EU region.

12. Advertising (Google AdSense)

This site is funded in part by advertising via Google AdSense (Google Ireland Ltd.). We show only non-personalized ads — there is no profiling and no personalized ad selection. Cookies may still be used for basic ad-serving functions (e.g. frequency capping, aggregated reach measurement, and fraud/abuse prevention); in the EU/EEA these are set only after your consent via our consent banner (a Google-certified CMP, IAB-TCF). The legal basis is your consent (Art. 6(1)(a) GDPR), which you can withdraw at any time via “Privacy settings” in the footer. Data (e.g. truncated IP address, device and usage data) may be transferred to Google, including in the USA, on the basis of the EU Standard Contractual Clauses.

13. Payment processing

For donations and subscriptions we use the payment providers Stripe (Stripe Payments Europe, Ltd.) and PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A.). You enter payment details (e.g. card or account data) directly with the respective provider; we do not store full payment data, only what is needed to process the transaction (e.g. name, email, amount, status, a transaction/customer id). The legal basis is performance of a contract (Art. 6(1)(b) GDPR), or for donations our legitimate interest (lit. f). Data may be transferred to the providers, including in the USA, on the basis of the EU Standard Contractual Clauses. The privacy notices of Stripe and PayPal additionally apply.

14. Cookies

Strictly necessary cookies/local storage (sign-in session, display preferences such as language and theme) are used without consent (§ 25(2) TDDDG).

Cookies for basic ad-serving functions (Google AdSense, e.g. frequency capping and fraud prevention — no personalization) are set only with your consent via the consent banner (see “Advertising”).

15. Deleting your account

You can delete your account yourself. After confirmation, deletion is scheduled with a 14-day grace period during which you can cancel; afterwards your account (including the Google sign-in) and associated personal data are deleted (Art. 17 GDPR), and we also trigger the deletion of your customer data at our payment provider.

Exempt is data subject to statutory retention duties (e.g. payment and invoice records under tax and commercial law, § 147 AO) — it is deleted once those periods expire (Art. 17(3)(b) GDPR). Your data may remain in backups for up to 14 more days; backups are deleted automatically, and if a backup is ever restored, deleted accounts are removed again in the process.

16. Translation feedback

Signed-in users can submit correction suggestions and comments on individual book pages. We store your suggestion and comment, the affected passage (the page and the text shown there), and the link to your account — so our editors can review submissions, follow up, and prevent abuse (Art. 6(1)(f) GDPR). Submissions are visible only to administrators. If you delete your account, your feedback is kept as a contribution to improving the texts but is anonymized — the link to you is permanently removed.

17. Changes

We update this policy as features or the legal situation change; the version published here applies.