Privacy Policy
Effective Date: March 13, 2026
Last Updated: March 19, 2026
Introduction
DeVito Digital Solutions LLC ("we", "us", "our") operates FableFrog, an iOS application that serves as a client for Audiobookshelf, a self-hosted audiobook server.
FableFrog is a client application that connects to your own self-hosted Audiobookshelf server. We do not operate any central server, and we do not collect, receive, or have access to your personal data, audiobooks, or listening activity.
Because we do not operate any server that receives your data, DeVito Digital Solutions LLC does not act as a data controller or data processor (as defined under GDPR, UK GDPR, and similar laws). If you connect to an Audiobookshelf server operated by someone else, that server operator is the data controller for data processed on their server.
How FableFrog Works
FableFrog operates on a self-hosted model:
• Your Server: You (or your organization) operate an Audiobookshelf server. All your library data, listening progress, bookmarks, and account information reside on your server, under your control.
• FableFrog App: The app runs on your device and communicates directly with your server. DeVito Digital Solutions LLC does not intermediate, proxy, or have visibility into these communications.
Data Stored on Your Device
FableFrog stores the following data locally on your device:
Authentication Credentials
Your server connection URL, authentication tokens, and a tenant identifier (derived from your user ID and server address) are stored in the iOS Keychain, Apple’s secure credential storage. The tenant identifier is used to associate locally cached data with your account. Your password is never stored — only session tokens received from your server.
Library Data Cache
Book metadata (titles, authors, series, descriptions), listening progress, bookmarks, ratings, and playlists are cached locally to enable offline access and faster browsing. This cache is associated with your specific user account and server combination. When you sign out, server-synced data (metadata, progress, bookmarks) is cleared, but your ratings, playlists, and per-book playback settings are retained on the device so they are available if you sign back in. This retained data is isolated from other accounts — a different user signing in on the same device cannot access it through the app.
If multiple people use the same device, each person’s retained data remains on the device after they sign out. While the app does not expose one user’s data to another, the data is stored locally and could theoretically be accessed using device management or forensic tools. On shared devices, users who want to ensure complete removal of their data should delete and reinstall the app.
Downloaded Audio Files
When you download audiobooks for offline listening, audio files are stored on your device. Downloads contain no authentication credentials and persist after sign-out, as they are your content.
App Preferences
Per-book playback settings (speed, skip intervals) are stored locally and associated with your specific user account and server combination. Device-wide display preferences (theme, text size), volume level, and feature toggles remain device-level settings not tied to any account. None of these preferences are transmitted to us or any third party.
Device Identifier
FableFrog generates a random identifier (UUID) on first launch. This identifier is sent to your Audiobookshelf server as part of playback session tracking so your server can distinguish between your devices. This is not an advertising identifier and cannot be used to track you across apps. It is not shared with us or any third party.
This identifier is stored in your device’s local storage and persists until the app is deleted and reinstalled. It is used solely for multi-device session management on your server.
Widget Data
If you use the FableFrog widget, the currently playing book’s title, author, chapter name, and playback position are shared with the widget. No authentication tokens or credentials are included in widget data.
Data Sent to Your Server
When using FableFrog, the following data is transmitted directly to your Audiobookshelf server:
• Your username and password during login, or OpenID Connect authorization codes if your server uses OIDC authentication
• Playback position, listening duration, and session timestamps
• Bookmarks, ratings, reviews, and playlist changes you create
• App-generated device identifier, app version, device model, and client name
This data goes directly from your device to your server. DeVito Digital Solutions LLC never receives, processes, stores, or has access to any of it.
Third-Party Services
FableFrog connects to the following third-party services:
Apple Services
If you purchase FableFrog Premium, Apple processes the transaction. We receive only a purchase receipt confirming your entitlement — no payment or financial details. Apple’s services are governed by Apple’s Privacy Policy (apple.com/privacy).
Audible (Amazon)
The "Upcoming Books" feature retrieves publicly available series and release date information from Audible’s website. No account credentials, user identifiers, or app data are sent. As with any internet connection, your device’s IP address is visible to Audible’s servers. This connection is governed by Amazon’s Privacy Notice (amazon.com/privacy).
GitHub
The Settings page checks the latest Audiobookshelf release version via GitHub’s public API. No account credentials, user identifiers, or app data are sent. As with any internet connection, your device’s IP address is visible to GitHub’s servers. This connection is governed by GitHub’s Privacy Statement (docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement).
Your Identity Provider
If your Audiobookshelf server uses OpenID Connect (OIDC) authentication, FableFrog will open a browser session with your identity provider during login and logout. Your identity provider’s own privacy policy governs that interaction.
Data We Collect
We do not collect any personal data. DeVito Digital Solutions LLC does not operate servers that receive data from FableFrog. There are no analytics, crash reporting, advertising, or telemetry services in the app.
When FableFrog connects to third-party services listed above (Apple, Audible, GitHub, or your identity provider), those services may receive your IP address and other standard connection information as part of the network request. Their respective privacy policies govern their handling of such data.
We do not "sell" or "share" (as defined by the California Consumer Privacy Act) your personal information and have not done so in the preceding 12 months.
FableFrog does not use advertising identifiers (IDFA), does not participate in Apple’s App Tracking Transparency framework, and contains no advertising, analytics, or telemetry SDKs.
App Store Privacy Details
FableFrog’s App Store listing declares "Data Not Collected" in its App Privacy details. This reflects that DeVito Digital Solutions LLC does not collect data from the app. Data transmitted to your own self-hosted server is under your control and is not collected by us.
Children’s Privacy
FableFrog does not collect personal information from any user, including children. The app does not require or request personal information, does not contain advertising, and does not include third-party analytics or tracking.
While FableFrog is suitable for users of all ages, it is not specifically directed to children under 13 (as defined by the U.S. Children’s Online Privacy Protection Act) or under the applicable age of digital consent in your jurisdiction. We recommend that children use the app under parental or guardian supervision.
Parents and guardians who operate an Audiobookshelf server for their family are responsible for managing their children’s accounts and data on that server.
Your Rights
Because we do not collect or store your personal data on our systems, most data subject rights do not apply to us directly. However, we want to be clear about how you can exercise control over your data:
• Device data: You can delete all locally stored data by deleting the app. Signing out clears your credentials, active session state, and server-synced cache, but retains your ratings, playlists, and playback settings on the device in case you sign back in. This retained data is isolated from other accounts. The device identifier is reset when the app is reinstalled.
• Server data: Your audiobook library, listening history, bookmarks, and account data reside on your own Audiobookshelf server. You have full control over this data through your server’s administration tools. You may exercise rights of access, correction, deletion, data portability, and objection directly through your server.
• Purchase data: Apple processes and controls App Store transaction records. Contact Apple to exercise rights related to purchase data.
• Complaints: If you believe your privacy rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.
If you have questions or wish to exercise any privacy right, contact us at the address below.
Security
FableFrog employs the following security measures:
• Authentication tokens and tenant identifiers are stored in the iOS Keychain with hardware-backed encryption
• Locally cached data is isolated per account so that different users on the same device cannot access each other’s data through the app
• All network traffic uses TLS encryption enforced by iOS App Transport Security
• No credentials are written to files, logs, or unprotected storage
• Production builds contain no diagnostic logging
Data Retention
Server-synced library data (metadata, progress, bookmarks) is cleared from your device when you sign out. Ratings, playlists, per-book playback settings, and pending offline changes are retained on the device, associated with your account, until you delete the app. Downloaded audiobooks persist until you manually remove them within the app or through iOS Settings. The device identifier persists until the app is deleted and reinstalled. Apple retains purchase records according to Apple’s own data retention policies. We retain no data on our systems because we collect no data.
Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be reflected in the app with an updated effective date. We encourage you to review this policy periodically. If we make material changes, we will note them in the app’s release notes.
Contact Us
If you have questions about this Privacy Policy, please contact us: