Privacy Policy

3.2 Limited Collection

• We collect only the minimum amount of children's personal information necessary to provide our story generation services.
• We do not condition a child's participation in any activity on the disclosure of more personal information than is reasonably necessary.

3.3 Parental Rights Under COPPA

Parents and guardians have the following rights regarding their child's personal information:

• Review: You may request to review the personal information we have collected from or about your child.
• Deletion: You may request that we delete any personal information we have collected from or about your child.
• Refuse further collection: You may refuse to permit further collection or use of your child's personal information.
• Consent withdrawal: You may withdraw your consent at any time by contacting us at [email protected].

3.4 No Direct Collection from Children

Our platform does not allow children under 13 to create accounts, submit personal information, or interact with the service directly without a parent or guardian's involvement. If we discover that we have inadvertently collected personal information from a child under 13 without verified parental consent, we will promptly delete such information from our records.

3.5 No Behavioral Advertising to Children

We do not use children's personal information for behavioral or targeted advertising purposes. We do not share children's personal information with third parties for marketing purposes.

Parents can use the following actions to manage their child's data across these providers:

• Review: Account → Family Members tab shows all stored data (photo, name, age, interests) for your child.
• Edit: Use the Family Member edit page to update photo, name, age, and interests.
• Delete: Deleting a Family Member permanently removes the child's data from our system and from all relevant AI providers (including cloned voices).
• Withdraw consent: Deleting your child's family member record = withdrawing COPPA consent. For broader withdrawal, contact [email protected].
• Full data export: Settings → Account → Download Data exports your entire family data in GDPR/COPPA-compliant JSON.

5.1 How AI Processes Your Data

• Children's names, ages, interests, and preferences are used as inputs to our AI models to generate personalized story content.
• Uploaded photos may be processed by AI image generation models to create illustrated characters that resemble your child within the stories.
• The AI processing occurs on secure servers, and inputs are not used to train third-party AI models without your explicit consent.

5.2 AI Content Safety

• All AI-generated content goes through safety filters to ensure age-appropriateness.
• We implement content moderation measures to prevent the generation of harmful, violent, or inappropriate content.
• AI-generated stories are reviewed through automated safety systems before delivery.

5.3 Photo Processing

• Photos uploaded for story illustration purposes are processed solely for generating story artwork.
• We do not use uploaded photos for facial recognition, biometric profiling, or any purpose beyond story creation.
• Photos are stored securely and can be deleted at any time upon parental request.
• We do not sell, license, or distribute uploaded photos to third parties.

5.4 AI Model Training

We do not use your child's personal information, photos, or generated stories to train generalized AI models. Any data used for improving our service is aggregated and anonymized to remove personally identifiable information.

5.5 Voice Samples and Voice Cloning

• Voice cloning is an entirely optional feature and is used solely to generate a stylized voice model from voice samples you voluntarily upload.
• We process your uploaded voice sample only to create this voice clone and to narrate your stories; we do not use it for biometric profiling, speaker identification, or identity verification.
• Your voice data is stored encrypted on secure servers, is not used to train generalized AI models, and is never sold or shared with third parties for marketing purposes.
• You may delete your voice clones and uploaded samples at any time from your account settings; they are permanently removed within 30 days of your request.
• You are responsible for uploading only your own voice or the voice of a person from whom you have obtained express written consent; all legal responsibility arising from unauthorized cloning of third parties rests solely with the user.
• Generated narrations are algorithmic interpretations; we do not guarantee that any output will match a natural human voice or the pronunciation, intonation, or emotional delivery of your uploaded recording.

6.1 Security Measures

• Encryption: All data is encrypted in transit using TLS/SSL protocols and at rest using AES-256 encryption.
• Access controls: Strict access controls limit who can access personal data within our organization.
• Secure infrastructure: We use reputable cloud service providers with SOC 2 and ISO 27001 certifications.
• Regular audits: We conduct regular security assessments and vulnerability testing.
• Password protection: User passwords are hashed using industry-standard cryptographic algorithms and are never stored in plain text.

6.2 Data Location

Your data is primarily stored on servers located in the United States. If data is transferred or processed in other jurisdictions, we ensure appropriate safeguards are in place as described in the International Data Transfers section below.

6.3 Breach Notification

In the event of a data breach that affects your personal information, we will notify affected users and relevant authorities as required by applicable law, including providing notification within the timeframes mandated by state and federal regulations.

9.1 Retention Periods

• Account data: Retained for as long as your account is active and for a reasonable period thereafter for legal and business purposes.
• Children's data: Retained only for as long as necessary to provide the services requested and deleted promptly upon parental request or account deletion.
• Generated stories and illustrations: Stored in your account for your access. Deleted upon account deletion or upon request.
• Uploaded photos: Retained only as long as needed for story generation and can be deleted at any time by the parent or guardian.
• Payment records: Retained as required by applicable tax and financial regulations.
• Server logs: Automatically purged after 90 days.

9.2 Requesting Data Deletion

You may request the deletion of your personal data or your child's personal data at any time by:

• Using the account deletion feature in your account settings
• Emailing us at [email protected] with a deletion request

We will process deletion requests within 30 days and confirm completion to you. Some data may be retained in anonymized form for analytics purposes or as required by law.

Your Rights Under CCPA/CPRA

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collecting it, and the categories of third parties with whom we share it.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Correct: You have the right to request correction of inaccurate personal information.
• Right to Opt-Out of Sale/Sharing: You have the right to opt out of the sale or sharing of your personal information. Note: We do not sell personal information.
• Right to Limit Use of Sensitive Personal Information: You may request that we limit the use and disclosure of your sensitive personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.