Privacy Policy

Last updated: January 23, 2026

Your Privacy Matters

At Storytime, protecting your family's privacy—especially your children's data—is our highest priority. This policy explains what information we collect, how we use it, and your rights.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Your email address (for login and important communications)
  • Your name (to personalize your experience)
  • A password (encrypted and never stored in plain text)
  • Payment information (processed securely through Stripe; we never store card details)

Children's Information (COPPA Compliance)

To create personalized stories, we collect limited information about your children:

  • First name only (never last name)
  • Age
  • Interests and hobbies
  • Physical appearance details (for character generation)
  • Optional hometown (city/region only, never full address)

We comply with the Children's Online Privacy Protection Act (COPPA). We never knowingly collect information from children directly—only from parents/guardians who create child profiles.

Generated Content

  • Stories you generate
  • AI-generated illustrations
  • Character reference images

Usage Information

  • Login timestamps and session data
  • Stories created per month (for plan limits)
  • Browser type and device information (for compatibility)
  • Error logs (to fix bugs and improve the service)

2. How We Use Your Information

We use your information solely to:

  • Provide the Service: Generate personalized stories and illustrations
  • Manage Your Account: Handle authentication, billing, and subscription management
  • Communicate: Send essential service updates, security alerts, and (with your permission) occasional feature announcements
  • Improve Quality: Analyze usage patterns to fix bugs and enhance the experience
  • Ensure Safety: Detect and prevent fraud, abuse, or security issues

What We DON'T Do

  • ✗ We never sell or rent your data to third parties
  • ✗ We never use children's information for advertising
  • ✗ We never share stories or images outside your family account
  • ✗ We never send marketing emails to children

3. How We Share Your Information

We share your information only in these limited circumstances:

Service Providers

We use trusted third-party services to operate Storytime:

  • OpenAI: Generates story text (receives child's name, age, interests, and story theme)
  • Google Gemini: Generates character illustrations (receives physical appearance details)
  • Stripe: Processes payments securely (receives billing information)
  • Resend: Sends transactional emails (receives your email address)

All service providers are contractually required to protect your data and use it only for providing their specific service to us.

Legal Requirements

We may disclose information if required by law, court order, or to protect our rights, property, or safety (or that of our users).

4. Data Storage and Security

We implement industry-standard security measures:

  • Encryption: All data transmitted over HTTPS; passwords are hashed with bcrypt
  • Access Control: Strict family account isolation—you can only access your own data
  • Regular Backups: Data is backed up regularly to prevent loss
  • Monitoring: We monitor for security threats and suspicious activity

While we take security seriously, no system is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication when available.

5. Your Rights and Choices

You have the following rights:

Access and Export

You can view all your data through your account dashboard. Contact us to request a complete data export.

Update or Correct

You can update your profile and children's information anytime through the settings page.

Delete Your Data

You can delete child profiles or your entire account from the settings page. When you delete your account, we permanently remove all your personal data and generated content within 30 days.

Opt-Out of Communications

You can unsubscribe from promotional emails using the link in any email. You'll still receive essential account-related communications.

6. Children's Privacy (COPPA)

Storytime is designed for parents and guardians to use on behalf of their children. We do not knowingly collect information directly from children under 13.

Parental Rights Under COPPA

As a parent or guardian, you have the right to:

  • • Review the information we've collected about your child
  • • Request that we delete your child's information
  • • Refuse to allow further collection of your child's information
  • • Consent to our collection and use of your child's information

To exercise these rights, contact us at privacy@storytime.com

7. Cookies and Tracking

We use essential cookies to:

  • Keep you logged in
  • Remember your preferences
  • Ensure security

We do not use third-party advertising cookies or tracking scripts.

8. Data Retention

We retain your data for as long as your account is active. If you delete your account, we permanently delete all personal data within 30 days, except where we're legally required to retain certain information (e.g., transaction records for tax purposes).

9. International Users

Storytime is operated from the United States. If you're accessing the service from outside the US, your information will be transferred to and processed in the United States. By using Storytime, you consent to this transfer.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We'll notify you of significant changes by email or through a prominent notice in the application. Continued use of Storytime after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: privacy@storytime.com

Response Time: We typically respond within 48 hours

This Privacy Policy was last updated on January 23, 2026. Previous versions are available upon request.