Welcome to StoryGarden! This Privacy Policy explains how StoryGarden, a trading name of ФОП Пекур Євгеній Валерійович (FOP Pekur Yevhenii Valeriovych), a sole proprietorship registered in Ukraine ("we," "us," or "our"), collects, uses, discloses, and protects your personal information when you use our mobile application, website, and services (collectively, the "Service").
We are committed to protecting your privacy and being transparent about our data practices. This policy describes:
What information we collect and why
How we use and share your information
Your rights and choices regarding your data
How we protect children's privacy
How to contact us with privacy questions
Important for Parents: StoryGarden is designed for children ages 2-12, but all accounts must be created and managed by a parent or guardian who is at least 18 years old. We are committed to COPPA compliance and do not knowingly collect personal information directly from children.
2. Information We Collect
We collect information that you provide to us, information that is automatically generated when you use our Service, and information from third-party services.
2.1 Account Information
When you create an account, we collect:
Email Address: For account creation, authentication, and communication
Name: Your display name (optional)
Profile Picture: Avatar or photo from your authentication provider (optional)
Authentication Provider: Which service you used to sign up (Google, Apple, Facebook, or Email)
Language Preference: Your preferred language for the app and stories
Password: Only if you sign up with email (stored as an encrypted hash, never in plain text)
2.2 User-Generated Content
When you use our Service to create content, we collect and store:
Story Prompts: The text or voice input you provide to generate stories
Generated Stories: The AI-created bedtime stories, including titles, content, and paragraphs
Custom Characters: Character names, descriptions, and AI-enhanced character profiles you create
Custom Locations: Location names, descriptions, and AI-enhanced location profiles
Story Images: AI-generated illustrations associated with your stories
Story Preferences: Selected genres, duration, illustration styles, and other customization options
2.3 Story Generation Parameters
To personalize stories for your children, you may optionally provide:
Age Range: The age of the child for whom you're generating stories (to adjust vocabulary and complexity)
Note on Children's Information: We do NOT store persistent child profiles. Age information is used only as a parameter for story generation and is associated with individual stories, not maintained as separate child profile data.
2.4 Subscription and Payment Information
When you subscribe to our premium features, we collect:
Subscription Status: Active, expired, trial, or cancelled status
Payment Platform: App Store, Play Store, or other payment provider
Subscription Dates: Purchase date, expiry date, renewal date
Product Information: Which subscription plan you selected
Country Code: Your country for pricing and tax purposes
RevenueCat Customer ID: Unique identifier from our subscription management service
Payment card information is NOT stored by us. All payment processing is handled securely by Apple, Google, or other payment providers. We never have access to your full credit card numbers.
2.5 Technical and Usage Data
We automatically collect certain technical information when you use our Service:
Device Information: Device type, operating system, app version
Usage Analytics: Features used, session duration, app interactions
Authentication Tokens: Secure tokens to keep you logged in
AI Request Logs: Prompts sent to AI, responses received, processing time, and token usage (for quality improvement)
2.6 Information from Third-Party Services
When you sign in with a third-party authentication provider (Google, Apple, Facebook), we receive:
Your email address
Your name (if provided by the service)
Your profile picture (if provided and you grant permission)
A unique identifier from that service
3. How We Use Your Information
We use your information for the following purposes:
3.1 Provide and Improve Our Service
Generate personalized AI bedtime stories based on your preferences
Create and enhance custom characters and locations
Save and organize your story library
Enable offline access to downloaded stories
Personalize content based on age, language, and preferences
Improve AI story quality and generation speed
Fix bugs and optimize performance
3.2 Account Management
Create and maintain your account
Authenticate you securely when you log in
Remember your preferences and settings
Enable multi-device access and synchronization
3.3 Subscription and Billing
Process subscription purchases and renewals
Manage your subscription status and entitlements
Provide customer support for billing issues
Send receipts and payment confirmations
Prevent fraud and unauthorized use
3.4 Communication
Send important service updates and announcements
Respond to your support requests and questions
Notify you about subscription changes or renewals
Send optional promotional emails (you can opt out anytime)
3.5 Safety and Security
Detect and prevent fraud, abuse, and illegal activities
Protect against security threats and vulnerabilities
Monitor content for age-appropriateness
Enforce our Terms and Conditions
Comply with legal obligations
3.6 Analytics and Research
Understand how users interact with our Service
Analyze which features are most popular
Improve AI model performance and accuracy
Conduct research to develop new features
Generate aggregated, anonymized statistics
4. Data Sharing and Third Parties
We do not sell your personal information. We only share your data in the following limited circumstances:
4.1 Third-Party Service Providers
We use trusted third-party services to operate our platform. These providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your data.
Firebase (Google)
Purpose: User authentication, database hosting, file storage
Data Shared: Email, name, authentication tokens, user-generated content
Purpose: Store AI-generated images and audio files
Data Shared: Generated story images, user content
4.2 Public Content
If you choose to make stories or characters public:
They may appear in our public story library
Other users can view and use them
They may be featured in marketing materials (with your permission)
You can change public content back to private at any time
4.3 Legal Requirements
We may disclose your information if required to do so by law or in response to:
Valid legal requests (subpoenas, court orders)
Requests from law enforcement or government agencies
Protection of our rights, property, or safety
Prevention of fraud or illegal activities
Compliance with applicable laws and regulations
4.4 Business Transfers
If StoryGarden is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.
4.5 Aggregated Data
We may share aggregated, anonymized data that cannot identify you individually:
Usage statistics and trends
Popular story genres and themes
Performance metrics and analytics
5. Children's Privacy (COPPA Compliance)
StoryGarden is committed to protecting children's privacy and complying with the Children's Online Privacy Protection Act (COPPA).
COPPA Compliance: We do not knowingly collect personal information directly from children under 13 years of age. All accounts must be created and managed by a parent or legal guardian who is at least 18 years old.
5.1 Parent-Controlled Accounts
To use StoryGarden:
A parent or guardian must create the account
The parent controls all account settings and preferences
The parent provides consent for their child to use the Service
The parent can review, modify, or delete any data at any time
5.2 Information About Children
We collect minimal information about children:
Age Range: Used only to generate age-appropriate stories
First Name (Optional): Used only within generated stories for personalization
Important: This information is provided by parents and used solely to customize story content. We do NOT:
Collect children's names, photos, or personal details separately
Create persistent profiles for individual children
Allow children to create accounts or profiles independently
Collect location data from children
Enable children to post content publicly
5.3 Parental Rights
Parents have the following rights:
Review: Access any information collected about their child
Delete: Request deletion of their child's information
Refuse Collection: Decline further collection of their child's information
We use age-gating mechanisms to ensure only adults can create accounts. If we discover that a child under 13 has created an account without parental consent, we will immediately delete that account and all associated data.
5.5 No Targeted Advertising to Children
We do not display advertisements in our app, and we do not engage in targeted advertising to children.
6. Data Security
We implement industry-standard security measures to protect your personal information:
6.1 Technical Safeguards
Encryption: All data is encrypted in transit (HTTPS/TLS) and at rest
Secure Authentication: Firebase Authentication with industry-standard protocols
Password Security: Passwords are hashed and salted, never stored in plain text
Access Controls: Strict role-based access to data and systems
Regular Security Audits: Ongoing vulnerability assessments and penetration testing
Secure Infrastructure: Hosted on secure cloud platforms with robust security
6.2 Organizational Safeguards
Limited employee access to personal data (need-to-know basis)
Confidentiality agreements with all team members
Security training for all personnel
Incident response procedures
Regular security updates and patches
6.3 Data Breach Notification
In the unlikely event of a data breach affecting your personal information, we will:
Notify affected users promptly
Report the breach to appropriate authorities as required by law
Take immediate action to secure systems and prevent further breaches
Provide information about the breach and protective measures
6.4 Your Responsibility
While we implement strong security measures, you also play a role in protecting your data:
Keep your account password confidential
Use a strong, unique password
Log out from shared devices
Report any suspicious activity immediately
Keep your device and app updated
7. Your Privacy Rights
You have important rights regarding your personal information:
7.1 Access Your Data
You have the right to:
View all personal information we have about you
Request a copy of your data in a portable format
Understand how we use your information
7.2 Correct or Update Information
You can:
Update your account information in app settings
Correct inaccurate or incomplete data
Modify your preferences and settings
7.3 Delete Your Data
You have the right to:
Delete your account and all associated data
Request deletion of specific information
Remove public stories or characters
To delete your account:
Go to Settings > Account > Delete Account in the app, OR
If you don't log in for an extended period (typically 2 years), we may:
Send reminder emails before deletion
Delete inactive accounts and associated data
Retain aggregated, anonymized data for analytics
8.3 After Account Deletion
When you delete your account:
Most data is deleted within 30 days
Backup copies are deleted within 90 days
Some data may be retained for legal compliance (e.g., financial records for tax purposes)
Anonymized data may be retained for analytics
8.4 Legal Retention
Certain information must be retained for legal or regulatory purposes:
Financial transaction records (typically 7 years for tax compliance)
Data subject to legal holds or investigations
Records required for dispute resolution
8.5 AI Training Data
We do NOT use your personal stories or prompts to train our AI models. AI request logs are retained for quality improvement but are anonymized after 90 days.
9. Cookies and Tracking Technologies
9.1 What Are Cookies?
Cookies are small text files stored on your device that help websites and apps remember your preferences and improve your experience.
9.2 How We Use Cookies
We use cookies and similar technologies for:
Authentication: Keep you logged in securely
Preferences: Remember your language and settings
Analytics: Understand how users interact with our Service
Performance: Monitor and improve app performance
Security: Detect fraud and protect your account
9.3 Types of Cookies We Use
Essential Cookies
These are necessary for the Service to function and cannot be disabled:
Authentication tokens
Session management
Security features
Functional Cookies
These enhance functionality and personalization:
Language preferences
User interface settings
Feature preferences
Analytics Cookies
These help us understand usage patterns:
Page views and navigation
Feature usage statistics
Performance metrics
9.4 Third-Party Cookies
Our third-party service providers may also use cookies:
Firebase Analytics for usage tracking
RevenueCat for subscription analytics
9.5 Your Cookie Choices
You can control cookies through:
Browser settings (block or delete cookies)
Device settings (limit ad tracking)
App settings (disable analytics)
Note: Disabling essential cookies may affect Service functionality.
9.6 Do Not Track
We do not currently respond to "Do Not Track" browser signals, as there is no industry standard for how to interpret them.
10. International Data Transfers
10.1 Where Your Data Is Stored
StoryGarden is based in Ukraine. Your information may be transferred to, stored, and processed in:
United States (Firebase, OpenAI servers)
Other countries where our service providers operate
10.2 Data Protection Standards
When we transfer data internationally, we ensure adequate protection through:
Standard contractual clauses approved by regulatory authorities
Compliance with Privacy Shield principles (where applicable)
Use of service providers with strong privacy commitments
Encryption of data in transit and at rest
10.3 European Economic Area (EEA)
For users in the EEA, we comply with GDPR requirements for international data transfers. Your data is protected by:
EU-approved standard contractual clauses
Adequacy decisions by the European Commission
Additional safeguards and security measures
10.4 Your Rights for International Transfers
If you are concerned about international data transfers, you can:
Request information about where your data is stored
Request copies of safeguards in place
Object to transfers in certain circumstances
11. Changes to This Privacy Policy
11.1 Updates to This Policy
We may update this Privacy Policy from time to time to reflect:
Changes in our data practices
New features or services
Legal or regulatory requirements
User feedback and best practices
11.2 How We Notify You
When we make changes, we will:
Update the "Last Updated" date at the top of this page
Notify you via email for material changes
Display an in-app notification for significant changes
Provide a summary of changes when applicable
11.3 Material Changes
For material changes that significantly affect your rights or how we use your data, we will:
Provide at least 30 days' advance notice
Obtain your consent where required by law
Give you an opportunity to review changes before they take effect
11.4 Your Acceptance
Your continued use of the Service after changes take effect constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you should stop using the Service and delete your account.
11.5 Previous Versions
We maintain an archive of previous Privacy Policy versions. You can request access to older versions by contacting [email protected].
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
12.1 Legal Entity
Business Name: ФОП Пекур Євгеній Валерійович (FOP Pekur Yevhenii Valeriovych) Trading As: StoryGarden Business Type: Sole Proprietorship (Ukraine)