MightyTales Books Logo

Privacy Policy

MightyTales Books

Last Updated: November 30, 2024

1. Introduction

Welcome to MightyTales Books ("we," "our," or "us"). We are committed to protecting your privacy and the privacy of your children. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our personalized children's story creation service.

By using MightyTales Books, you agree to the collection and use of information in accordance with this policy.

2. Children's Privacy

MightyTales Books is designed for use by parents and guardians to create stories for children. We do not knowingly collect personal information directly from children under 13 years of age without verifiable parental consent.

Parents and guardians may provide information about their children (such as names, ages, and physical descriptions) solely for the purpose of personalizing stories. This information is:

  • Used only to generate personalized story content
  • Stored securely in association with the parent's account
  • Never shared with third parties for marketing purposes
  • Can be deleted at any time by the parent/guardian

If we learn that we have collected personal information from a child under 13 without parental consent, we will delete that information as quickly as possible.

3. Information We Collect

3.1 Account Information

When you create an account, we collect:

  • Email address: For account creation, login, and password recovery
  • Username: Your chosen display name
  • Name: Your full name
  • Password: Securely hashed and encrypted
  • Account creation date: Timestamp of when you joined

3.2 Story Content Information

When you create stories, we collect and store:

  • Character information: Names, ages, gender, and physical descriptions provided by you
  • Story themes and settings: Your chosen story themes and preferences
  • Dedications: Personal messages you include in stories
  • Story content: The generated text, images, and audio for your stories
  • Usage statistics: Number of stories generated and regeneration requests

3.3 Payment Information

Payment processing is handled securely by Stripe, a third-party payment processor. We store:

  • Payment transaction IDs
  • Purchase amounts
  • Promo codes used (if applicable)

We never store your full credit card information. All payment details are securely handled by Stripe in compliance with PCI-DSS standards.

3.4 Technical Information

We automatically collect certain technical information:

  • IP address
  • Browser type and version
  • Device information
  • Usage patterns and interactions with our service

4. How We Use Your Information

We use the collected information for the following purposes:

  • Story Generation: To create personalized stories with illustrations and audio narration
  • Account Management: To create and manage your account, authenticate users, and enable password recovery
  • Service Delivery: To process payments, generate PDFs, and deliver your purchased stories
  • Content Moderation: To ensure all content is appropriate and safe for children using automated content moderation
  • Service Improvement: To analyze usage patterns and improve our service quality
  • Communication: To send service-related emails (e.g., password reset links, order confirmations)
  • Legal Compliance: To comply with legal obligations and enforce our terms of service

5. Third-Party Services

We use the following third-party services to provide our functionality:

Anthropic (Claude AI)

Purpose: Story text generation
Data shared: Story prompts, character descriptions, themes
Privacy Policy: anthropic.com/privacy

Replicate (Stable Diffusion)

Purpose: Story illustration generation
Data shared: Visual descriptions for image generation
Privacy Policy: replicate.com/privacy

Amazon Web Services (AWS Polly)

Purpose: Text-to-speech audio narration
Data shared: Story text for voice synthesis
Privacy Policy: aws.amazon.com/privacy

Cloudinary

Purpose: Image hosting and delivery
Data shared: Generated story illustrations
Privacy Policy: cloudinary.com/privacy

Stripe

Purpose: Payment processing
Data shared: Payment information (handled directly by Stripe)
Privacy Policy: stripe.com/privacy

OpenAI Moderation API

Purpose: Content safety and moderation
Data shared: User inputs for safety checking
Privacy Policy: openai.com/privacy

Important: These third-party services have their own privacy policies. We encourage you to review them. We select partners who maintain high standards of data protection and privacy.

6. Data Storage and Security

We implement industry-standard security measures to protect your information:

  • Encryption: Passwords are hashed using bcrypt; sensitive data is encrypted in transit using HTTPS/TLS
  • Secure Storage: Data is stored in secure MongoDB databases with access controls
  • Authentication: JWT (JSON Web Tokens) for secure session management
  • Rate Limiting: Protection against brute force attacks and abuse
  • Regular Backups: Data is regularly backed up to prevent loss

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specifically:

  • Account data: Retained until you request account deletion
  • Story content: Retained as long as associated with your account
  • Payment records: Retained for tax and legal compliance (typically 7 years)
  • Backup data: May persist in backups for up to 90 days after deletion

8. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information in your account settings
  • Deletion: Request deletion of your account and associated data
  • Export: Download your stories in PDF format
  • Object: Object to certain processing of your data
  • Withdraw Consent: Withdraw consent for data processing (may limit service availability)

To exercise these rights, please contact us at the email address provided in Section 12.

9. Cookies and Tracking

We use minimal tracking technologies. Our service uses:

  • Essential Cookies: Authentication tokens stored in localStorage for login sessions
  • Functional Storage: Local storage for user preferences and session data

We do not use third-party advertising cookies or tracking scripts.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date at the top of this policy
  • Sending an email notification for significant changes

Your continued use of MightyTales Books after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

MightyTales Books

Email: privacy@mightytales.com

We will respond to your inquiry within 30 days.

13. Legal Compliance

MightyTales Books complies with applicable data protection laws, including:

  • Children's Online Privacy Protection Act (COPPA)
  • General Data Protection Regulation (GDPR) where applicable
  • California Consumer Privacy Act (CCPA) where applicable
  • Other applicable regional data protection laws

Thank you for trusting MightyTales Books with your family's story creation journey. We are committed to protecting your privacy and providing a safe, magical experience for children.

Back to Home

© 2024 MightyTales Books. All rights reserved.

Privacy Policy | Home