Introduction
Mystoria ("we," "our," or "us") is committed to protecting the privacy of our users, particularly children. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Mystoria mobile application (the "App").
Mystoria is designed for use by both adults and children. Adults such as parents, caregivers, and educators can create stories independently or co-create them together with children.
Children's Privacy
We take children's privacy seriously. Mystoria is designed with children's safety as a priority.
- We do not knowingly collect personal information directly from children under 13.
- Story content (including a child's name and preferences) is entered by parents or caregivers.
- Story data is stored primarily on the user's device using local storage.
- Parents and caregivers maintain full control over their child's data and can delete it at any time.
Information We Collect
Information You Provide
- Account information: Email address and display name when you create an account.
- Story content: Child's name, story topics, preferences, and generated story text that you create within the App.
- Feedback and correspondence: Any information you provide when contacting us for support.
- Launch notifications and research interest: If you sign up on our website to be notified when the App is released, we store your name and email address to send that announcement. If you also opt in to hear about our user research study, the research team uses your contact details to follow up with you. You can ask us to remove your information at any time.
Information Collected Automatically
- Device information: Device type, operating system version, and unique device identifiers for crash reporting and diagnostics.
- Usage data: Basic analytics about App usage patterns (e.g., features used, session duration) to improve the App experience. This data is aggregated and not linked to individual children.
Information We Do NOT Collect
- We do not collect location data.
- We do not collect photos, contacts, or other sensitive device data.
- We do not use advertising trackers or sell data to third parties.
How We Use Your Information
- To provide the service: Generate and store personalized social stories.
- To improve the App: Analyze aggregated usage patterns to enhance features and fix issues.
- To communicate: Respond to support requests, send important service updates, and — if you signed up on our website — notify you when the App is released.
- To ensure safety: Monitor for abuse and maintain security of the platform.
Third-Party Services
Mystoria uses the following third-party services:
- Firebase (Google): For user authentication and optional cloud sync of story data. Firebase's privacy policy is available at firebase.google.com/support/privacy.
- OpenAI: For LLM-powered story generation. When you use the story generation feature, story prompts (not personal identifiers) are sent to OpenAI's API. OpenAI's privacy policy is available at openai.com/privacy. Note: Mystoria also supports fully on-device generation, which does not transmit any data externally.
- Apple (Analytics): Basic crash reporting and diagnostics through Apple's standard analytics. See apple.com/privacy.
Data Storage and Security
- Story data is stored locally on your device by default using encrypted local storage.
- If you enable cloud sync, story data is stored in Firebase Cloud Firestore with encryption at rest and in transit.
- We implement industry-standard security measures to protect your data.
- No method of electronic storage is 100% secure, and we cannot guarantee absolute security.
Your Rights and Choices
- Access and portability: You can view all your data within the App at any time.
- Deletion: You can delete individual stories, child profiles, or your entire account and all associated data from within the App or by contacting us.
- Cloud sync: You can choose to keep all data on-device only, without enabling cloud sync.
- LLM features: You can use the App's manual story creation features without using LLM-powered generation.
Data Retention
We retain your data for as long as your account is active or as needed to provide services. When you delete your account, we remove your data from our servers within 30 days. Locally stored data is removed when you delete the App.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy in the App and updating the "Last updated" date above. Your continued use of the App after such changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:
- Email: idealab@uw.edu
- Website: my-storia.com