auto_stories StoryBook

Privacy Policy

1. Introduction

At StoryBook, we are committed to protecting your privacy and being transparent about how we collect, use, and safeguard your personal data. This Privacy Policy explains our data practices in accordance with UK GDPR (General Data Protection Regulation) and the Data Protection Act 2018.

StoryBook is an experimental platform currently in development. While we implement industry-standard security measures, please be aware that no system is completely secure.

2. Data Controller Information

StoryBook operates from England, United Kingdom. As the data controller, we determine how and why your personal data is processed.

3. Data We Collect

We collect the following types of information when you use StoryBook:

3.1 Authentication Data (via Google OAuth)

When you sign in with your Google account, we collect:

  • Full name
  • Email address
  • Profile picture URL
  • Google account identifier (for authentication purposes)

3.2 Story Data

  • Story parameters you provide (genre, characters, plot details)
  • Generated story content and audio files
  • Voice selections for characters
  • Story metadata (creation date, chapter count, status)

3.3 Usage Data

  • Stories you create and listen to
  • Playback progress and listening history
  • Feature usage patterns

3.4 Technical Data

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and features used
  • Timestamps of your activity
  • Referrer URLs

4. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

Consent

By creating an account and using StoryBook, you consent to our collection and use of your data as described in this policy.

Contract Performance

Processing is necessary to provide the story generation service you've requested, including account creation, story creation, and audio hosting.

Legitimate Interests

We process certain data for our legitimate interests in operating, improving, and securing the platform, including analytics, fraud prevention, and service optimization.

5. How We Use Your Data

We use your personal data to:

  • Provide and operate the StoryBook service
  • Authenticate your account and maintain your session
  • Generate personalized stories based on your inputs
  • Store and serve your story library
  • Track your chapter credit balance
  • Analyze usage patterns to improve the platform
  • Detect and prevent fraud, abuse, and security threats
  • Comply with legal obligations
  • Send important service updates (when necessary)

6. Data Storage & Security

6.1 Where We Store Your Data

  • Audio Files: Stored in secure cloud storage with server-side encryption
  • User Data & Metadata: Stored in secure databases
  • Session Data: Stored in encrypted session cookies

We make reasonable efforts to use UK and EU data centers where possible, though some data may be processed outside the UK/EU by third-party services (see Section 11).

6.2 Security Measures

  • Audio files and database records encrypted at rest
  • All data transmitted over secure HTTPS connections (TLS/SSL encryption)
  • Google OAuth for secure authentication (no passwords stored by StoryBook)
  • Regular security audits and updates
  • Access controls limiting who can access your data

6.3 Security Limitations

As an experimental platform in development, StoryBook may have security vulnerabilities. No security system is completely foolproof. By using StoryBook, you acknowledge these risks.

7. Data Sharing

We do not sell your personal data to third parties. We may share your data in the following limited circumstances:

7.1 Third-Party Service Providers

  • Google: Authentication and cloud storage services
  • AI Providers: Story generation (text prompts only, no personal data)
  • Voice Providers: Text-to-speech services for audio generation
  • Hosting Providers: Infrastructure for running the platform

7.2 Legal Requirements

We may disclose your data if required by law, court order, or legal process, or to protect the rights, property, or safety of StoryBook, our users, or the public.

8. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

Right of Access

You can request a copy of the personal data we hold about you.

Right to Rectification

You can update or correct your personal data through your account settings or by contacting us.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your account and associated data. Some data may be retained as required by law or for legitimate business purposes.

Right to Data Portability

You can request a machine-readable copy of your data to transfer to another service.

Right to Object

You can object to processing of your data based on legitimate interests.

Right to Withdraw Consent

You can withdraw your consent to data processing at any time by deleting your account.

To exercise any of these rights, please contact us through the platform.

9. Data Retention

We retain your personal data as follows:

  • Account Data: Retained until you delete your account
  • Story Content: Retained until you delete individual stories or your account
  • Technical Logs: Typically retained for 90 days for security and analytics purposes
  • Legal Compliance: Some data may be retained longer if required by law

After account deletion, we make reasonable efforts to remove your personal data, though some data may persist in backups for a limited period.

10. Cookies & Tracking

StoryBook uses cookies and similar technologies to provide and improve our service. For detailed information about the cookies we use, please see our Cookie Use Policy.

Essential cookies (for authentication and security) are necessary for the service to function. You can manage non-essential cookies through your browser settings, though this may limit platform functionality.

11. International Data Transfers

While we make efforts to store data in the UK and EU, some of our third-party service providers (particularly Google and AI/voice providers) may process data outside the UK/EU. When data is transferred internationally, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the UK authorities
  • Transfers to countries with adequate data protection laws
  • Service providers with strong security and privacy commitments

12. Children's Privacy

StoryBook is not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that a user is under 13, we will take steps to delete their account and data.

For users between 13 and 16, we recommend obtaining parental consent before using StoryBook, as may be required under UK data protection law.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date and make reasonable efforts to notify you through the platform.

Your continued use of StoryBook after any changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

14. Contact & Complaints

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us through the platform.

You also have the right to lodge a complaint with the UK's supervisory authority for data protection:

Information Commissioner's Office (ICO)
Website: ico.org.uk
Telephone: 0303 123 1113

Last Updated: December 2025