Privacy

Last updated: 2025-10-06

What we collect

• Account data: email, authentication identifiers, and profile fields (username, display name, avatar selection, bio).
• Content: stories, branches, frames, and associated generated assets (text, images, audio). Private unless published.
• Usage & billing: generation counts, public view/copy counts, credits, plan status, and Stripe subscription/payment metadata.
• Device & telemetry (minimal): timestamps, coarse IP (for abuse prevention), and basic event logs to enforce fair use. No third‑party ad tracking.

How we use data

• Authenticate you and maintain your session.
• Store and render your stories, including private storage via signed URLs.
• Enforce free limits, credit packs, and premium subscriptions.
• Operate social features (likes, comments) on published stories with basic moderation.
• Protect the service against abuse and fraud.

Where your data lives

• Database & auth: Supabase (Postgres + Auth). RLS policies limit access to your own data by default.
• Media storage: Supabase Storage (private buckets). Accessed via short‑lived signed URLs.
• Payments: Google Play and Stripe processes payments; we never store card numbers on our servers.
• AI providers: Google AI Studio (Gemini/Imagen), Seedream 4 and Google Cloud TTS process prompts/content to generate outputs, with more being added in the future.

Data sharing

We do not sell your personal information. We share data only with processors necessary to provide the service (Supabase, Stripe, AI providers) under their terms. Public content you choose to publish is visible to everyone.

Retention

• Account and stories persist until you delete your account or content.
• Billing records are retained as required by law.
• Abuse and security logs are kept for a limited period.

Your rights

• Access, update, or delete profile data in the app.
• Delete stories you own at any time.
• Request account deletion via support; we will remove your personal data unless retention is required by law.

Cookies

We use essential cookies/session storage to keep you logged in and operate features. No third‑party advertising cookies.

Children

The service is not directed to children under 13 (or minimum age in your jurisdiction). We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will take steps to delete the information.

Changes

We may update this policy. Material changes will be indicated by updating the date above.

Contact

Questions or requests: myriastory@outlook.com