Privacy Policy for TaleTogether

‍

Introduction

This Privacy Policy ("Policy") establishes the legal framework governing the relationship between onEins LLC, a limited liability company duly organized and existing under the laws of the State of Florida, with its principal place of business at 3833 Powerline Rd, Suite 101-K, Fort Lauderdale, Florida 33309, United States ("onEins LLC," "we," "us," or "our"), and you, the user of the TaleTogether mobile application ("TaleTogether" or "App"). By downloading, installing, accessing, registering for, or otherwise using the App or its services (collectively, the "Services"), you agree to the data collection, use, storage, sharing, and protection practices outlined in this Policy. This consent is a prerequisite for your use of the App, and if you disagree with any part of this Policy, you are legally obligated to cease usage immediately and uninstall the App.

TaleTogether is designed to promote family bonding through personalized storytelling for children aged 0-10, using family-provided data solely for tale creation in a safe, ad-free environment. We prioritize privacy, especially for families and children, and commit to using data responsibly to foster emotional growth and self-esteem without dopamine-driven engagement. For inquiries, to exercise your rights, or to seek clarification, contact us at info@oneins.studio or +1 (754) 222-4516. This Policy is effective as of August 4, 2025, and complies with applicable laws, including but not limited to the General Data Protection Regulation (GDPR) in the EU, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Children's Online Privacy Protection Act (COPPA), and emerging U.S. state privacy laws effective in 2025 (e.g., in Minnesota, Nebraska, New Jersey, Delaware, and Iowa).

‍

1. Definitions

Precision in terminology is critical to avoid ambiguity in this Policy. The following definitions ensure mutual understanding and consistent interpretation:

"Personal Data": Any information that identifies or relates to an identifiable individual, such as names, email addresses, photos, child details, or device information, aligning with definitions under GDPR, CCPA/CPRA, and other applicable U.S. state privacy laws.
"User": Any individual who downloads, installs, accesses, registers for, or uses TaleTogether, including parents, guardians, or family members acting on behalf of minors.
"Tale": An AI-generated personalized story created by the App based on User-provided inputs, such as child details, Talemates, and selected Themes.
"Tale Hero": The customizable protagonist in a Tale, typically representing the User's child or a family member.
"Talemates": Customizable supporting characters in a Tale, such as parents, friends, pets, or other figures.
"Themes": Predefined story categories or styles available for Tale generation.
"Coins": Virtual currency purchased through Apple In-App Purchases (IAP), used to generate Tales or unlock features.
"Third-Party Services": External providers integral to the App's operations, including Supabase (database), Google Cloud (server), BuildShip (backend), Resend (email), and Apple IAP (payments).

These definitions are legally binding throughout the Policy and apply to all related documents, ensuring clarity in the context of TaleTogether's family-focused storytelling functionality.

‍

2. Data Collection

We collect data necessary to provide and improve the Services, ensuring transparency as required by privacy laws such as GDPR, CCPA/CPRA, and 2025 U.S. state laws. Categories of data include:

User-Provided Information: Details for Tale creation, such as child names, descriptions, photos, Tale Hero attributes, Talemates, and Themes. These are collected voluntarily to personalize stories.
Authentication Data: For Sign in with Apple, minimal data (e.g., Apple ID, optionally name and email); for email login, your email address and OTP for secure access.
In-App Purchases: Transaction details (e.g., purchase history and Coin balances) via Apple IAP; sensitive payment information is handled solely by Apple.
Usage Data: Device information (e.g., IP address, OS version), interactions, preferences, and analytics to enhance the App and user experience.
Generated Tales: AI outputs stored for your access and family sharing.

We adhere to data minimization principles, collecting only what is essential for family storytelling, and do not track or profile users for advertising purposes.

‍

3. Data Usage

Your data is used solely for the purposes specified below, in compliance with purpose-limitation requirements under GDPR, CCPA/CPRA, and similar laws. We do not repurpose data without consent:

Tale Generation: Process inputs (e.g., photos, descriptions) to create personalized Tales; inputs are deleted immediately after generation.
Account Management: Authentication data secures access and manages preferences.
Transactions: Purchase data handles Coin balances (e.g., 5 Coins per Theme) for seamless feature unlocks.
App Improvement: Anonymized usage data analyzes trends to refine AI, Themes, and user interface, based on legitimate interests.
Service Provision: Generated Tales are retained for viewing, downloading, or family sharing within the App.

We may use de-identified, aggregated data for research or AI training, ensuring no re-identification. Data is not sold, shared for marketing, or used beyond these family-bonding purposes.

‍

4. Data Storage and Retention

Data is stored securely on U.S.-based servers via Third-Party Services, with retention policies designed for minimal duration:

Transient Data (e.g., Uploaded Photos/Inputs): Deleted immediately after Tale generation.
Generated Tales: Stored indefinitely for your convenience, unless deleted by you or upon account termination.
Account and Usage Data: Retained until account deletion, after which all data is permanently erased.

You can request deletion via App settings or by contacting info@oneins.studio. Retention complies with legal obligations, including those under 2025 U.S. state laws requiring data minimization.

‍

5. Data Sharing and Third-Party Services

We share data only as necessary for Services, with safeguards in place:

Third-Party Services: Supabase (account storage), Google Cloud (Tale hosting), BuildShip (AI processing), Resend (OTP emails), Apple IAP (payments). These process data under their privacy policies; we use data processing agreements to ensure compliance.
Legal Requirements: Disclosure if required by law, subpoena, or to protect rights/safety.
No Other Sharing: Data is not shared with advertisers, affiliates, or others without consent, except in business transfers (e.g., merger).

This limits exposure while supporting the App's operations, aligning with GDPR adequacy decisions and U.S. state opt-out rights.

‍

6. User Rights

You have rights over your Personal Data, expanded under GDPR, CCPA/CPRA, and 2025 U.S. state laws (e.g., access, correction, deletion, opt-out from sales—though we do not sell data):

Access/Know: View your data and Tales in the App.
Correction: Update inaccurate information via settings.
Deletion/Erasure: Permanently delete account and data (including Coins/Tales) via App or email; irreversible.
Portability: Download Tales and data in a structured format.
Opt-Out: From automated processing or profiling (minimal in our App).

Exercise rights by contacting info@oneins.studio; we respond within statutory timelines (e.g., 45 days under CCPA/CPRA, extendable). For EU residents, you may lodge complaints with supervisory authorities.

‍

7. Security Measures

We implement industry-standard security, including encryption, access controls, firewalls, and regular audits, to protect against unauthorized access, breaches, or loss. AI processing occurs in secure environments. However, no system is infallible; we are not liable for breaches beyond our control. In case of a breach, we notify affected users and authorities as required by laws like GDPR (within 72 hours) and U.S. state breach notification statutes.

‍

8. Children’s Privacy

TaleTogether is for parents/guardians of children aged 0-10; we do not allow direct use by children under 13, complying with COPPA and similar laws. Parental consent is required for any child data (e.g., names/photos in Tales). We do not knowingly collect data from children without verifiable parental consent and delete such data if discovered. For users under 16 in certain jurisdictions (e.g., GDPR), additional safeguards apply. This protects minors while enabling family storytelling.

‍

9. International Data Transfers

Data may be transferred to the U.S. or other countries via Third-Party Services. For EU/UK users, we use Standard Contractual Clauses or other GDPR-approved mechanisms. Transfers comply with emerging regulations like the EU Data Act (effective September 2025) for data sharing in connected services. We ensure equivalent protection levels.

‍

10. Cookies and Tracking Technologies

The App does not use cookies, trackers, or analytics for behavioral advertising. Third-Party Services may employ them under their policies; manage via device settings. If introduced, we will obtain consent where required (e.g., under GDPR ePrivacy Directive).

‍

11. AI and Automated Decision-Making

Tales are generated via AI; we ensure transparency in processing. No solely automated decisions with legal effects occur. AI training uses anonymized data only, complying with the EU AI Act and U.S. guidelines on AI privacy risks.

‍

12. Data Breach Notification

In the event of a data breach impacting Personal Data, we will notify you without undue delay if it poses high risk, including details and mitigation steps, as mandated by GDPR, CCPA/CPRA, and 2025 U.S. state laws.

‍

13. Changes to the Privacy Policy

We may update this Policy to reflect legal changes (e.g., new 2025 regulations) or App enhancements. Material changes will be notified via in-App alerts or email at least 30 days in advance. Continued use constitutes acceptance. Check for updates; effective date noted above.

‍

14. Contact Information

For questions, rights exercises, or complaints, contact:
Email: info@oneins.studio
Phone: +1 (754) 222-4516