Privacy Policy

The short version

StoryMoments is built with privacy at its core. Your data is stored on your device. We don't have user accounts, we don't track you, and we don't sell your information. We built this app for families, and we treat your family's data the way we'd want ours treated.

Effective Date: 1 March 2026

1. Who We Are

StoryMoments is developed and operated by Kieren Hilton Dight, trading as Friendo Studio (ABN 72 270 437 127), based in New South Wales, Australia (“we”, “us”, or “our”). This Privacy Policy explains how we handle information when you use the StoryMoments mobile application (the “App”).

If you have questions about this policy, you can reach us at hello@friendo.studio.

2. Information We Collect

StoryMoments is designed to collect as little personal information as possible. Here's exactly what happens with your data:

Information stored on your device only:

  • Child profiles (name, age, nickname, interests)

  • Family member and friend names and relationships

  • Generated stories and story preferences

  • Saved characters and story feedback ratings

  • App settings and preferences

All of this information is stored locally on your device using Apple's SwiftData framework. We do not have access to it, and it never leaves your device except during story generation as described below.

Information shared during story generation:

When you generate a story, certain information from your child's profile is sent to our AI provider (Anthropic) so the story can be personalised. This includes the child's first name, age, interests, and the names of any family members or friends you've chosen to include in the story. This data is transmitted securely over an encrypted connection, routed through Cloudflare's infrastructure (which processes the data in transit but does not store it), and is used solely to generate your story.

Anthropic's data usage policies can be found at anthropic.com/privacy.

Information handled by Apple:

If you subscribe to StoryMoments Premium, your payment information is handled entirely by Apple through the App Store. We never see or store your payment details, credit card numbers, or Apple ID.

3. Information We Do NOT Collect

To be perfectly clear, we do not collect:

  • Email addresses or phone numbers

  • Location data

  • Device identifiers or advertising IDs

  • Photos, contacts, or other personal files

  • Cookies or web tracking of any kind

  • Individual user analytics or behavioural data

We do not use any third-party analytics services, advertising SDKs, or tracking tools within the App.

4. Children's Privacy

StoryMoments generates stories for children but is intended to be set up and operated by a parent or guardian. We take children’s privacy seriously.

  • We do not collect personal information directly from children. All profile information is entered by a parent or guardian and stored locally on the device.

  • We do not require children to provide any information to use the App.

  • Child profile data (name, age, interests) is only sent to our AI provider when a parent or guardian initiates story generation, solely for the purpose of personalising the story.

  • StoryMoments has no user accounts, no login system, and no server-side data collection. The App is designed so that a parent or guardian must set up profiles and initiate story generation, providing a parental gate by design.

StoryMoments is designed to be set up and operated by a parent or guardian, who provides consent for their child's data to be used for story generation by initiating the story creation process. We have designed StoryMoments with the principles of the U.S. Children’s Online Privacy Protection Act (COPPA), the UK Age Appropriate Design Code, and the Australian Privacy Act 1988 in mind. Because the App does not collect or store personal information on any server, many of the risks these laws address are minimised by our architecture. However, we acknowledge that child profile data is transmitted to a third-party AI provider during story generation, and we have designed this process to share the minimum information necessary.

If you believe a child has somehow provided us with personal information directly, please contact us at hello@friendo.studio and we will take steps to address it.

5. How We Use Information

The limited information involved in using StoryMoments is used exclusively for:

  • Story generation: Child profile details are sent to our AI provider to create personalised stories.

  • App functionality: Local data enables features like story libraries, character memory across stories, and personalised preferences.

  • Subscription management: Apple handles all subscription-related processing.

  • App improvement: Aggregated, anonymised analytics from Apple and Anthropic help us understand which features are used and identify technical issues.

We do not use your data for advertising, marketing, profiling, or any purpose beyond making the App work as described.

Legal basis for processing (for users in the EU/UK):

If you are located in the European Economic Area or United Kingdom, our legal basis for processing personal data is as follows:

  • Contract performance: When you use StoryMoments and initiate story generation, we process child profile data as necessary to provide the service you have requested (Article 6(1)(b) GDPR).

  • Legitimate interest: We process aggregated, anonymised analytics data to improve the App and maintain service quality (Article 6(1)(f) GDPR). This data does not identify you or your child.

  • Consent: By entering child profile information and initiating story generation, you as the child’s parent or guardian consent to the processing of your child’s data for this purpose (Article 8 GDPR). You may withdraw this consent at any time by deleting the child’s profile or ceasing to use the App.

6. Data Sharing and Third Parties

We share data with exactly three third parties, all essential for the App to function:

  • Cloudflare - provides the secure infrastructure through which story generation requests are routed. Child profile data passes through Cloudflare's global network in transit but is not stored by Cloudflare. Cloudflare processes this data under their privacy policy (cloudflare.com/privacypolicy) and Data Processing Addendum.

  • Anthropic - receives child profile details at the time of story generation in order to create personalised stories. Anthropic processes this data under their privacy policy and their current API terms state that data submitted via their API is not used to train their models (https://privacy.claude.com/en/articles/7996868-is-my-data-used-for-model-training)

  • Apple - handles subscription payments via the App Store. Apple processes this data under their own privacy policy.

We do not sell, rent, or share your personal information with any other third parties. We do not work with data brokers. We do not serve advertisements.

7. Data Storage and Security

All user data is stored locally on your device. We do not maintain our own servers or databases that hold your information.

Story generation requests are routed through Cloudflare's secure infrastructure before reaching our AI provider. Cloudflare processes this data in transit but does not store it. Data transmitted for story generation is sent over HTTPS (TLS-encrypted connections) at every stage.

8. Data Retention and Deletion

Since all data is stored on your device, you have complete control:

  • You can delete individual stories, characters, and profiles at any time within the App's settings.

  • The "Reset Account" option in Settings will permanently delete all profiles, stories, and data from the App. Your subscription status, managed by Apple, is not affected by this action.

  • Uninstalling the App will remove all locally stored data from your device.

8.1 Data Breach Notification

Because StoryMoments does not store personal data on any server, the risk of a data breach on our side is very low. However, in the unlikely event that we become aware of a data breach involving personal data transmitted to our AI provider during story generation, we will:

  • Investigate the nature and scope of the breach promptly.

  • Notify affected users as soon as practicable through the App, App Store listing, or our website.

  • Where required by law (including the Australian Notifiable Data Breaches scheme, GDPR, or other applicable legislation), notify the relevant regulatory authority within the required timeframe.

  • Take reasonable steps to contain and remediate the breach.

9. Your Rights

Because StoryMoments stores data locally and does not maintain user accounts or databases, most traditional data rights are fulfilled by design. You always have the ability to view, edit, and delete all of your data directly within the App.

For users in the European Economic Area or United Kingdom:

If you believe we hold any personal data about you (for example, through a support email you have sent us), you may exercise the following rights under the GDPR or UK GDPR by contacting us at hello@friendo.studio:

  • The right to access your personal data

  • The right to rectification (correction) of inaccurate data

  • The right to erasure (“right to be forgotten”)

  • The right to restrict processing

  • The right to data portability

  • The right to object to processing

  • The right to withdraw consent at any time

You also have the right to lodge a complaint with your local data protection supervisory authority. A list of EU/EEA supervisory authorities is available at edpb.europa.eu. For UK residents, the relevant authority is the Information Commissioner’s Office (ICO) at ico.org.uk.

We will respond to any rights request within 30 days.

For users in California:

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you have the right to know what personal information we collect, to request deletion, and to opt out of the sale or sharing of personal information. We do not “sell” or “share” personal information as defined by the CCPA/CPRA.

For users in Australia:

Under the Australian Privacy Act 1988, you have the right to access and correct personal information we hold about you. If you believe we have handled your information in a way that breaches the Australian Privacy Principles, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

10. International Data Transfers

When stories are generated, child profile data is transmitted through Cloudflare's global network and then to Anthropic, which may process this data in the United States. Cloudflare operates data centres worldwide, and your story generation request may be processed at the nearest available location before being forwarded to Anthropic.

These transfers are necessary to provide the story generation service. No personal data is stored by us internationally because we do not maintain any servers or databases.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Effective Date” at the top of this page.

For significant changes that materially affect how we collect, use, or share personal information, we will provide at least 14 days’ notice through the App where practical. Your continued use of the App after the updated Privacy Policy takes effect means you accept the changes.

We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or your data, please contact us:

Friendo Studio

Kieren Hilton Dight trading as Friendo Studio

ABN: 72 270 437 127
Email: hello@friendo.studio