Privacy Policy
Effective 15 July 2026 · Applies to StarryTime version 1.x for Android
The short version: in this version of StarryTime, your story library — every story's words and audio — lives on your device, not in a cloud library. We process the details you type in (like a first name and interests) only to write and narrate your stories. There are no ads, no third-party analytics, and no advertising identifiers. You can delete your account and the data we hold at any time, from inside the app or from this website.
This policy is deliberately version-scoped: it describes what the current version of the app actually does. If a future version changes how data is handled (for example, an optional cloud backup), we will update this policy and the in-app summary before that version ships.
Who we are
StarryTime is made by Geniosity. For anything in this policy, contact us at support@starrytime.app — see the contact page.
What the app is
StarryTime generates original short children's stories on demand and narrates them with expressive, AI-generated audio. Story text and narration are produced by artificial-intelligence models based on the choices and text you provide. A parent or guardian creates and manages the account; the app is designed for family listening by children roughly aged 3–12.
What we process, and why
1. Account information
- Email address and sign-in identity (Google Sign-In or email & password), used to create and secure your account. Story generation is a paid service for us to run, so an account is required even on the free plan to prevent abuse.
- During sign-up we ask for a birth year to confirm an adult is creating the account. It is checked on your device during sign-up and is not stored.
2. Story inputs
When you create a story, you can provide:
- a listener's first name, age range (3–5, 6–8, or 9–12), and interests;
- an optional free-text story idea (up to 300 characters);
- your chosen story style, narration style, narrator voice, and length.
These are sent to our servers and used to write and narrate your story. To do that, they are shared with our AI providers — Anthropic (story text) and ElevenLabs (narration audio) — solely to fulfil your request. The app asks you to use first names only and to avoid putting personal details in the story idea; please follow that guidance.
3. Service records
- Story job records (your story inputs, job status, and error details) so the app can deliver your story and never charge a story credit twice for a failed generation.
- Usage counters (stories generated this month, story size metrics) to enforce the monthly story allowance on your plan and to monitor our costs.
- Subscription state from Google Play (whether your subscription is active), so premium features unlock. We never see your payment details — Google Play handles all billing.
- Story reports: if you report a story, we receive the story content, your reason, and your optional note so we can review it.
4. Crash reports
We use Firebase Crashlytics to learn about crashes so we can fix them. It is configured child-safe: advertising-ID collection is disabled and no personalised signals are gathered. We use no other analytics — the app contains no advertising SDKs and never touches the Android Advertising ID.
What stays on your device
- Your story library — all story text and narration audio.
- Listener profiles (a premium feature) — stored in the app's local database only.
- Your app settings and last-used story choices.
Generated narration audio is placed in our cloud storage just long enough for your device to download it (see retention below). After that, playback is entirely local. Android's automatic backup may back up the app's database and settings to your own Google account when you have device backup enabled; the audio folder is excluded from backup.
How long we keep things
| Data | Kept for |
|---|---|
| Generated audio in cloud storage | Deleted automatically about 7 days after generation (your device downloads it within moments in normal use) |
| Story job records | Deleted automatically about 30 days after creation |
| Account record & usage counters | For the life of your account |
| Subscription/purchase verification records | Retained as required for billing integrity and fraud prevention |
| Story reports | Until reviewed and resolved |
| Crash reports | Per Firebase Crashlytics' standard retention (90 days) |
When you delete a story in the app, it is removed from your device. Usage records connected to past generations are retained server-side for billing integrity and fraud prevention, as disclosed above.
Children
StarryTime is used by families with children, and we treat that with care:
- Accounts are created and operated by a parent or guardian. Children do not create accounts, and we do not knowingly collect personal information directly from children.
- The information a parent chooses to provide about a listener (first name, age range, interests) is used only to create the requested stories, as described above.
- There is no advertising of any kind, no advertising identifiers, and no selling of personal information — full stop.
- Story content is filtered against children's-content guardrails scaled to the chosen age range, and every story can be reported from the player for our review.
We aim to honour the spirit and letter of children's-privacy laws, including COPPA (United States) and the GDPR's rules for children (EU/UK). Whatever your local law, the practical promises above are the same for everyone.
Who we share data with
We share data only to run the service, with providers acting on our instructions:
| Provider | What | Why |
|---|---|---|
| Google Firebase | Account identity, service records, crash reports | Authentication, our database and storage, notifications, crash reporting |
| Anthropic | Story inputs (name, age range, interests, story idea) | Writing your story's text |
| ElevenLabs | The finished story text | Producing the narration audio |
| Google Play | Purchase tokens | Verifying subscriptions; Google Play handles all payment details |
We do not sell personal information, and we do not share it for advertising.
Security
All traffic between the app and our servers is encrypted in transit (TLS). Server access is locked down so that only our backend code — not other users, not the public — can read your records, and requests must come from a verified, unmodified copy of the app (Google Play Integrity attestation). On your device, the library is protected by Android's built-in device encryption.
Your rights & choices
- Delete your account and server data at any time — from the app (Grown-ups → Delete account) or via the account-deletion page. You choose whether the on-device library is kept or removed.
- Access or correct what we hold about you — email us and we'll help.
- Notifications are optional and requested in context; you can turn them off in system settings at any time.
Depending on where you live, you may have additional statutory rights (for example under the GDPR, UK GDPR, or your state or national privacy law), such as the right to access, rectify, delete, or port personal data, and the right to complain to a supervisory authority. We honour requests to the extent your local law provides; nothing in this policy limits those rights.
Changes to this policy
When we change this policy, we'll update the effective date above; for meaningful changes we'll also flag it in the app. Because the policy is version-scoped, new capabilities ship together with the policy text that covers them.
Contact
Questions, requests, or concerns: support@starrytime.app.