Privacy Policy

Last updated: January 1, 2024

Legal Notice: This is a template Privacy Policy. Please review with legal counsel before launching to production. Customize all sections to match your specific data practices, jurisdiction, and compliance requirements (GDPR, CCPA, etc.).

1. Introduction

StxryAI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our interactive fiction platform and services.

By using StxryAI, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: Username, email address, password (hashed), and profile information
  • Content: Stories, chapters, comments, reviews, and other content you create or post
  • Payment Information: Billing address, payment method details (processed by third-party payment processors)
  • Communications: Messages you send to us, support requests, and feedback
  • Preferences: Reading preferences, genre interests, and customization settings

2.2 Automatically Collected Information

When you use our Service, we automatically collect certain information, including:

  • Usage Data: Pages visited, features used, reading progress, time spent on pages
  • Device Information: Device type, operating system, browser type, IP address, device identifiers
  • Log Data: Access times, error logs, and performance data
  • Location Data: General location information (country/region level) based on IP address

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect information. See our Cookie Policy for more details.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Operation: To provide, maintain, and improve our Service
  • Account Management: To create and manage your account, process transactions, and send account-related communications
  • Content Delivery: To display your stories, enable reading features, and facilitate content discovery
  • Personalization: To personalize your experience, recommend content, and customize features
  • AI Services: To generate story content, provide writing assistance, and improve AI capabilities
  • Communication: To send you updates, newsletters, and respond to your inquiries
  • Analytics: To analyze usage patterns, improve our Service, and conduct research
  • Security: To detect, prevent, and address security issues and fraudulent activity
  • Legal Compliance: To comply with legal obligations and enforce our Terms of Service

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Public Content

Content you publish on StxryAI (stories, comments, reviews) is publicly visible and may be shared, indexed by search engines, and accessed by other users.

4.2 Service Providers

We share information with third-party service providers who perform services on our behalf:

  • Hosting & Infrastructure: Supabase (database and authentication)
  • Payment Processing: Stripe (payment transactions)
  • AI Services: Anthropic, OpenAI (AI content generation)
  • Analytics: Google Analytics, PostHog (usage analytics)
  • Email Services: Resend (transactional emails)
  • Advertising: Google AdSense (ad serving for free users)

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users or others.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.

4.5 With Your Consent

We may share information with your explicit consent or at your direction.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Secure authentication and access controls
  • Regular security assessments and updates
  • Limited access to personal information on a need-to-know basis

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our Service to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain business records

When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal purposes. Public content may remain visible if it has been shared or referenced by others.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

7.1 Access and Portability

You can access and download your personal data through your account settings or by contacting us.

7.2 Correction

You can update your account information and preferences through your account settings.

7.3 Deletion

You can delete your account and request deletion of your personal information, subject to legal retention requirements.

7.4 Objection and Restriction

You can object to certain processing of your information or request restriction of processing in certain circumstances.

7.5 Opt-Out

You can opt out of marketing communications by using the unsubscribe link in emails or adjusting your notification preferences in account settings.

7.6 Cookie Preferences

You can manage cookie preferences through your browser settings. See our Cookie Policy for details.

To exercise these rights, contact us at privacy@stxryai.com. We will respond to your request within 30 days (or as required by applicable law).

8. Children's Privacy

StxryAI is designed to be family-friendly and welcomes users of all ages. For users under 13 (or the age of majority in their jurisdiction), we:

  • Collect only information necessary to provide the Service
  • Do not knowingly collect personal information without parental consent where required
  • Provide age-appropriate content and features
  • Comply with applicable children's privacy laws (COPPA, GDPR-K, etc.)

Parents or guardians can review, request deletion of, or refuse further collection of their child's information by contacting us at privacy@stxryai.com.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

10. Third-Party Links and Services

Our Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Sending an email notification to registered users
  • Displaying a notice on our Service

Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@stxryai.com.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@stxryai.com.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

  • Email: privacy@stxryai.com
  • Support: support@stxryai.com
  • Data Protection Officer: dpo@stxryai.com