Privacy Policy

1. Who We Are

Labeebee is a sleep science-informed mobile app that generates personalized bedtime stories for children ages 3-10 using AI technology. We are committed to protecting your family's privacy and are fully compliant with the Children's Online Privacy Protection Act (COPPA).

Operator Information:

• Legal Name: A.C.N. 640 377 457 PTY LTD
• Physical Address: PO Box 95 TAMBORINE, QLD 4270
• Email: support@labeebee.app
• Phone: 02 8000 0269
• Website: https://labeebee.app

This Privacy Policy describes how we collect, use, and protect personal information when you use Labeebee. By creating an account or using our app, you agree to this Privacy Policy.

2. Information We Collect

We collect only the minimum information necessary to provide our personalized bedtime story service. We distinguish between data we collect about parents (account holders) and data about children.

Child Data

• Nickname: Text input entered by parent (never legal name or full name)
• Age Bracket: Selected from ranges (3-5, 6-8, 9-10, 11-14) - we do NOT collect date of birth
• Gender: Optional, used only for pronoun selection in stories (he/him, she/her, they/them)
• Avatar Emoji: Emoji character selected for profile picture
• Story Preferences: Ratings (love/like/not-for-me) on reference stories to personalize future story generation
• Cultural Preferences: Skin tone, family structure, and character appearance options for diverse representation in stories
• Character Creations: Custom characters created by parent including name, type (person/animal/magical), traits, gender, role, and appearance
• Character Appearance Details: Skin tone, hair style/color, cultural markers for diverse representation
• Generated Story Metadata: Title, theme, structure type, language, and timestamp of stories we create for your child
• Multi-Chapter Story Metadata: Series ID, chapter numbers, completion status, "Previously on..." recap data
• Audio Playback Progress: Resume position for story playback
• Story Ratings: 1-5 star ratings to improve future recommendations
• Voice Recordings: Parent voice recordings for voice cloning (Premium/Family tier only)
• Demo Story Access: No personal data collected for 5 pre-generated demo stories

Parent Data

• Email Address: For authentication and account recovery
• Authentication Identifier: Firebase UID (pseudonymous identifier, not personally identifiable)
• Subscription Status: Trial status, premium/family plan status, trial extension history
• Payment Transaction IDs: Processed by Apple/Google (not stored by Labeebee directly)
• Free Tier Usage: Counter tracking stories remaining this month (for free tier users)

Technical Data

• IP Address: Temporary, collected only for authentication security (not stored long-term)
• Device Information: Device type and operating system version (for app functionality and compatibility)
• App Version: Version number of Labeebee installed
• Error Logs: Aggregated crash reports and error logs (no personal identifiers included)

What We Do NOT Collect:

• Child's legal name or full name
• Date of birth (only age bracket)
• Home address or physical location
• Photos or images of children
• Precise geolocation data
• Contact lists or social connections
• Behavioral tracking across apps or websites

3. How We Use Information

We use the collected information solely to provide and improve the Labeebee service. Here's how each type of data is used:

Additional Uses:

• Anti-Repetition Tracking: Story structures used in last 30 days to prevent repetitive narratives
• Offline Audio Caching: Audio files stored locally on device (user-controlled via Settings → Clear Cache)
• Multi-Chapter Story Generation: Lazy chapter generation with recap data from previous chapters

Important: We do NOT use your child's information for:

• Third-party advertising or behavioral tracking
• Selling or renting data to data brokers
• Building user profiles for marketing purposes
• Sharing with social media platforms

4. Third-Party Services

To provide our personalized bedtime story service, we use the following trusted third-party services. Each has been vetted for COPPA compliance and data protection.

1. Firebase (Google LLC)

• Purpose: Secure authentication for parent accounts
• Data Shared: Parent email address, authentication UID
• Privacy Policy: firebase.google.com/support/privacy
• COPPA Compliance: Yes (no child data processed by Firebase)
• Data Location: Google Cloud (multi-region)

2. Supabase (Supabase Inc.)

• Purpose: Encrypted database and cloud storage for all user data
• Data Shared: All user data listed in Section 2
• Privacy Policy: supabase.com/privacy
• COPPA Compliance: Yes (Data Processing Agreement in place)
• Data Location: US-based servers (AWS us-east-1)

3. Anthropic Claude API (Anthropic PBC)

• Purpose: AI-powered personalized story generation
• Data Shared: Child's nickname, age bracket, character details, story preferences, cultural preferences
• Privacy Policy: anthropic.com/privacy
• COPPA Compliance: Yes
• Data Retention: Story prompts are NOT used for model training per Anthropic's commercial API policy
• Important: Your child's nickname appears in story text sent to Anthropic for generation

4. ElevenLabs (ElevenLabs Inc.) or PlayHT

• Purpose: Professional voice narration (text-to-speech) and voice cloning
• Data Shared: Story text (may contain child's nickname), parent voice recordings (Premium/Family tier only)
• Privacy Policy: elevenlabs.io/privacy or play.ht/privacy
• COPPA Compliance: Yes
• Data Retention: Input text is NOT retained after audio generation
• Voice Cloning (NOW AVAILABLE): Premium and Family subscribers can clone parent voices. 25 professional stock voices available for all tiers (diverse ages, genders, accents). Voice invitation portal allows family members to record remotely.

5. RevenueCat (RevenueCat Inc.)

• Purpose: Subscription and payment management
• Data Shared: Firebase UID (pseudonymous), subscription status, transaction IDs
• Privacy Policy: revenuecat.com/privacy
• COPPA Compliance: Yes (no child data, parent account only)

We Do NOT Share Data With:

• Advertising networks (we never show third-party ads)
• Analytics services (no behavioral tracking SDKs installed)
• Data brokers (we never sell data)
• Social media platforms

5. Parental Rights Under COPPA

As a parent or legal guardian, you have full control over your child's personal information. Under COPPA, you have the right to:

1. Review Child's Personal Information

In-App Access:

1. Open Labeebee app
2. Navigate to Settings → Child Profiles
3. Tap on your child's profile
4. Tap "View Data" to see all stored information

Email Request:

• Send email to support@labeebee.app with "Data Access Request" in subject
• Include your registered email address
• Response time: Within 10 business days
• Format: JSON export or human-readable PDF

2. Delete Child's Personal Information

In-App Deletion (Recommended):

1. Open Labeebee app
2. Tap Settings (gear icon)
3. Tap Account section
4. Choose one of two options:
   • Delete Single Child Profile: Settings → Child Profiles → [Child Name] → Delete Profile
   • Delete Entire Account: Settings → Account → "Delete Account" (deletes all child profiles and all data)
5. Complete parent gate verification (math problem)
6. Review first warning:
   • ⚠️ If you have an active subscription, cancel it in the App Store/Play Store first
   • Deletion is permanent and cannot be undone
7. Confirm deletion by tapping "Delete Account"
8. Review final confirmation showing what will be deleted:
   • All child profiles and characters
   • All generated stories and audio files
   • All preferences and Story DNA data
   • Your account credentials (cannot be recovered)
9. Tap "Delete Forever" to confirm
10. Deletion completes immediately (typically within 30 seconds)
11. You will be automatically signed out

Email Request:

• Send email to support@labeebee.app with "Data Deletion Request" in subject
• Include your registered email address
• Response time: Confirmation within 10 business days

What Happens After Deletion:

• ✅ Immediate: Database records deleted (all child profiles, stories, characters, preferences)
• ✅ Immediate: Storage files deleted (story audio, voice clone samples)
• ✅ Immediate: Voice clone recordings and models deleted from ElevenLabs
• ✅ Immediate: Offline cached audio cleared from device storage
• ✅ Immediate: Firebase authentication account deleted
• ✅ Immediate: Automatic sign-out from the app
• ⚠️ Not Deleted: Previously generated story prompts sent to Anthropic API (retained per their commercial policy)
• ⚠️ Not Deleted: Audio generation logs sent to ElevenLabs/PlayHT (retained per their policies)
• 💳 Important: Active subscriptions are NOT cancelled automatically - you must cancel separately through App Store/Play Store to stop future charges
• 📧 RevenueCat: We attempt to notify RevenueCat of account deletion, but webhook failures are expected (you lose access even if subscription remains active)

GDPR/CCPA Compliance:

• Account deletion satisfies GDPR Article 17 "Right to be Forgotten" requirements
• Account deletion satisfies CCPA data deletion requirements
• All user data is permanently removed from Labeebee systems
• Third-party data retention (Anthropic, ElevenLabs, PlayHT) is governed by their respective privacy policies

3. Refuse Further Collection

• Stop using the app (no background data collection occurs when app is closed)
• Delete child profile to stop personalized story generation
• Downgrade to demo stories only (5 pre-generated stories, no child data required)

4. Modify Consent

• Edit child profile settings anytime in-app
• Reset Story DNA preferences: Settings → Child Profiles → [Child Name] → Reset Preferences
• Change or remove characters at any time

6. Data Retention Policy

• Active Accounts: Data retained indefinitely while account remains active and in use
• Inactive Accounts: Automatically deleted after 24 months of no login activity
• Deleted Accounts:
  • Live database deletion: Immediate
  • Backup retention: 90 days (disaster recovery only)
  • Permanent deletion: After 90 days
• Generated Stories: Retained until parent deletes or account is deleted
• Audio Files: Cached for 30 days after last playback, then auto-deleted (unless saved offline by user)
• Offline Cached Audio: Stored locally on device, cleared via Settings → Clear Cache
• Error Logs: 90 days retention, aggregated only (no personal identifiers)

To request immediate deletion at any time, email support@labeebee.app or use in-app deletion as described in Section 5.

7. Security Measures

We implement industry-standard security measures to protect your family's data:

• Encryption in Transit: All data transmitted over HTTPS with TLS 1.3 encryption
• Encryption at Rest: AES-256 encryption for all data stored in Supabase database
• Authentication Security: Firebase Auth with secure token verification
• Access Control: Parental authentication required for all child data access
• Employee Access: Restricted to authorized personnel only; all access is logged and audited
• Third-Party Agreements: Data Processing Agreements with all service providers (Firebase, Supabase, Anthropic, ElevenLabs, RevenueCat)
• Incident Response: Parents notified within 72 hours of any data breach affecting their account
• COPPA Compliance: We maintain a written information security program and written data retention policy as required by COPPA

Important: No security system is perfect. While we implement industry-standard protections, we cannot guarantee absolute security. If you suspect your account has been compromised, contact support@labeebee.app immediately.

8. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. All updates will be posted at https://labeebee.app/privacy with an updated "Last Updated" date.

For Material Changes Affecting Children's Data Collection:

• Email notification to parent account 30 days before changes take effect
• In-app notification banner upon next login
• Option to delete account if you disagree with changes

Continued use of Labeebee after changes take effect constitutes acceptance of the updated Privacy Policy.

9. Subscription Tiers & Features

Labeebee offers four subscription tiers to meet your family's needs:

Free Tier (Post-Trial)

• Price: $0
• Stories per month: 2 personalized stories
• Child profiles: 1
• Voice catalog: 5 basic voices
• Demo stories: 5 pre-generated stories (no account needed)

Standard Tier

• Price: $4.99/month or $39.99/year
• Stories per month: 140 minutes total listening time
• Child profiles: Up to 2
• Voice catalog: 20 voices
• Features: Custom characters, karaoke mode, offline downloads, 1 voice clone

Premium Tier

• Price: $9.99/month or $79.99/year
• Stories per month: Unlimited
• Child profiles: Up to 4
• Voice catalog: All voices
• Features: Everything in Standard, plus multi-chapter stories, 5 voice clones, priority generation

Family Tier

• Price: $14.99/month or $119.99/year
• Stories per month: Unlimited
• Child profiles: Up to 20
• Voice catalog: All voices
• Features: Everything in Premium, plus 4 parent accounts, shared library, 20 voice clones (shared pool)

7-Day Free Trial: Triggered when you create your first child profile. Full Premium access during trial. Optional 7-day extension for low-engagement users.

11. Demo Stories

Labeebee offers 5 pre-generated demo stories accessible without creating an account:

• No personal data collected: Demo stories feature generic characters ("Luna the Explorer", "Max the Brave")
• No authentication required: Accessible from welcome screen before signup
• Served from public endpoint: No child profile or parent account needed
• Purpose: Allow parents to evaluate story quality and experience before creating an account

12. Multi-Chapter Stories

Premium and Family tier subscribers can generate multi-chapter story series (3-7 chapters):

• Lazy generation: Chapters generated on-demand as child progresses through series
• Data handling: Same privacy protections as single stories
• Metadata collected: Series ID, chapter numbers, completion status, "Previously on..." recap data
• Offline access: Downloaded chapters cached locally (Premium/Family only)

13. Contact Us