Last Updated: January 08, 2025
Story UnFolds is a child-friendly app designed to provide fun and educational content for children and families. This comprehensive Privacy Policy explains our commitment to protecting user privacy, with special emphasis on children's safety and data protection.
- Applies to Story UnFolds mobile application
- Available on iOS and Android platforms
- Covers all users globally, with special provisions for children under 13
- Compliant with COPPA, GDPR, and App Store Guidelines Section 5.1.4 (Kids Category)
- Company: Story UnFolds, the developer of the application
- Service: The Story UnFolds mobile application
- Personal Data: Any information that can identify an individual
- Usage Data: Non-personal information about app interaction
- Parent/Guardian: Person with legal authority to consent for children under 13
- Child User: Any user under the age of 13
- Firebase Auth: Authentication service used for secure login
- Google AdMob: Advertisement platform with child-safety features
- Premium Status: User subscription level information
- Child-Directed Treatment: Special privacy protections for children
- Used exclusively for user authentication purposes
- Stores only essential account information:
* Authentication status
* Premium/Gold subscription status
* Account type (child or parent)
- No additional personal data stored
- Child-safety features enabled
- Regular security audits
- Compliance with COPPA requirements
We explicitly do not collect or store:
- IP addresses
- Device identifiers
- Location data
- Contact information
- Photos or media
- Microphone or camera data
- Biometric data
- Credit card information (handled securely by payment providers)
- Browsing history
- Device information
- Usage patterns
- Any other personal or identifying information
- Exclusive use of Google AdMob platform
- Child-directed treatment enabled
- COPPA compliance mode active
- Non-personalized ads only
- Age-appropriate content filters
- No behavioral targeting
- No data collection for advertising purposes
- No location-based targeting
- No remarketing or user profiling
Mandatory safety protocols:
- Human review of all advertisements
- Age-appropriate content verification
- Family-friendly creative content only
- Clear advertisement labeling
- No pop-ups or intrusive formats
- No autoplay media
- Frequency capping enabled
- Real-time content monitoring
- Immediate removal capability for inappropriate content
Strict prohibition of ads containing:
- Inappropriate themes or subjects
- Violence or frightening content
- Adult-oriented material
- Gambling or betting
- Unverified products
- External links without parental controls
- Social media promotions
- User tracking mechanisms
- AdMob Privacy Policy:
https://policies.google.com/privacy
- Child-Directed Service:
https://support.google.com/admob/answer/6219315
- COPPA Compliance: https://support.google.com/admob/answer/1217549
- EU User Consent Policy: https://www.google.com/about/company/user-consent-policy/
AdMob Implementation Details:
- Child-directed setting enabled
- Non-personalized ads only
- No remarketing
- No user profiling
- No data collection
- No third-party ad networks
- No mediation
- Regular compliance monitoring
1. Initial Registration:
- Parent email verification required
- Clear explanation of data practices
- Explicit consent options
- Age verification process
2. Consent Verification Methods:
- Email verification with secure link
- Account creation confirmation
- Privacy settings review
- Optional additional verification
3. Consent Coverage:
- Authentication data storage
- Premium status tracking
- Non-personalized ad display
- Usage analytics (anonymous)
1. Account Management:
- View child's account status
- Modify privacy settings
- Control ad settings
- Set usage time limits
- Restrict features
- Monitor activity (anonymous)
2. Privacy Controls:
- Toggle ad display
- Manage authentication settings
- Control external links
- Set content restrictions
- Review activity summary
3. Data Management:
- Request data review
- Update account information
- Delete account data
- Export account data (GDPR)
1. Firebase Auth Implementation:
- Secure login protocols
- Password protection
- Two-factor authentication option
- Session management
- Automatic timeout features
- Suspicious activity detection
2. Account Protection:
- Encrypted credentials
- Secure password recovery
- Login attempt monitoring
- Account lock protection
- Security notification system
1. Storage Security:
- End-to-end encryption
- Secure data transmission
- Regular security audits
- Access controls
- Data backup protocols
- Server security measures
2. Access Controls:
- Role-based permissions
- Admin access restrictions
- Regular security updates
- Activity logging
- Security monitoring
1. Safe Browsing:
- Restricted external links
- Content filtering
- Age-appropriate materials
- Controlled navigation
- Safe search features
2. Interaction Safety:
- No user-generated content
- No social features
- No chat functionality
- No file sharing
- No external communication
1. Data Minimization:
- Limited data collection
- Anonymous usage tracking
- No personal information storage
- No location tracking
- No behavior profiling
2. Access Controls:
- Parental oversight options
- Feature restrictions
- Content limitations
- Time management tools
- Usage monitoring
1. COPPA Compliance:
- Verifiable parental consent
- Limited data collection
- No personal information sharing
- Parental access rights
- Data deletion rights
2. GDPR Compliance:
- Data subject rights
- Privacy by design
- Data portability
- Right to erasure
- Transparent processing
1. iOS App Store:
- Section 5.1.4 Kids Category compliance
- Age-appropriate design
- Privacy-first approach
- Content guidelines
- Ad restrictions
2. Google Play:
- Families Policy compliance
- Child-appropriate content
- Ad safety measures
- Privacy requirements
- Security standards
1. Access Rights:
- Review child's data
- Monitor usage
- Control settings
- Manage permissions
- Request data export
2. Control Rights:
- Modify settings
- Restrict features
- Control content access
- Manage ad display
- Set time limits
1. Privacy Rights:
- Minimal data collection
- No tracking
- No profiling
- Safe browsing
- Content protection
2. Safety Measures:
- Age verification
- Content filtering
- Ad safety
- External link protection
- Usage monitoring
1. Storage Duration:
- Authentication data: Account duration only
- Premium status: Subscription period
- Usage data: 90 days (anonymized)
- Inactive accounts: 12 months max
2. Data Deletion:
- Automatic cleanup
- User-requested deletion
- Account termination
- Backup removal
- Complete erasure
1. Access Methods:
- Parent dashboard
- Account settings
- Privacy controls
- Data export tools
- Support requests
2. Access Controls:
- Authentication required
- Verification process
- Secure transmission
- Limited retention
- Audit logging
1. Authentication (Firebase):
- Google Firebase Auth only
- Limited data collection
- Secure transmission
- Privacy compliance
- Regular audits
2. Advertising (AdMob):
- Google AdMob only
- Child-directed settings
- Non-personalized ads
- Content verification
- Safety monitoring
1. Limited Integration:
- Essential services only
- Minimal data sharing
- Privacy requirements
- Security standards
- Regular review
2. Compliance Requirements:
- COPPA certification
- GDPR compliance
- Security standards
- Privacy policies
- Regular audits
- Firebase Privacy Policy:
https://firebase.google.com/support/privacy
- Terms of Service:
https://firebase.google.com/terms
- Data Processing and Security Terms: https://cloud.google.com/terms/data-processing-terms
- EU Data Protection: https://cloud.google.com/terms/eu-model-contract-clause
Firebase Data Usage:
- Authentication only
- No analytics collection
- No performance monitoring
- No crash reporting
- No dynamic links
- No cloud messaging
1. Infrastructure:
- Secure servers
- Encrypted transmission
- Firewall protection
- Access controls
- Regular updates
2. Monitoring:
- Security scanning
- Threat detection
- Incident response
- Performance monitoring
- System logging
1. Procedures:
- Security protocols
- Access policies
- Update procedures
- Backup processes
- Incident response
2. Staff Training:
- Privacy awareness
- Security protocols
- Data handling
- Incident response
- Regular updates
1. Response Protocol:
- Immediate investigation
- Parent notification
- Authority reporting
- Remediation steps
- Prevention measures
2. Communication:
- Incident notification
- Status updates
- Resolution details
- Prevention measures
- Follow-up actions
1. Emergency Response:
- 24/7 monitoring
- Rapid response team
- Parent support
- Technical assistance
- Issue resolution
2. Ongoing Support:
- Help desk
- Parent resources
- Technical guidance
- Regular updates
- Safety information
1. Update Process:
- Regular review
- Change notification
- User communication
- Implementation period
- Documentation
2. Version Control:
- Policy archiving
- Change tracking
- Version history
- Update logs
- Access to previous versions
1. Notification Methods:
- Email updates
- In-app notices
- Website posts
- Support channels
- Direct communication
2. Implementation:
- Grace period
- User acceptance
- Setting updates
- Feature adjustments
- Support guidance
1. Parent Resources:
- Privacy guides
- Safety tips
- Control tutorials
- Feature explanations
- Best practices
2. Safety Information:
- Online safety
- Privacy protection
- Content guidelines
- Ad awareness
- Security measures
1. Documentation:
- User guides
- FAQs
- Tutorial videos
- Help articles
- Safety tips
2. Updates:
- Regular newsletters
- Feature updates
- Safety alerts
- Policy changes
- Best practices
1. Interface Features:
- Screen reader support
- Voice control
- Text sizing
- Color contrast
- Navigation aids
2. Content Accessibility:
- Alt text
- Captions
- Audio descriptions
- Keyboard navigation
- Touch optimization
1. Assistance Features:
- Help guides
- Tutorial modes
- Support options
- Feedback channels
- Accessibility tools
2. Customization:
- Display settings
- Audio settings
- Control options
- Interface adjustments
- User preferences
- Email: [email protected]
- Website:
https://www.thestoryunfolds.com/contact/
- Response Time: Within 48 hours
- Support Hours: Monday to Friday, 9 AM - 6 PM EST
- Languages: English
a. Age Restrictions and Verification
- App is designed for ages 4+
- No account creation without parental verification
- Age-gate implementation
- Birth date verification process
- Parental consent verification
b. Data Processing Locations
- Server locations
- Data transfer mechanisms
- International data protection standards
- Cross-border data transfer safeguards
c. Specific Ad Content Guidelines
- Educational content only
- No food or beverage advertisements
- No toy advertisements
- No entertainment media advertisements
- No app store advertisements
- No game advertisements
d. Technical Implementation Details
- SSL/TLS encryption for all data transmission
- Database encryption standards
- Authentication protocols
- Session management
- API security measures
a. App Tracking Transparency
- No tracking implementation
- No IDFA collection
- No cross-app tracking
- No device fingerprinting
b. Kids Category Compliance
- No external links
- No in-app purchases
- No unmoderated content
- No third-party analytics
- Protected outbound links
1. Urgent Issues:
- Priority response for safety concerns
- 24/7 monitoring for critical issues
- Dedicated parent support line
- Emergency response team
- Immediate assistance
2. Escalation Process:
- Safety issue prioritization
- Rapid response protocol
- Parent notification system
- Authority reporting
- Follow-up procedures
This comprehensive privacy policy was last updated on January 08, 2025. We maintain our commitment to protecting children's privacy and safety while providing an engaging and educational experience. Regular reviews and updates ensure continued compliance with all applicable regulations and best practices in children's online privacy protection.