This Privacy Policy explains how Storytempo ("we," "us," "our") handles personal information when you use our websites, applications, and related services (the "Service"). It is separate from our Terms of Service and separate from our Cookie Policy.
If you do not agree with this Policy, please do not use the Service.
We operate Storytempo, a narrative structure tool for creators.
Questions or privacy requests: contact us.
If you are in the EU/EEA/UK, you can use the same contact for data rights requests (see §10).
Account details: email, password (hashed), display name.
Content you submit ("Customer Content"): story structures, scenes, narrative outlines, project data, and any other content you create using the Service.
Support & feedback: emails or messages you send us.
Usage & device data: pages/screens viewed, feature usage, timestamps, referrer, IP address, device/browser type, crash/performance logs.
If you connect third-party tools, we receive only the data needed to provide that integration.
Please avoid uploading sensitive personal data unless necessary and lawful.
Provide the Service (account, core functionality). (Legal basis: contract; legitimate interests)
Maintain & improve reliability, safety, and performance (debugging, analytics, quality). (Legitimate interests)
Security & abuse prevention. (Legitimate interests; legal obligations)
Service communications (e.g., changes to features or policies, support replies). (Contract; legitimate interests)
Legal compliance. (Legal obligations)
We do not sell personal information and we do not "share" it for cross-context behavioral advertising.
Processors/Service providers: e.g., cloud hosting, analytics, email/support, and payments—under contracts limiting their use to our instructions.
Legal/safety: to comply with law, enforce our terms, or protect rights and security.
Business transfers: in a merger, acquisition, or asset sale, data may transfer; we'll notify you where required.
We do not sell personal information.
We keep personal data only as long as needed to run the Service, for legitimate business needs (e.g., security, accounting), and to meet legal obligations. Examples:
Account data: while your account is active and a reasonable period after closure (e.g., 30–90 days).
Customer Content: while your account is active; deleted within a reasonable period after you remove it or close your account, subject to backups kept for limited durations.
Logs/analytics: retained for short to moderate periods for reliability and security.
We use reasonable administrative, technical, and physical safeguards to protect personal data. No system is 100% secure. You are responsible for keeping your credentials confidential.
We may process data in countries outside your own. Where required (e.g., EU/EEA/UK), we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) when transferring data to processors in third countries.
The Service is not directed to children under 13 (or 16 in some regions). We do not knowingly collect children's data. If you believe a child provided personal data, contact us to request deletion.
Depending on your location, you may have rights to access, rectify, delete, restrict, port, or object to certain processing.
Residents of certain U.S. states may have additional rights (e.g., access, correction, deletion, portability; opt-out of "sale"/"sharing"—not applicable here as we do not sell/share).
To make a request, contact us. We may need to verify your identity. Authorized agents can submit requests with proper authorization.
The Service may link to third-party sites or services. Their privacy practices are governed by their own policies.
We may update this Policy. If changes are material, we will notify you in the Service or by email and update the "Last Updated" date. Continued use after changes take effect means you accept the updated Policy.
Questions, requests, or complaints: contact us.
EU/EEA/UK users may also contact their local data protection authority.