Privacy Policy
Last Updated: [INSERT DATE]
1. Introduction
Welcome to Story Threads. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our family storytelling and narrative therapy application.
Your Privacy Matters: We are committed to protecting your mental health data with the highest levels of security and privacy. Your personal thoughts, assessments, and progress data are treated with the utmost confidentiality.
2. Information We Collect
2.1 Personal Information
Depending on your chosen registration method, we may collect:
- Anonymous Registration: Nickname and encrypted password only
- Email Registration: Email address, username, and encrypted password
- Google Authentication: Email address, name, and profile picture from Google
2.2 Mental Health Data
When you use our Service, we store:
- Self-assessment responses and results
- Module progress and completion data
- Personal reflections and self-talk entries
- Goal-setting and progress tracking information
- Daily check-in responses
2.3 Technical Information
We automatically collect certain technical information:
- Device information (type, operating system, browser)
- Usage statistics (features used, time spent)
- Error logs and crash reports
- IP address and general location (for security purposes)
3. How We Use Your Information
3.1 Primary Uses
- Service Delivery: Provide personalized mental health tools and track your progress
- Account Management: Maintain your account and provide customer support
- Data Synchronization: Sync your data across devices (registered users only)
- Progress Tracking: Generate insights and recommendations based on your usage
3.2 Service Improvement
- Analyze usage patterns to improve our features (anonymized data only)
- Identify and fix technical issues
- Develop new features and content
4. Data Storage and Security
4.1 Storage Options
| Storage Type |
Location |
Encryption |
Access |
| Local Storage |
Your device only |
256-bit AES |
You only |
| Cloud Storage |
Firebase servers |
End-to-end encrypted |
You only |
4.2 Security Measures
- Encryption: All data is encrypted both in transit and at rest
- Access Controls: Strict access controls and authentication
- Regular Audits: Routine security audits and vulnerability assessments
- Data Minimization: We only collect data necessary for service functionality
Important: While we implement robust security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using industry-standard practices.
5. Data Sharing and Disclosure
5.1 We Do NOT Share Your Personal Data
We do not sell, trade, or otherwise transfer your personal mental health data to third parties. Your private thoughts, assessments, and progress remain confidential.
5.2 Limited Exceptions
We may disclose your information only in these specific circumstances:
- Legal Requirements: When required by law or court order
- Safety Concerns: To prevent harm to yourself or others
- Service Providers: To trusted third parties who assist in operating our service (under strict confidentiality agreements)
5.3 Anonymous Analytics
We may share anonymized, aggregated data that cannot be used to identify you for research and improvement purposes.
6. Your Privacy Rights
6.1 Access and Control
You have the right to:
- Access: View all data we have about you
- Download: Export your data in a portable format
- Correct: Update or correct your personal information
- Delete: Request deletion of your account and all associated data
- Restrict: Limit how we process your data
6.2 Data Portability
You can export your data at any time through our built-in export feature. Your data will be provided in JSON format, making it easy to import into other applications.
7. Cookies and Tracking
We use minimal cookies and tracking technologies:
- Essential Cookies: Required for basic functionality (authentication, preferences)
- Analytics Cookies: Optional cookies for understanding usage patterns (you can opt out)
- No Advertising Cookies: We do not use cookies for advertising purposes
8. Children's Privacy
Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
9. International Users
If you are accessing our Service from outside [COUNTRY], please note that your information may be transferred to, stored, and processed in [COUNTRY] where our servers are located. By using our Service, you consent to this transfer.
10. Data Retention
We retain your data according to your preferences:
- Active Accounts: Data is retained while your account is active
- Inactive Accounts: Data may be deleted after [TIME PERIOD] of inactivity
- Deleted Accounts: Data is permanently deleted within 30 days of account deletion
- Legal Requirements: Some data may be retained longer if required by law
11. Third-Party Services
Our Service integrates with these third-party services:
- Firebase (Google): For authentication and cloud storage
- Google Analytics: For optional usage analytics (you can opt out)
These services have their own privacy policies that govern their use of your information.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date
- Providing notice through our Service or via email for material changes
13. Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us:
We will respond to your inquiry within 30 days.
← Back to Registration