Privacy Policy

✓ No data collected · COPPA compliant

1. Overview

DynaStory is an educational storytelling app for children ages 3–8. It generates personalized stories on-device using Apple's FoundationModels framework. No data leaves your device. No accounts are required. No servers are involved in story creation or storage.

This Privacy Policy is issued by The Bright Harbor ("we", "us", or "our"), the publisher of DynaStory.

2. Information We Collect

None. DynaStory does not collect any personal information from you or your child. Specifically, we do not collect:

• Names, email addresses, or contact information — no accounts are created
• Location data — the app does not access your location
• Photos, videos, or camera data — the camera is never used
• Microphone or audio recordings — the microphone is never used
• Usage data or analytics — no analytics SDKs are included
• Device identifiers — no advertising identifiers are accessed
• Health or biometric data — no health data is collected

3. On-Device Processing

All story generation is performed entirely on your device using Apple's FoundationModels framework. This means:

• Story prompts and generated content are never sent to any external server
• No internet connection is required for story generation
• Apple's on-device AI processes the text locally using the device's Neural Engine
• We have no access to, and cannot retrieve, any story content

4. Local Data Storage

DynaStory uses Apple's SwiftData framework to store information locally on your device. This may include:

• Generated stories and story history
• Child profile preferences (age range, nickname, interests)
• App settings (voice selection, pacing, parental PIN)

All of this data remains on your device. It is never uploaded, synced, or transmitted. Deleting the app deletes all associated data. SwiftData is configured with cloudKitDatabase: .none — we do not use iCloud sync.

5. No Tracking or Analytics

The DynaStory iOS app contains:

• No analytics platforms (no Mixpanel, Amplitude, Firebase, PostHog, etc.)
• No advertising SDKs (no Google AdMob, Meta Audience Network, etc.)
• No third-party tracking of any kind
• No crash reporting that transmits data externally

We do not track how you use the app, which stories are generated, or how frequently the app is opened.

Note: The marketing website at thebrightharbor.com uses privacy-respecting analytics (PostHog) to understand visitor traffic. This is entirely separate from the app and does not apply to anyone using DynaStory on their device. You may opt out of site analytics via your browser's Do Not Track setting.

6. Children's Privacy (COPPA Compliance)

DynaStory is designed for children ages 3–8 and complies fully with the Children's Online Privacy Protection Act (COPPA, 16 C.F.R. Part 312).

Why COPPA is satisfied by design:

• We do not collect personal information from children — there is nothing to disclose
• No parental consent for data collection is required because no data is collected
• No data deletion requests are necessary because we hold no data
• The app has no social features, chat, or external communication
• No child can be identified through app usage

Under COPPA, the definition of "personal information" includes online contact information, persistent identifiers, geolocation data, photos, videos, and audio recordings. DynaStory collects none of these.

7. Parental Controls

DynaStory includes a PIN-protected Parent Dashboard that allows parents and guardians to:

• Review generated story history and child progress
• Adjust voice, pacing, and content settings
• Enable or disable the story wizard
• Reset the child's profile and delete all local data

The parental PIN is stored securely in the device's Keychain and is never transmitted.

8. Apple Frameworks We Use

DynaStory uses only first-party Apple frameworks:

• FoundationModels — on-device AI for story generation (Apple's Private Cloud Compute does not apply; processing is fully on-device)
• SwiftData — local data persistence (cloudKitDatabase: .none)
• AVFoundation — text-to-speech narration (on-device voices)
• Keychain — secure storage of the parental PIN

No third-party services, SDKs, or APIs are bundled into DynaStory.

9. Data Security

Since all app data is stored locally on the user's device, data security is governed by Apple's platform-level protections:

• Data is encrypted at rest by iOS/iPadOS (Full Disk Encryption)
• The parental PIN is stored in the iOS Keychain
• No data is transmitted over any network, eliminating network-based security risks

10. GDPR / UK-GDPR

Because DynaStory does not collect, process, or transmit any personal data, most GDPR and UK-GDPR obligations do not apply to the app itself. The Bright Harbor is not acting as a "controller" or "processor" of user data within the meaning of Article 4 GDPR with respect to DynaStory. If you have GDPR-related questions about our marketing website, contact us at the address below.

11. Changes to This Policy

If we add features that involve data collection in the future — such as optional cloud sync, analytics, or accounts — we will update this privacy policy before releasing those features and will clearly communicate any changes. Any future data collection would require explicit parental consent per COPPA.

12. Contact