Dreamtime (βweβ, βusβ, βourβ) is committed to protecting the privacy of you and your family. This policy explains what personal data we collect, how we use it, and your rights under UK GDPR.
If you have any questions, contact us at privacy@trydreamtime.com.
1. Who we are
Dreamtime is an AI-powered bedtime story service. We are the data controller for all personal data collected through our app and website.
2. What data we collect
Account data
- Email address and password (hashed) used to create your account
- Household name and timezone
- Subscription and billing status (payment details are held by our payment processor, not us)
Children's data
- First name and date of birth for each child you add
- Story theme and value preferences you select for each child
We do not collect any data directly from children. All children's data is provided by the parent or guardian managing the account. We treat children's data with heightened care and do not use it for any purpose other than generating personalised stories.
Usage data
- Stories generated and read (to power streaks and progress tracking)
- App interactions (to improve the service)
- Device type and OS version (for technical support)
3. How we use your data
- Story generation β children's names, ages, and preferences are sent to our AI provider (Anthropic) to generate personalised stories. No data is stored by Anthropic beyond what is needed to fulfil the request.
- Illustration generation β illustration prompts (which contain no personal data) are sent to our image generation provider (Fal AI).
- Audio narration β story text is sent to our text-to-speech provider (Inworld AI) to generate audio. No personal data is included in these requests.
- Account management β to provide, maintain, and improve the service.
- Communication β to send service-related emails (e.g. password resets). We will only send marketing emails if you have opted in.
- Billing β subscription management via our payment processor.
4. Legal basis for processing
- Contract β processing necessary to provide the service you have subscribed to.
- Legitimate interests β improving our service, fraud prevention, and security.
- Legal obligation β where we are required to retain data by law.
5. Data sharing
We do not sell your personal data. We share data only with the third-party service providers needed to operate Dreamtime:
- Supabase β database and file storage (EU region)
- Anthropic β AI story generation
- Fal AI β illustration generation
- Inworld AI β audio narration
- Stripe β payment processing
All providers are bound by data processing agreements and are prohibited from using your data for their own purposes.
6. Data retention
- Account and household data is retained for as long as your account is active.
- Generated stories and audio are retained indefinitely so your library remains accessible.
- After account deletion, all personal data is removed within 30 days, except where retention is required by law (e.g. billing records for 7 years).
7. Your rights
Under UK GDPR you have the right to:
- Access β request a copy of the personal data we hold about you.
- Rectification β ask us to correct inaccurate data.
- Erasure β request deletion of your data (βright to be forgottenβ).
- Restriction β ask us to limit how we process your data.
- Portability β receive your data in a structured, machine-readable format.
- Objection β object to processing based on legitimate interests.
To exercise any of these rights, email privacy@trydreamtime.com. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).
8. Cookies
Our website uses only essential cookies required for authentication and session management. We do not use tracking or advertising cookies.
9. Security
We use industry-standard security measures including encryption in transit (TLS) and at rest, access controls, and regular security reviews. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security but will notify you promptly in the event of a data breach.
10. Changes to this policy
We may update this policy from time to time. We will notify you of material changes by email or in-app notification. Continued use of Dreamtime after changes take effect constitutes acceptance of the revised policy.
Questions? Email us at privacy@trydreamtime.com.