Ficta LogoFICTA

Privacy Policy for Ficta

(Apple App Store + Google Play Families Compliant)

Effective Date: November 23, 2025

Last Updated: May 7, 2026

Ficta ("we," "our," "us") is committed to protecting the privacy of all of our users, especially children under the age of 13. This Privacy Policy explains how we collect, use, store, and safeguard data in our app, and describes the rights of parents and guardians under the Children's Online Privacy Protection Act (COPPA), as well as additional requirements for the Apple App Store, Google Play Store, and applicable international privacy laws such as GDPR Article 8.

If you are under the age of 13, you may only use our services with your parent's or guardian's express consent.

1. Information We Collect

Ficta collects only the minimum information needed for children to create and save stories. We intentionally avoid collecting unnecessary personal data.

1.1 Stories and Characters Created
We collect the stories and characters that users create within the app so they can be saved, edited, and accessed later.

1.2 Optional Creative Preferences
If users choose to share their favorite books, subjects, or hobbies, we collect that information to improve their experience.

1.3 Account Information
Users may sign in using Google Sign-In or Apple Sign-In. When they do, we receive a stable account identifier (not your full Google or Apple profile) and, optionally, an email address. We use this only to link your stories to your account across devices.

Users may also use the app without signing in. In this case, we assign an anonymous identifier to save your stories locally to your account. If you sign in later, your stories are carried over automatically.

1.4 Device Identifier
We generate and store a random device identifier (UUID) on your device. This identifier is used to associate your session with your saved content. It is not linked to your name, email, or any external advertising system.

1.5 Analytics
We use PostHog, a privacy-focused analytics tool, to understand how the app is being used and to improve its features. PostHog collects anonymous usage events (for example, "story started" or "character created"). It does not collect your name, email, or any content from your stories. PostHog does not use data from Ficta for advertising or cross-app tracking.

1.6 No Advertising or Behavioral Tracking
Ficta does not use advertising networks, cross-app identifiers, behavioral profiling tools, or advertising SDKs of any kind.

2. How We Use User Data

We use the limited information we collect only for the following purposes:

2.1 Saving and Syncing Content
To save stories and characters and make them available across sessions and devices.

2.2 Improving the App
We analyze anonymous usage patterns to enhance app features and fix issues.

2.3 Account Management
To link your content to your account when you sign in with Google or Apple.

2.4 No Sharing with Third Parties
Ficta does not share, sell, or disclose user information to third parties for advertising or commercial purposes. The only third-party services we use are:

  • Supabase — authentication and account management
  • PostHog — anonymous usage analytics
  • Cloudflare — infrastructure and data storage

Each of these services is contractually bound to protect user data and is not permitted to use it for their own commercial purposes.

3. Data Retention

Stories and characters created by users are stored securely on our servers.

  • Active users: Content is kept unless deleted by the user or parent.
  • Inactive users: Content is deleted after 18 months of inactivity.
  • Account deletion: When a user requests account deletion, their account enters a 30-day grace period during which they may cancel the deletion. After 30 days, all data — including stories, characters, and account information — is permanently deleted from our servers.
  • Parent or user request: We will initiate deletion within 7 days of receiving a verified deletion request. Full deletion completes within 30 days.

Parents or guardians may request deletion at any time by contacting us at ying@ficta.ai.

4. Data Security

We use reasonable physical, technical, and administrative safeguards to protect user data. This includes encryption in transit (HTTPS/TLS) and restricted access controls.

No method of electronic storage is 100% secure, but we take appropriate steps to protect user data from unauthorized access or disclosure.

5. Children's Privacy

Ficta is designed for children under 13, and we comply with:

  • COPPA (Children's Online Privacy Protection Act – U.S.)
  • Apple App Store Children's App Requirements
  • Google Play Families Policy
  • GDPR Article 8 (Children's Data – EU)
  • UK Data Protection Act

5.1 Parental Consent
We do not collect personal information from children under 13 without verifiable parental consent. Parental consent may be obtained through a parent-controlled email address or another legally accepted method.

If a child enters personal details (such as their name) in a story or character text field, we treat it as creative content and do not use it for identification.

6. Parent Rights

Parents and guardians have the following rights regarding their child's information:

Review & Access
Parents may request a copy of the data collected from their child.

Revoke Consent
Parents can revoke consent at any time, which will stop any further data collection.

Deletion of Data
Parents can request that all of their child's data be deleted. Deletion is initiated within 7 days and fully completed within 30 days.

7. How to Revoke Consent or Request Deletion

Parents or guardians may at any time:

  • Review the data we have collected
  • Revoke consent
  • Request deletion of their child's data

To submit a request, please contact us at: ying@ficta.ai

We will respond in accordance with COPPA, Apple, Google, and international requirements.

8. User-Generated Content (UGC)

Ficta allows children to create stories and characters for private use.

To comply with Apple and Google requirements:

  • All stories are private by default
  • Stories are not visible to other users
  • The app does not have chat, messaging, or social sharing features
  • Any export or sharing outside the app must be initiated by a parent

Because stories are not shared publicly, content moderation requirements for social features do not apply.

9. No Ads, No In-App Purchases

Ficta does not include:

  • Advertising
  • Behavioral tracking or cross-app identifiers
  • In-app purchases
  • Links to external apps without parental gates

This meets Apple "Kids Category" requirements and Google Play "Families" program standards.

10. International Users

For users in the European Union, United Kingdom, and other regions:

  • We only process children's data with parental consent
  • Parents may request deletion or revoke consent at any time
  • We comply with GDPR Article 8 and similar international laws

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make significant changes, we will:

  • Update the effective date
  • Post the updated policy in the app and on our website
  • Notify parents when required by law

12. Contact Us

If you have questions, concerns, or would like to exercise your rights, please contact:

Email: ying@ficta.ai

Website: https://ficta.ai