Privacy Policy
1. Introduction
Welcome to Kimino Library. This Privacy Policy explains how Asuran Technologies ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you use our website, applications, and services (collectively, the "Service").
By using our Service, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date. Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
- Email address (required for account creation and communications)
- Display name (if provided through OAuth sign-in or account settings)
- Authentication credentials (managed securely by our authentication provider, Clerk)
- Language preference (to display content in your preferred language)
- Terms acceptance records (timestamp and version of terms you accepted)
2.2 User Content
When you use our Service to create stories, we collect:
- Story prompts and titles that you provide
- Reference photographs that you upload for character generation
- Consent confirmations related to uploaded images, including:
- Age verification (confirmation you are 18+)
- License grants for image processing
- Rights confirmations for depicted individuals
2.3 Generated Content
Our Service creates and stores:
- AI-generated stories (text content based on your prompts)
- AI-generated illustrations (images created for your stories)
- Character variants (when you edit or customize characters)
- Page edit history (modifications you make to generated content)
2.4 Payment Information
When you purchase credits, we collect:
- Transaction records (credit purchases, usage, and refunds)
- Purchase metadata (timestamps, amounts, package selections)
We do not store your payment card details. All payment processing is handled securely by our payment provider, Polar, which maintains its own privacy practices.
2.5 Usage Data and Analytics
We automatically collect:
- Page views and navigation patterns within the Service
- Feature usage events (wizard progress, story creation, editing actions)
- Authentication events (sign-in, sign-up activities)
- Purchase funnel interactions (checkout initiation, completion)
- Device information (browser type, operating system)
- IP address (for security and analytics purposes)
2.6 Communications
We collect information you provide when you:
- Contact us through our contact form (name, email, message)
- Share stories via email (recipient name and email address)
- Provide feedback through in-app feedback features
3. How We Use Your Information
We use your information to:
- Provide and operate the Service, including generating personalized storybooks
- Process your transactions and manage your credit balance
- Communicate with you about your account, purchases, and story completions
- Send shared stories to recipients you designate
- Improve and optimize our Service through analytics
- Ensure security and prevent fraud or abuse
- Comply with legal obligations and respond to lawful requests
- Enforce our Terms and Conditions
4. How We Share Your Information
4.1 Service Providers
We share your information with third-party service providers who help us operate the Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Clerk | Authentication | Email, name, OAuth tokens |
| Convex | Database hosting | Account and story data |
| PostHog | Analytics | Usage events, anonymized behavior data |
| Polar | Payment processing | Purchase transactions |
| Resend | Email delivery | Recipient emails, story share content |
| OpenRouter | AI Model Gateway | Story prompts, reference images |
4.2 AI Processing
To generate stories and illustrations, we share your content with AI service providers:
- Reference images you upload are processed by AI models to generate character illustrations
- Story prompts are processed to generate narrative content
- Your content may be routed through AI API services to various AI model providers for processing
Important: We do not use your uploaded images or content to train AI models. Your content is processed solely to generate your requested stories.
4.3 Legal Requirements
We may disclose your information if required by law, legal process, or government request, or when we believe disclosure is necessary to:
- Comply with applicable laws or regulations
- Protect our rights, privacy, safety, or property
- Protect the safety of our users or the public
- Investigate potential violations of our Terms and Conditions
4.4 Business Transfers
If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
5. Cookies and Tracking Technologies
5.1 Cookies We Use
First-Party Cookies:
story-teller-locale: Stores your language preference (expires after 1 year)
Third-Party Cookies:
- PostHog analytics cookies for understanding Service usage (only for authenticated users)
5.2 Local Storage
We use browser local storage for:
kimino_pending_terms_acceptance: Temporarily stores terms acceptance during authentication flow (cleared after processing)
5.3 Managing Cookies
You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of our Service.
6. Data Retention
We retain your information as follows:
- Account data: Retained while your account is active
- Story content and reference images: Retained to enable ongoing access to your created stories and future editing capabilities
- Transaction records: Retained for accounting and legal compliance purposes
- Analytics data: Retained in aggregated form for Service improvement
- Deleted stories: When you delete a story, it is marked as deleted but may be retained for a period before permanent removal
Reference Image Retention: Reference images you upload are retained to enable story editing features. Images associated with inactive accounts are automatically cleaned up after a period of inactivity.
If you wish to have your data deleted, please contact us at support@asurantech.com.au.
7. Your Rights and Choices
Depending on your location, you may have the following rights:
7.1 Access and Portability
You can view your stories and account information through your dashboard. If you need a copy of your data, please contact us.
7.2 Correction
You can update your account information through your account settings or by contacting us.
7.3 Deletion
You can delete individual stories through the Service. To request complete account deletion, please contact us at support@asurantech.com.au.
7.4 Opt-Out of Analytics
You can use browser privacy features or ad blockers to limit analytics tracking. Note that this does not affect essential Service functionality.
7.5 Communication Preferences
You can opt out of non-essential communications by contacting us or using unsubscribe links in our emails.
7.6 For Australian Residents
Under the Australian Privacy Principles, you have the right to:
- Access your personal information
- Request correction of inaccurate information
- Complain about privacy breaches to the Office of the Australian Information Commissioner (OAIC)
7.7 For EU/EEA Residents
Under the General Data Protection Regulation (GDPR), you have additional rights including:
- Right to erasure ("right to be forgotten")
- Right to data portability
- Right to restrict processing
- Right to object to processing
- Right to lodge a complaint with a supervisory authority
7.8 For California Residents
Under the California Consumer Privacy Act (CCPA), you have the right to:
- Know what personal information is collected
- Know whether your personal information is sold or disclosed
- Say no to the sale of personal information (we do not sell your data)
- Access your personal information
- Request deletion of your personal information
- Not be discriminated against for exercising your privacy rights
8. Data Security
We implement appropriate technical and organizational measures to protect your information, including:
- Encryption in transit: All data transmitted to and from our Service uses HTTPS/TLS encryption
- Secure authentication: User authentication is managed by Clerk, which implements industry-standard security practices
- Access controls: Access to user data is restricted to authorized personnel and systems
- Secure payment processing: Payment card data is handled exclusively by our PCI-compliant payment provider
While we strive to protect your information, no method of transmission or storage is 100% secure. If you have security concerns, please contact us immediately.
9. Children's Privacy
Our Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children under 18.
Regarding photos of minors: While users must be 18+ to use the Service, we permit parents and legal guardians to upload photos of their children for the purpose of creating personalized storybooks, as described in our Terms and Conditions. Parents and guardians are responsible for ensuring appropriate consent and use.
If we learn that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information promptly.
10. International Data Transfers
Our Service is operated from Australia. If you access the Service from outside Australia, your information may be transferred to, stored, and processed in Australia or other countries where our service providers operate.
By using our Service, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence. We ensure appropriate safeguards are in place for such transfers.
11. Third-Party Links
Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last updated" date at the top of this policy
- Notify you through the Service or via email for significant changes
Your continued use of the Service after changes are posted constitutes acceptance of the updated Privacy Policy.
13. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us at:
Asuran Technologies
Email: support@asurantech.com.au
For privacy-specific inquiries, you may also reach our privacy team at: privacy@asurantech.com.au
If you are not satisfied with our response to your privacy concern, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.