← Back to Wisp

Privacy Policy

Last updated: March 30, 2025

1. Who We Are

Wisp (“we”, “us”, “our”) is an AI-powered interactive children’s story platform. We are committed to protecting the privacy of our users, especially children. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

2. Information We Collect

Account information

When you create an account we collect your email address and a hashed password. We do not require your real name to sign up.

Child profiles

You may create child profiles containing a first name (or nickname), age range, and story preferences. We use this information solely to personalise story content. We do not ask for a child’s surname, school, address, or any other identifying information.

Story and usage data

We store the stories, scenes, and choices generated during sessions so that you can revisit them later. Usage data (pages visited, features used) is collected by Vercel Analytics to help us improve the service.

Payment information

Subscription payments are processed by Stripe. We never see or store your full card details. Stripe may retain payment information in accordance with their own privacy policy.

3. How We Use Your Information

  • To provide and personalise the Wisp service.
  • To generate age-appropriate, safe story content via AI providers (Anthropic, OpenAI).
  • To produce narrated audio using ElevenLabs text-to-speech.
  • To manage your subscription and process payments via Stripe.
  • To send transactional emails (account confirmations, password resets). We do not send marketing emails without your explicit consent.
  • To monitor platform performance, fix bugs, and improve the service.

4. Third-Party Services

We use the following third-party services to operate Wisp:

  • Supabase — authentication and database hosting.
  • Anthropic / OpenAI — AI story generation. Story prompts and content may be transmitted to these providers to generate responses. We do not share account or profile data beyond what is necessary to generate content.
  • ElevenLabs — text-to-speech narration. Story text is transmitted to generate audio.
  • Stripe — payment processing.
  • Vercel — hosting, analytics, and performance monitoring.
  • Upstash — rate limiting to protect the service.

5. Children’s Privacy (COPPA / GDPR-K)

Wisp accounts are intended for adults (parents and guardians). Children do not create accounts directly — a parent or guardian creates and manages child profiles. We do not knowingly collect personal information directly from children under the age of 13 (or the applicable age threshold in your jurisdiction).

If you believe we have inadvertently collected personal information about a child without appropriate consent, please contact us immediately at privacy@wisp.app and we will delete it promptly.

6. Data Retention

We retain your account and story data for as long as your account is active. If you delete your account, your data is permanently removed from our systems within 30 days, except where we are legally required to retain certain records (e.g. billing records).

7. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data (“right to be forgotten”).
  • Object to or restrict certain processing.
  • Data portability.

To exercise any of these rights, email us at privacy@wisp.app.

8. Security

We use industry-standard measures to protect your data, including TLS encryption in transit, hashed passwords, and row-level security on our database. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top. Continued use of Wisp after changes are posted constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@wisp.app.