Privacy Policy
Last updated: May 7, 2026
Overview
OnBook ("the Service") is an iOS app that allows parents and guardians to create and preserve AI-generated storybooks for their children. By using the Service, you agree to this Privacy Policy.
This policy explains what information we collect, why we collect it, how long we retain it, what we share with third parties, and your rights as a user.
1. Information We Collect
1-1. Authentication Information
- Unique identifier from Sign in with Apple, processed via Firebase Authentication
- Email address provided by Apple at first sign-in (not stored on our servers after initial processing)
1-2. User Settings
- Author nickname (entered by the parent/guardian; always synced to iCloud KV Store for automatic cross-device synchronization)
- Child's age (optional, used to tailor story content)
- Hero name (entered during story creation; transmitted to Gemini API)
1-3. Storybook Content
- AI-generated story text and illustration images
- Voice narration recordings made by the parent/guardian (stored locally on device; backed up to Apple iCloud if iCloud Sync is enabled in Settings)
1-4. Purchase & Ink History
- In-app purchase (Ink Pack) history and current Ink balance
- App Store transaction identifiers (for receipt validation only)
- Coupon redemption history (code, rewarded Ink, redemption timestamp)
1-5. Safety Policy Violation Records
- When an inappropriate content request is detected, the timestamp of the violation and the ban expiry time are recorded (24-hour usage restriction applied)
- Used solely to identify the user and prevent service abuse
1-6. App Usage Data
- Key in-app interaction events such as story creation, book viewing, sharing, and store visits
- Firebase Installation ID (anonymous per-device identifier; cannot identify individuals)
1-7. Crash & Diagnostic Data
- Stack traces, OS version, and device model collected when the app crashes or encounters an error (via Firebase Crashlytics)
- No personally identifiable information is included in crash reports
2. How We Use Your Information
| Purpose | Data Used |
|---|
| User authentication and service provision | Authentication info, nickname |
| AI storybook generation | Child's age, hero name & gender, selected topic, special requests (sent to Gemini API) |
| Voice narration feature | Voice recordings |
| Payment processing and Ink management | Purchase history, Ink balance |
| Service quality improvement and bug fixes | Usage events, crash data |
| Cross-device synchronization | Storybook data, recordings (via iCloud) |
3. Third-Party Services
The Service uses the following third-party services. Each provider's own privacy policy also applies to the data it processes.
| Service | Provider | Role | Data Transmitted |
|---|
| Firebase Auth | Google | Sign-in authentication | Apple ID identifier |
| Firebase Firestore | Google | Account, Ink, and job data storage | Account info, Ink balance, generation job metadata |
| Firebase Storage | Google | Temporary storage of generated illustrations | AI-generated images (auto-deleted after 30 days) |
| Firebase Analytics | Google | Usage analytics | Anonymous events, Firebase Installation ID |
| Firebase Crashlytics | Google | Crash reporting | Stack traces, device info |
| Gemini API | Google | AI story generation | Child's age, hero name & gender, topic, special request text |
| RevenueCat | RevenueCat Inc. | In-app purchase processing | Transaction identifiers, product IDs |
| iCloud (CloudKit) | Apple | Cross-device sync | Storybook data, voice recordings |
| iCloud KV Store | Apple | Automatic nickname sync | Author nickname (synced regardless of iCloud Sync setting) |
Gemini API data transmission: We transmit only the minimum information required to generate a story — the child's age, hero name and gender, selected topic, and any optional special requests. This data is used solely for story generation and is not used to train AI models.
4. Children's Privacy
OnBook is designed for parents and guardians to use on behalf of their children. We do not knowingly collect personal information directly from children under the age of 13.
Any child-related information (such as the child's age) is entered by the parent or guardian and is used solely to personalize story content. We do not use children's information for third-party advertising or marketing purposes.
If you believe that information about a child has been collected inappropriately, please contact us at the address below and we will promptly delete it.
5. Data Retention & Deletion
- Server story data: Raw generation data is automatically deleted from our servers within 30 days. Finished books are retained only on-device and in iCloud.
- Account data: When you delete your account or disconnect your Apple ID, all personal data stored on our servers is deleted without delay.
- Local data (recordings, images): Files stored on your device are removed when you uninstall the app.
- Crashlytics data: Retained for 90 days per Google Firebase policy, then automatically deleted.
- Analytics data: Retained for up to 14 months per Google Firebase policy.
6. Your Rights
- Access & correction: You can view and update your nickname and other settings directly within the app.
- Deletion & account removal: Go to Settings → Delete Account to remove all personal data. Your Apple ID connection is also revoked at that time.
- Disable iCloud Sync: Turn off iCloud Sync in Settings to stop transmitting data to Apple iCloud.
- Limit analytics collection: You can limit ad tracking via iOS Settings → Privacy & Security → Apple Advertising.
7. Changes to This Policy
If we make material changes to this policy, we will notify you through an in-app notice or app update at least 7 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.