GDPR Compliance

General Data Protection Regulation Information

1. Our Commitment to GDPR

Stowly is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and what rights you have regarding your personal data.

The GDPR applies to all individuals in the European Union (EU) and European Economic Area (EEA), regardless of where the data processing takes place.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent (Article 6(1)(a))

For processing children's data and marketing communications, we rely on explicit consent from parents or guardians.

Contract Performance (Article 6(1)(b))

To provide our bedtime story generation service as requested by users.

Legitimate Interests (Article 6(1)(f))

For service improvement, security, and analytics, balanced against your privacy rights.

3. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right of Access

Request a copy of your personal data we hold

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data

Right to Restrict Processing

Limit how we use your data

Right to Data Portability

Receive your data in a structured format

Right to Object

Object to certain types of processing

4. Children's Data Protection

Special protection for children under 16 years old as required by GDPR Article 8.

  • We require parental consent for processing children's personal data
  • Parents can withdraw consent at any time
  • We implement additional safeguards for children's data
  • Age verification measures are in place where required
  • Children's data is processed with enhanced security measures

5. Data Processing Activities

Personal Data We Process

  • Child's first name and age range
  • Story preferences and interests
  • Parent/guardian email address
  • Usage data and analytics

Processing Purposes

  • Generating personalized bedtime stories
  • Improving AI algorithms and content quality
  • Providing customer support
  • Ensuring service security and safety

6. Data Transfers and Storage

  • Data may be transferred outside the EU/EEA with appropriate safeguards
  • We use Standard Contractual Clauses (SCCs) for international transfers
  • Data is stored with reputable cloud providers with GDPR compliance
  • Encryption is used for data in transit and at rest
  • Regular security assessments ensure ongoing protection

7. Data Retention

Retention Periods

  • Account Data: Retained while account is active plus 30 days
  • Generated Stories: Retained for 1 year or until deletion requested
  • Usage Analytics: Anonymized after 6 months
  • Support Communications: Retained for 2 years

8. Exercising Your Rights

To exercise any of your GDPR rights, please contact us using the information below. We will respond within 30 days of receiving your request.

You have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data appropriately.

9. Data Protection Officer

For questions about data protection and GDPR compliance, you can contact our Data Protection Officer:

Data Protection Officer
Email: dpo@caskcoded.com
Subject: GDPR Inquiry - Stowly

10. Updates to GDPR Compliance

We regularly review and update our GDPR compliance measures. Any material changes will be communicated through our Privacy Policy and this page. The last update date is shown at the top of this page.

11. Contact for GDPR Requests

For any GDPR-related requests or questions, please contact us:

GDPR Requests
Email: gdpr@caskcoded.com
Subject: GDPR Request - [Type of Request]
Website: https://caskcoded.com

Back to Stowly