Privacy Policy

1. Introduction

again, operated by OneMore LLC, a Florida limited liability company, is an AI-powered children's storybook app designed for parents and guardians to use with their children. Accounts must be created and verified by a parent or legal guardian who is at least 18 years of age. This Privacy Policy describes what information we collect, how we use it, and your rights regarding your data.

By using again ("the Service"), you consent to the practices described in this policy.

We do not sell personal information.

2. Information We Collect

Information You Provide

• Account information: email address and password (your password is securely hashed and never stored in plain text)
• Profile information: first name and last name (optional; collected after first payment)
• Content target age range: a content preference setting (such as 3–5, 4–8, or 7–10) that adjusts story vocabulary and themes — this is not a child's personal information
• Story content: text prompts, story direction choices, and custom prompts you enter
• Payment information: payment card details are processed entirely by Stripe and never touch our servers. We store your Stripe Customer ID and transaction identifiers for billing records and traceability.
• Communications: feedback, support requests, and any messages you send us
• Consent records: timestamps of Terms of Use and Privacy Policy acceptance, and your marketing opt-in preference

Information Collected Automatically

• Usage analytics: page views, feature usage, and session data (via Google Analytics with advertising features disabled)
• Device information: browser type, operating system, and screen size — collected alongside a pseudonymous user identifier for authenticated users, and anonymously for unauthenticated visitors
• Geographic data: general location (country, region, city) derived from IP address
• Error data: application errors and performance data (via Sentry — no personally identifiable information collected, IP addresses stripped)
• Cookies: session cookies for authentication and analytics cookies (Google Analytics with advertising features disabled)

Information We Do Not Collect

• Children's names, ages, photos, or personal information — however, if you include such details in story prompts, they will be stored and processed as part of your story content (see Section 5)
• Payment card numbers, bank accounts, or financial account details (Stripe handles this)
• Precise location data (we collect only general geographic data derived from IP address)
• Contacts, calendar, or other device data
• Biometric data

3. How We Use Your Information

• Provide the Service: create and manage your account, generate stories, process payments, and deliver transactional emails
• Improve the Service: analyze usage patterns, diagnose errors, and measure feature effectiveness (internal operations only)
• Communicate with you: We send service-related communications to all users, including transactional emails (verification, password reset), important product updates, and changes to features, pricing, or terms that affect your use. If you opt in to marketing communications, we may also contact you about surveys, research opportunities, and promotional offers.
• Ensure safety: moderate content for age-appropriateness and enforce content standards. Custom story prompts that are flagged by our automated moderation system are logged for safety auditing, false-positive tuning, and abuse detection. These logs include the prompt text and are associated with your account.
• Legal compliance: maintain financial records, respond to legal requests, and enforce our Terms.

4. How We Share Your Information

We do not sell your personal information.

We share information with the following categories of service providers, solely to operate and improve the Service:

• AI service providers: Story prompts and content preferences are sent to OpenAI (text generation and content moderation) and Runway (image and video generation) to operate the Service. These providers process data under their own terms and privacy policies.
• Payment processor: Stripe processes payments under its own privacy policy. We share your email and Stripe Customer ID with Stripe for this purpose.
• Email service: Resend delivers transactional emails. We share your email address with Resend for this purpose.
• Analytics: Google Analytics receives usage data with advertising features disabled. We use Google Analytics strictly for internal measurement of site usage and performance. Vercel Analytics collects anonymized performance data.
• Advertising measurement: We may use third-party advertising measurement services (such as Meta Conversions API and similar platforms) to measure the effectiveness of our advertising campaigns. These services may receive hashed identifiers and conversion events (such as signup or subscription status) from parent account activity only — never from children's interactions. This data is used solely for ad attribution and campaign measurement, not behavioral advertising or retargeting of children.
• Error monitoring: Sentry receives error reports with no personally identifiable information. IP addresses are stripped and only anonymized identifiers are used.
• Cloud storage: AWS stores generated media (images and videos). Files are identified by random IDs, not user information.
• Hosting: Vercel hosts the application and processes requests to deliver the Service.

We may also disclose information if required by law, court order, or governmental request, or in connection with a business transfer (acquisition, merger, or sale of assets).

5. Children's Privacy (COPPA)

again is designed for parents and guardians to use with their children ages 3–10. The parent or guardian is the account holder and user — children do not create accounts.

We do not knowingly collect personal information from children under 13 (or the applicable age in your jurisdiction).

The "content target age range" setting is a content preference that adjusts story vocabulary and themes — it is not collected as a child's personal information.

Persistent identifiers (analytics cookies, pseudonymous user IDs) are used strictly for "support for internal operations" as defined by the FTC's COPPA Rule — specifically: site measurement, analytics, funnel optimization, and error monitoring. These identifiers are not used for behavioral advertising, ad targeting, or building profiles of children.

We use Google Analytics for internal site measurement and have disabled its advertising and remarketing features. Our error monitoring service does not collect personally identifiable information and strips IP addresses from all error reports.

Prompt guidance: We do not ask for or require children's personal information. However, story prompts you enter are stored as part of your story content and are sent to our AI providers (OpenAI and Runway) for processing. If you include a child's name or other personal details in a prompt, that information will be processed and stored as part of the story. Please avoid including children's names, contact details, or other sensitive personal information in prompts.

If you believe we have inadvertently collected personal information about a child under 13, contact us immediately at support@again.kids and we will promptly review and delete it.

6. Story Sharing & Data Visibility

Paid subscribers may generate share links for completed stories. When a story is shared:

• The story's text, illustrations, and videos are accessible to anyone with the link, without requiring an account or login
• Share links are unlisted (not indexed or searchable) but are not private — anyone who receives the link can view the content
• No account information is displayed on shared story pages — no author name, email, or account details are shown. However, stories may contain personal details you included in your prompts
• You may revoke a share link at any time. Revocation permanently disables the old link. Re-sharing generates a new link

You are responsible for deciding who to share links with and for ensuring shared stories do not contain personal information you do not wish to make accessible. Once shared, recipients may copy or forward the link. Revoking the link prevents future access but does not recall content already viewed or saved by others.

7. Cookies & Tracking Technologies

• Essential cookies: Authentication session cookies required for the Service to function
• Analytics cookies: Google Analytics (with advertising features disabled)
• No advertising cookies: We do not use cookies for behavioral advertising, retargeting, or ad personalization
• No third-party tracking pixels: We do not embed advertising tracking pixels on our site

You can manage cookies through your browser settings, but disabling essential cookies may prevent you from using the Service. To opt out of Google Analytics tracking specifically, you can install the Google Analytics Opt-out Browser Add-on.

8. Data Retention

• Account data: Retained while your account is active or until the Service is discontinued
• Stories and media: Retained while your account is active; deleted upon account deletion request or Service discontinuation
• Spark transaction records: Retained for financial and tax record-keeping as required by law, even after account deletion or Service discontinuation
• Analytics data: Subject to Google Analytics' retention settings
• Error logs: Subject to Sentry's retention settings
• Inactive accounts: Sparks expire after 2 years of no login activity; account data is retained until you request deletion

Service discontinuation: If we discontinue the Service, we will provide at least 30 days' notice via email. All personal data will be deleted within 90 days of shutdown, except records we are required by law to retain (such as financial transaction records for tax purposes).

9. Data Deletion & Your Rights

Deletion: To request deletion of your account and all associated data, email support@again.kids from your registered email address. We will process your request within 30 days.

What gets deleted: Account profile, stories, generated media, moderation logs, Spark transaction history (anonymized), and authentication tokens.

What may be retained: Anonymized or aggregated data, financial transaction records required by law, and data needed to comply with legal obligations.

Access: You may request a copy of your personal data by emailing support@again.kids.

Correction: You may update your profile information through your Account page.

Marketing opt-out: You may withdraw marketing consent at any time through your Account settings or by contacting us.

10. Data Security

• Passwords are securely hashed using industry-standard methods and are never stored in plain text
• Authentication tokens are cryptographically hashed before storage — raw tokens are never persisted
• All data is transmitted over HTTPS/TLS
• Payment data is handled entirely by Stripe, which is PCI-DSS Level 1 certified

We implement reasonable technical and organizational measures to protect your data, but no system can guarantee absolute security.

Data breach notification: In the event of a data breach affecting your personal information, we will notify affected users and applicable authorities as required by law (including the Florida Information Protection Act and any other applicable data breach notification statutes).

11. International Users

again is operated from the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer. Data protection laws in the United States may differ from those in your jurisdiction.

12. Third-Party Links & Services

The Service integrates with third-party services as described in Section 4. Shared stories may contain links back to again. We are not responsible for the privacy practices of third-party services and encourage you to review their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy at any time. Material changes will be communicated via email or in-app notice. The "Last Updated" date at the top of this page will reflect the most recent revision. Continued use after changes constitutes acceptance of the updated policy. For material updates, we may require you to re-affirm your consent through an in-app prompt before you can continue using the Service.

14. Contact Us

For privacy questions, data requests, or COPPA concerns, please contact us at:

support@again.kids

again.kids