When you create an account, we collect your email address and authentication credentials through our authentication provider, Clerk. When you use Skeinscribe, we store the stories you create, including your text inputs and the AI-generated narrative responses.
We also collect usage data including credit consumption, subscription tier, and general interaction patterns to improve the service.
When you use text-to-speech features, your story text is sent to OpenAI for audio generation. Audio files are cached locally in your browser using IndexedDB — this data never leaves your device unless you choose to share it.
Your information is used to:
Your story inputs are sent to Anthropic's Claude AI for narrative generation. Anthropic processes this data according to their own privacy policy. We do not use your story content to train AI models. Your stories are your creative work.
Your account data and stories are stored in a PostgreSQL database hosted on Neon. Data is encrypted in transit and at rest. If you use the BYO Key feature, your Anthropic API key is encrypted using AES-256-GCM before storage.
We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.
Our authentication provider (Clerk) sets session cookies that are strictly necessary for the service to function. We use a cookie consent banner to inform you of cookie usage. No tracking cookies or third-party advertising cookies are used. Local storage and IndexedDB are used to persist user preferences and cached audio data — this data remains entirely on your device.
Your stories and account data are retained for as long as your account is active. When you delete a story, it is permanently removed from our database. If you delete your account, all associated data is removed within 30 days.
We use the following third-party services:
Each service processes your data according to their respective privacy policies.
You have the right to:
In the event of a data breach that affects your personal information, we will notify affected users within 72 hours of becoming aware of the breach, in accordance with applicable data protection laws including GDPR. Notification will be provided via email and through the application. The notification will include: the nature of the breach, the types of data affected, the measures taken to address the breach, and recommended steps you can take to protect yourself.
Skeinscribe is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected]. If we discover that we have collected personal information from a child under 13, we will promptly delete that information.
Your data may be transferred to and processed in countries other than your country of residence, including Canada and the United States, where our service providers operate. These transfers are necessary to provide the service. We ensure appropriate safeguards are in place for international data transfers in accordance with applicable data protection laws.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases as defined by the General Data Protection Regulation (GDPR):
In addition to the general rights listed in Section 6, if you are in the EEA, UK, or Switzerland, you have the following rights under GDPR:
To exercise any of these rights, contact us at [email protected]. We will respond to valid requests within 30 days.
Your data may be transferred to and processed in Canada and the United States, where our service providers operate. For transfers outside the EEA, we rely on:
Skeinscribe is operated from Ontario, Canada and is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). We are accountable for the personal information in our possession and have designated a privacy contact responsible for our compliance with PIPEDA.
We collect, use, and disclose personal information only for the purposes identified in this policy. We obtain meaningful consent for the collection, use, and disclosure of personal information, except where the law allows otherwise.
Under PIPEDA, you have the right to:
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
We may update this privacy policy from time to time. For material changes, we will provide at least 30 days' notice through the application or via email before the changes take effect. We will notify you of minor changes by updating the “Last updated” date at the top of this page.
For privacy-related questions, data subject requests, or complaints, contact us at [email protected]. We aim to respond to all privacy requests within 30 days.