Trust Center
Last updated: July 2026
Data privacy and security are paramount at Story Time Builders. We build for children first, so protecting the students and families who trust us is the foundation of everything we do — never an afterthought.
Our commitment
Story Time Builders exists to support children's social and emotional wellbeing, and that responsibility shapes how we treat data. We collect only the minimum information needed to deliver a personalized therapeutic story, we protect it with industry-standard safeguards, and we never sell personal data or use it for advertising. Privacy and security aren't a compliance checkbox for us — they are core to the product and to the trust that schools and families place in us.
Regulatory compliance
We handle all data in compliance with the major student- and consumer-privacy frameworks that apply to our users:
In school settings we operate as a "school official" with a legitimate educational interest, and we never disclose education records without proper authorization.
We never knowingly collect personal information directly from children under 13. All child details come from a parent, guardian, or authorized school professional.
We honor data-minimization duties and consumer rights for Maryland residents, including heightened protections for the sensitive data of minors.
California residents can access, correct, and delete their personal information, and we never sell it. Requests are honored within statutory timelines.
Subprocessors
We rely on a small, carefully vetted set of subprocessors to operate our service, each engaged under a data processing agreement with appropriate safeguards. We keep this list current so schools and families always know who supports our platform:
| Subprocessor | Purpose | Personal data processed |
|---|---|---|
| Google Cloud | Cloud infrastructure & hosting | Application data, encrypted in transit and at rest |
| Google Firebase | Authentication & database | Account credentials and stored application data |
| Slack | Internal team messaging | Operational communications only — no student records |
| Anthropic (Claude) | Internal productivity & tooling | None — no personal information is sent to Claude |
Security practices
We protect data with safeguards that meet or exceed industry norms:
- Encryption of all data in transit (TLS 1.3) and at rest (AES-256)
- Least-privilege access controls, so team members only reach the data their role requires
- Reputable, security-certified infrastructure providers (see subprocessors above)
- No sale of personal data and no third-party advertising trackers
For full detail on what we collect, how long we keep it, and how to exercise your rights, see our Privacy Policy.
Contact
Have a privacy or security question, or need our data processing agreement? We're glad to help — email privacy@storytimebuilders.com and we'll respond promptly.