Skip to main content

Trust Center

Last updated: July 2026

Data privacy and security are paramount at Story Time Builders. We build for children first, so protecting the students and families who trust us is the foundation of everything we do — never an afterthought.

Our commitment

Story Time Builders exists to support children's social and emotional wellbeing, and that responsibility shapes how we treat data. We collect only the minimum information needed to deliver a personalized therapeutic story, we protect it with industry-standard safeguards, and we never sell personal data or use it for advertising. Privacy and security aren't a compliance checkbox for us — they are core to the product and to the trust that schools and families place in us.

Regulatory compliance

We handle all data in compliance with the major student- and consumer-privacy frameworks that apply to our users:

FERPA Family Educational Rights & Privacy Act

In school settings we operate as a "school official" with a legitimate educational interest, and we never disclose education records without proper authorization.

COPPA Children's Online Privacy Protection Act

We never knowingly collect personal information directly from children under 13. All child details come from a parent, guardian, or authorized school professional.

MODPA Maryland Online Data Privacy Act

We honor data-minimization duties and consumer rights for Maryland residents, including heightened protections for the sensitive data of minors.

CCPA California Consumer Privacy Act

California residents can access, correct, and delete their personal information, and we never sell it. Requests are honored within statutory timelines.

Subprocessors

We rely on a small, carefully vetted set of subprocessors to operate our service, each engaged under a data processing agreement with appropriate safeguards. We keep this list current so schools and families always know who supports our platform:

Story Time Builders subprocessors, their purpose, and the personal data they process.
Subprocessor Purpose Personal data processed
Google Cloud Cloud infrastructure & hosting Application data, encrypted in transit and at rest
Google Firebase Authentication & database Account credentials and stored application data
Slack Internal team messaging Operational communications only — no student records
Anthropic (Claude) Internal productivity & tooling None — no personal information is sent to Claude

Security practices

We protect data with safeguards that meet or exceed industry norms:

For full detail on what we collect, how long we keep it, and how to exercise your rights, see our Privacy Policy.

Contact

Have a privacy or security question, or need our data processing agreement? We're glad to help — email privacy@storytimebuilders.com and we'll respond promptly.