LegendCraftLegendCraft

    Privacy Policy

    Last updated: March 2026

    1. Who We Are

    LegendCraft ("we", "us", "our") is an online service that creates personalized illustrated storybooks. Our website is legendcraft.io. If you have any questions about this policy, you can contact us at hello@legendcraft.io.

    2. What Data We Collect

    We collect only what is necessary to create your story:

    • Account informationyour email address, and if you sign in with Google, your name and Google profile.
    • Story inputsthe child's name, physical description, personality traits, and story preferences you provide in the creation wizard.
    • Usage datastandard server logs and analytics to improve the service (pages visited, errors encountered).

    We do not collect payment information directly — payments are handled by third-party processors.

    3. How We Use Your Data

    • To generate and deliver your personalized storybook.
    • To send transactional emails (magic link sign-in, order confirmations).
    • To maintain and improve our service.
    • To comply with legal obligations.

    We do not sell your data. We do not use it for advertising.

    4. Third-Party Services

    We use the following trusted third-party providers to operate our service:

    • Supabasedatabase and authentication infrastructure.
    • Googleoptional sign-in via Google OAuth. Governed by Google's Privacy Policy.
    • Resendtransactional email delivery.
    • Luluphysical book printing and fulfillment (shipping address shared when you order a print).
    • PostHogproduct analytics (EU-hosted). Only runs after you accept analytics cookies — see section 9 for details.
    • Stripepayment processing (PCI-DSS compliant). Card and billing details are submitted directly to Stripe and never stored on LegendCraft servers.

    5. Data Retention

    We retain your account and story data for as long as your account is active. If you'd like your data deleted, email us at hello@legendcraft.io and we will remove it within 30 days.

    6. Children's Privacy

    LegendCraft is a service for parents and gift-givers to create stories about children — it is not directed at children themselves. We do not knowingly collect personal data from anyone under 13. Story input data about a child (name, appearance) is provided by an adult and used solely to personalize the book.

    7. Your Rights

    Depending on your location, you may have rights to access, correct, or delete the personal data we hold about you. To exercise any of these rights, contact us at hello@legendcraft.io.

    8. Changes to This Policy

    We may update this policy from time to time. We'll note the date of the last update at the top of this page. Continued use of LegendCraft after changes constitutes acceptance of the revised policy.

    9. PostHog Product Analytics

    For visitors in the EU, EEA and United Kingdom, we use PostHog to understand how our service is used and to improve it. PostHog only runs after you accept the cookie banner.

    • Purposeproduct analytics — we measure page views, click events and funnel-step completions to find friction points and improve the product.
    • Data capturedpage views, click events, custom funnel events, your user ID once signed in, your email address once signed in, and an IP-derived approximate geolocation. We do not capture form input.
    • RetentionPostHog retains event data for 1 year by default; after that it is anonymised or deleted.
    • Legal basisyour consent (Art. 6.1.a GDPR), captured via the cookie banner the first time you visit.
    • Right to withdrawyou can withdraw consent at any time by reopening the cookie banner here: Cookie preferences.
    Privacy Policy — LegendCraft