StorySparkle Logo

Privacy Policy for StorySparkle

Last updated: January 8, 2026

1. Introduction

Welcome to StorySparkle (“we,” “us” or “our”). We offer an interactive platform designed to develop reading and literacy skills in children (including those with dyslexia), approximately aged 3–12. Parental guidance is strongly recommended. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit storysparkle.org (the “Site”) and use our services.

2. Data Controller

StorySparkle is owned and operated by:
Alex Bradley
53 High Street West Wycombe
High Wycombe, HP14 3AG
United Kingdom

You can contact our Data Protection Officer at support@storysparkle.org.

3. Information We Collect

  • Aggregate Analytics:We use Google Analytics 4 (GA4), Microsoft Clarity, and PostHog to gather anonymous, aggregated usage data (e.g., page views, session duration, bounce rates, device/browser type, and general geographic region). We do not receive or store any personally identifiable information (PII) such as names, IP addresses, or user IDs.
  • Account Information: When you register—via email/password, Google Sign‑In, or Facebook Login—we collect and store:
    • Name (if provided by you or by the third‑party authenticator)
    • Email address
    • Avatar (if provided by the authenticator)

    This information is used solely to:

    • Authenticate and log you into your StorySparkle account
    • Provide a personalized experience, including remembering your child's reading progress, achievements, and preferences

    We do not request or store any additional personal data (e.g., date of birth, postal address).

4. Legal Basis for Processing

Under UK GDPR, we rely on the following lawful bases:

  • Consent (Art. 6(1)(a)) for optional marketing communications (where you explicitly opt in).
  • Contract (Art. 6(1)(b)) to provide and maintain your StorySparkle account and access to platform features.
  • Legitimate Interests (Art. 6(1)(f)) to analyze aggregate usage data for service improvement, security, and site maintenance.

5. Parental Guidance & Children's Privacy

  • Our services target children aged 3–12. We strongly recommend that parents or guardians create and manage all accounts on behalf of their children, or use the platform alongside them.
  • We do not knowingly collect personal information directly from children. If you believe your child has provided us personal data without your consent, please contact us so we can delete it promptly.
  • For children under 13, we rely on parental setup and oversight rather than separate verifiable parental consent processes.

6. Cookies & Tracking Technologies

  • We use only the cookies and similar technologies deployed by GA4 and Microsoft Clarity for anonymous, aggregated analytics.
  • No cookies on our Site identify individual users.
  • You can disable or delete cookies through your browser; see aboutcookies.org for guidance.

7. Data Retention

  • Aggregate Analytics: Retained by GA4 and Microsoft Clarity per their default retention settings (up to 14 months); we do not maintain these records ourselves.
  • Account Data (name, email, avatar): Retained as long as the account exists. Upon account deletion, we will erase this data within 30 days.

8. Your Rights under GDPR

You have the right to:

  • Access your personal data
  • Rectify any inaccuracies
  • Erase your data (“right to be forgotten”)
  • Restrict processing under certain circumstances
  • Object to processing based on legitimate interests
  • Data Portability receive your data in a structured, machine‑readable format

To exercise these rights, email support@storysparkle.org. We will respond within one month.

9. Sharing & Disclosure

We do not sell, trade, or rent your personal data. We share only aggregated, anonymized insights with our analytics providers under GDPR‑compliant data‑processing agreements.

10. International Data Transfers

Data processing and storage occur within the UK or in jurisdictions deemed adequate by the UK (e.g., EU). Transfers outside these areas employ standard contractual clauses to maintain data protection standards.

11. Security Measures

We implement appropriate technical and organizational safeguards, including:

  • Encrypted HTTPS connections for all Site traffic
  • Secure storage of account credentials
  • Regular security assessments and updates

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal obligations. The “Last updated” date will indicate the most recent revision. Please review this policy periodically.

13. Language Precedence

In the event of any inconsistency between the English language version of this policy document and any other language translations, the English language version shall take precedence.

14. Contact & Complaints

For questions, requests, or complaints, contact us at support@storysparkle.org or by post at the address above. If unresolved, you may lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

By using StorySparkle, you acknowledge that you have read and understood this Privacy Policy.