Privacy Policy for Anyway

1. Introduction

Welcome to Anyway ("we," "us," or "our"). We are committed to protecting your privacy and the privacy of your children. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our story reading application, Anyway (the "Application").

By using the Application, you agree to the collection and use of information in accordance with this policy. If you have any questions or concerns, please contact us at support@anyway-app.co.

Data Controller: Stefano Kliba (private individual)

2. Information We Collect

a) Personal Data You Provide

• Email address (parent/guardian): Required for account creation. This is the only personally identifiable information we collect and store.
• Feedback submissions: If you voluntarily submit feedback, your comments are sent to us by email. We do not store feedback in databases. Please avoid including personal information in feedback messages.

b) Anonymized Usage Data Collected Automatically

• Device type and operating system
• General feature usage patterns (e.g., which stories are popular, time spent in the app)
• Crash reports and performance data

We use Google Analytics for Firebase to collect anonymized data. User IDs are not associated with tracking events.

3. How We Use Your Information

• Account management: To create, secure, and authenticate your account.
• Communication: To send service-related notices (e.g., password reset, policy changes).
• Improvement: To fix bugs, improve features, and enhance user experience.
• Feedback handling: Feedback emails are used solely to review and improve our Application.

4. Sharing and Disclosure of Information

We do not sell your personal information. We share only with trusted providers:

• Auth0 (Identity Provider): Used for authentication. Auth0 Privacy Policy
• Google Analytics for Firebase (Analytics): Collects anonymized usage data. Google Privacy Policy
• Legal requirements: If required by law, or to protect rights, property, or safety.

5. Children's Privacy (COPPA and GDPR-K)

• Parental consent: A parent or guardian must create an account with their email. This email serves as consent.
• No direct collection from children: We do not knowingly collect personal data directly from children under 13 (or local age of consent).
• Parental rights: Parents/guardians can review, delete, or withdraw consent for their email anytime.
• Unauthorized registration: If a child registered without consent, contact us at support@anyway-app.co and we will delete the data.

6. Your Data Protection Rights

Users in the European Economic Area (GDPR)

You have the right to: access, correct, or erase your data; restrict or object to processing; request data portability; and withdraw consent.

Users in California (CCPA/CPRA & CalOPPA)

You have the right to: know what personal information is collected; request deletion of your personal information; and not be discriminated against for exercising your rights.

Do Not Track (DNT): Our Application does not respond to DNT signals.

To exercise any rights, contact us at support@anyway-app.co.

7. Data Security and Retention

• Your email address is deleted immediately when you delete your account.
• It may remain in secure system backups for up to 90 days before being permanently removed.
• Anonymized analytics data may be retained indefinitely.

8. International Data Transfers

Your information may be transferred outside of your country, including to the United States where Auth0 and Firebase are hosted. We rely on Standard Contractual Clauses (SCCs) and other safeguards to ensure your data is protected in line with GDPR and other regulations.

9. Changes to This Privacy Policy

We may update this Privacy Policy. Updates will be posted here, and material changes will also be sent to your registered email.

10. Contact Us

If you have questions or wish to exercise your data rights, contact us:

support@anyway-app.co
Data Controller: Stefano Kliba (private individual)