Privacy Policy
Effective Date: January 29, 2026 | Last Updated: January 29, 2026
Welcome to MemorySparks! Your privacy is important to us. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the MemorySparks mobile application ("App").
By using MemorySparks, you agree to the collection and use of information in accordance with this Privacy Policy.
Quick Summary
📸 What we collect: Photos, videos, text (memories), and audio content that you choose to upload. Account info (email, name) if you create an account.
🎯 Why we collect it: To generate personalized narrative stories and audio narrations using AI technology.
🤝 Who we share with: We temporarily share your content with Google Gemini AI to process and generate your stories. They handle data only as necessary to provide the service.
✅ Your consent: You give permission before uploading content. You can revoke permissions anytime through your device settings.
❌ What we DON'T collect: Device tracking data, usage analytics, crash reports, location, browsing history
📧 Contact: hansleonel@icloud.com
1. Service Provider Information
MemorySparks is operated by:
Hans Leonel Jurado Munoz
Lima, Peru
Email: hansleonel@icloud.com
For privacy-related inquiries, please contact us at: hansleonel@icloud.com
2. Information We Collect
🔹 What Data We Collect
We collect only the content you choose to upload to the app:
- Photos and videos selected by you from your device
- Text content (memories, stories, or descriptions you write)
- Audio content generated by the app based on your stories
- Email address (if you create an account using Apple ID, Google Sign-In, or email registration)
✅ Important: We only access content you explicitly select and upload. We do not automatically access your photo library, camera, or microphone without your permission.
2.1 Account Information (Optional)
If you choose to create an account, we collect:
- Full name (optional, from Apple/Google Sign-In)
- Email address
- Username (user-selected)
- User ID (auto-generated by Supabase)
- Authentication credentials (if using email/password registration)
- Profile picture (optional, from Google Sign-In)
- Bio (optional, user-provided)
2.2 Story Generation Content
When you use MemorySparks to generate stories, we process:
- Your memory text (the text you provide to create a story)
- Photos and videos you choose to upload for story context
- Audio narrations generated by the app from your stories
- Story parameters (genre: Romance, Adventure, Mystery, Fantasy, Horror, Sci-Fi, etc.)
- Author style preferences (optional)
- Language preferences
⚠️ IMPORTANT: Your memory text and uploaded images are sent to Google Gemini AI for story generation. These are processed by Google's servers to create your personalized story. We recommend not including highly sensitive personal information in your memory text.
2.2 Information Collected Automatically
Story Interaction Data:
- Number of times you read each saved story (read count)
- Story ratings you provide (1-5 stars)
- Stories you save or mark as favorites
Account Activity:
- Account creation date
- Last sign-in date
- Profile update timestamps
- Authentication provider used (email, Apple, or Google)
Subscription Status:
Through RevenueCat, we track:
- Whether you have an active premium subscription
- Subscription type (weekly: $3.99, monthly: $12.99, annual: $79.99)
- Subscription expiration date
2.3 Local Storage (On Your Device Only)
The following information is stored only on your device in a local database and is NOT transmitted to our servers:
- Full text of generated stories
- Story metadata (title, genre, creation date, status)
- Custom images you upload (stored as file paths)
- Draft stories (automatically deleted after 2 days)
- Your story preferences and settings
✅ What We Do NOT Collect:
• Device model or manufacturer information
• Operating system version for tracking purposes
• Unique device identifiers (IDFA, IDFV) for tracking
• Time spent in the app
• Detailed usage analytics or behavior tracking
• Crash reports or error logs
• IP addresses
• Location data (GPS)
• Your contacts, photos (beyond what you choose to upload), or other apps
• Browsing history outside the app
3. How We Use Your Information
🔹 Why We Use Your Data
These data are used only to provide the core functionality of MemorySparks, including:
- Generating narrative stories from your memories using AI technology
- Creating audio narrations of your stories with natural-sounding voices
- Personalizing content based on your selected genre and style preferences
- Storing your creations locally on your device for future access
📌 Purpose Limitation: We use your data exclusively for the services you request. We do not use your photos, videos, or text for advertising, marketing, training AI models, or any other purpose beyond generating your personalized stories.
3.1 To Provide Story Generation Service
- Process your memories: Send your memory text to Google Gemini AI to generate personalized stories
- Analyze images: Send uploaded photos and videos to Google Gemini AI for image analysis and story context
- Generate audio: Create audio narrations from your stories using text-to-speech technology
- Personalize content: Use your genre preferences and style choices to tailor stories
- Save your stories: Store generated stories locally on your device
3.2 To Manage Your Account
- Create and maintain your user account
- Authenticate your identity when you sign in
- Remember your preferences and settings
- Track your premium subscription status
- Sync your subscription across devices (via RevenueCat)
3.3 To Provide Customer Support
- Respond to your support requests and inquiries
- Troubleshoot technical issues
- Communicate important service updates
3.4 To Ensure Security
- Protect against unauthorized access to your account
- Prevent fraudulent subscription activity
- Enforce our Terms of Service
- Protect the rights and safety of MemorySparks and users
We Do NOT Use Your Data For:
❌ Advertising or marketing to you
❌ Selling to third parties
❌ Behavioral tracking or profiling
❌ Analytics beyond basic subscription metrics
4. Third-Party Services and Data Sharing
4.1 Google Gemini AI (Story Generation)
Purpose: Generate personalized AI stories based on your input
Privacy Policy: https://ai.google.dev/gemini-api/terms
Data Shared:
- ✅ Your memory text (the full text you provide)
- ✅ Uploaded images (as base64-encoded data, up to 20MB)
- ✅ Story parameters (genre, theme)
- ✅ Language preference
- ✅ Author style preference (optional)
- ❌ NO personally identifiable information (name, email, user ID)
4.2 RevenueCat (Subscription Management)
Purpose: Manage in-app subscriptions, verify purchase status, and sync across devices
Privacy Policy: https://www.revenuecat.com/privacy
Data Shared:
- ✅ Your Supabase User ID (anonymized identifier)
- ✅ Subscription status and type
- ✅ Purchase receipts from Apple
- ✅ Platform information (iOS)
- ❌ NO email, name, or other personal information
4.3 Supabase (Backend and Authentication)
Purpose: User authentication, account management, and data storage
Privacy Policy: https://supabase.com/privacy
Data Stored:
- ✅ Account information (email, name, username, user ID)
- ✅ Authentication tokens
- ✅ Profile data (bio, avatar URL, preferences)
- ✅ Account activity (creation date, last sign-in)
- ✅ Subscription status (isPremium flag)
- ❌ Story content is NOT stored on Supabase (stored locally only)
4.4 Apple Sign-In & Google Sign-In
Apple Sign-In: Apple Privacy Policy
Google Sign-In: Google Privacy Policy
4.5 Apple App Store (Payment Processing)
Important: All payment processing is handled exclusively by Apple. We never see or store your credit card information.
Privacy Policy: https://www.apple.com/legal/privacy/
5. Data We Do NOT Collect or Share
To protect your privacy, we DO NOT:
- ✅ Collect credit card or payment information (handled by Apple)
- ✅ Sell your personal data to third parties
- ✅ Share your data with advertisers
- ✅ Track your location (GPS data)
- ✅ Access your contacts or photo library (beyond what you choose to share)
- ✅ Monitor your activity outside of MemorySparks
- ✅ Use analytics or tracking SDKs (Firebase Analytics, Amplitude, etc.)
- ✅ Implement crash reporting tools (Sentry, Crashlytics, etc.)
- ✅ Track browsing behavior or create behavioral profiles
6. How We Store and Protect Your Data
6.1 Data Storage
Cloud Storage (Supabase):
- Account information and profile data
- Encrypted in transit using TLS/SSL
- Encrypted at rest using industry-standard encryption
Local Storage (Your Device):
- Generated story content (SQLite database)
- Custom uploaded images (app file directory)
- App preferences
- All local data is NOT transmitted to servers
6.2 Data Retention
- Account Data: Retained while your account is active, deleted within 30 days of account deletion request
- Local Story Data: Draft stories automatically deleted after 2 days; saved stories remain until you delete them
- RevenueCat Data: Subscription history may be retained for financial/legal compliance (typically 7 years)
6.3 Security Measures
- ✅ Encrypted data transmission (HTTPS/TLS 1.2+)
- ✅ Secure authentication protocols (OAuth 2.0, JWT)
- ✅ Password hashing (bcrypt for email/password auth)
- ✅ Access controls and authentication
- ✅ Secure API key management
However: No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
7. Your Privacy Rights
7.1 General Rights (All Users)
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your account and data
- Export: Request your data in a portable JSON format
How to Exercise: Email us at hansleonel@icloud.com
7.2 GDPR Rights (European Union Residents)
Note: MemorySparks is currently not available in the European Union. This section is provided for informational purposes only.
If we expand to EU markets in the future, EU residents will have additional rights under GDPR including:
- Right to Access
- Right to Rectification
- Right to Erasure ("Right to be Forgotten")
- Right to Data Portability
- Right to Lodge a Complaint with your local data protection authority
7.3 CCPA/CPRA Rights (California Residents)
Categories of Personal Information Collected:
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email, username, user ID | ✅ Yes |
| Commercial Information | Subscription status, purchase history | ✅ Yes |
| User-Generated Content | Memory text, uploaded images, story parameters | ✅ Yes |
| Account Activity | Sign-in dates, profile updates | ✅ Yes |
✅ WE DO NOT SELL YOUR PERSONAL INFORMATION TO ANYONE.
Categories of Third Parties We Share With:
| Third Party | Data Shared | Purpose |
|---|---|---|
| Google Gemini AI | Memory text, images, story parameters | AI story generation |
| RevenueCat | User ID, subscription status | Subscription management |
| Supabase | Account info, profile data | Authentication, data storage |
| Apple | Subscription receipts | Payment processing |
Your Rights:
- Right to Know (what data collected in last 12 months)
- Right to Delete
- Right to Opt-Out of Sale (We do NOT sell data)
- Right to Correct
- Right to Non-Discrimination
How to Exercise Your Rights:
- Email: hansleonel@icloud.com
- Subject: "CCPA Privacy Request - [Access/Delete/Correct]"
- Response Time: Within 45 days
8. Children's Privacy
MemorySparks is intended for users aged 13 years and older (17+ in some regions).
8.1 COPPA Compliance (USA)
- We do NOT knowingly collect data from children under 13
- We do NOT direct the service to children under 13
- We do NOT sell information of minors under 16
If we discover that we have collected information from a child under 13 without verified parental consent, we will delete that information immediately.
8.2 Parental Notice
If you are a parent or guardian and believe your child under 13 has provided us with personal information:
- Email us immediately at: hansleonel@icloud.com
- Include your child's username or email
- We will delete the account and all associated data within 24 hours
9. International Data Transfers
MemorySparks is operated from Peru and primarily serves users in the United States and Latin America. We use third-party services that may store data in various locations:
- Supabase: Stores data in US regions
- Google Gemini AI: Processes data on Google's US infrastructure
- RevenueCat: Stores data in US
Note: This app is currently not available in the European Union. If we expand to EU markets in the future, we will implement appropriate data transfer safeguards including Standard Contractual Clauses (SCCs) and GDPR compliance measures.
Data Protection Measures:
- Compliance with US data protection laws (CCPA)
- Compliance with Latin American data protection laws (LGPD for Brazil)
- Third-party processors with adequate data protection measures
- Encrypted data transmission and storage
10. Cookies and Tracking Technologies
MemorySparks is a mobile application and does not use browser cookies.
What We Use:
- Local Storage (SQLite): Store your stories, preferences, and settings on your device
- Session Management: JWT tokens stored securely to maintain your login session
What We Do NOT Use:
- ❌ Analytics SDKs (no Firebase Analytics, Amplitude, Mixpanel)
- ❌ Advertising SDKs
- ❌ Device fingerprinting for tracking
- ❌ Cross-app tracking identifiers
Important: MemorySparks does NOT request App Tracking permission because we do not track you across apps or websites owned by other companies.
11. Data Breach Notification
In the unlikely event of a data breach that affects your personal information:
- Immediate Investigation: Assess the scope and impact
- Notification: Notify you within 72 hours of discovering the breach
- Transparency: Explain what happened, what data was affected, and our response
- Regulatory Compliance: Notify relevant authorities as required by law
- Guidance: Provide steps you can take to protect yourself
12. Changes to This Privacy Policy
12.1 Notification of Changes
Material Changes:
We will notify you at least 30 days before material changes take effect via:
- Email to your registered address
- In-app notification
- Prominent notice on this page
Non-Material Changes:
Minor updates (typos, clarifications, formatting) may be posted without prior notice.
12.2 Your Acceptance
Your continued use of MemorySparks after changes take effect constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes:
- Stop using the app
- Cancel your subscription (through iTunes Account Settings)
- Request account deletion (email hansleonel@icloud.com)
13. Your Choices and Controls
🔹 User Consent and Permission Management
You are in control of your data at all times:
✅ Explicit Consent: You give permission before uploading or sharing any content. The app will request access to your photos, camera, or microphone only when you choose to use those features. You can deny these permissions at any time.
How to Manage Permissions:
- iOS: Go to Settings → MemorySparks → Toggle permissions for Photos, Camera, Microphone
- Revoke at any time: You can revoke permissions through your device's system settings
- No automatic access: We never access your content without your explicit action
13.1 Account Settings (In-App)
- ✅ Update your profile information (name, username, bio)
- ✅ Manage your saved stories
- ✅ Delete individual stories
- ✅ Change privacy settings
- ✅ View subscription status
- ✅ Revoke content permissions through device settings
13.2 Data Deletion
Delete Account:
- Email hansleonel@icloud.com with subject "Account Deletion Request"
- Provide your registered email address
- We will process within 30 days
What Happens:
- Your account and personal data deleted from Supabase
- Local stories remain on your device until you delete the app
- Active subscriptions continue until end of billing period
- RevenueCat retains subscription history for compliance (typically 7 years)
14. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or your personal data:
General Privacy Inquiries:
- Email: hansleonel@icloud.com
- Subject: "Privacy Inquiry"
- Response Time: Within 7 business days
Privacy Rights Requests (GDPR, CCPA, etc.):
- Email: hansleonel@icloud.com
- Subject: "Privacy Rights Request - [GDPR/CCPA] - [Access/Delete/Correct]"
- Response Time: Within 30 days (GDPR) or 45 days (CCPA)
Account Deletion:
- Email: hansleonel@icloud.com
- Subject: "Account Deletion Request"
- Response Time: Processed within 30 days
15. Supervisory Authority
For EU Residents:
If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.
Find Your EU Data Protection Authority: https://edpb.europa.eu/about-edpb/board/members_en
Summary: What You Should Know
✅ What We DO Collect:
| Data Type | Purpose | Shared With |
|---|---|---|
| Account info (email, name, username) | Account management | Supabase |
| Memory text & images | Story generation | Google Gemini AI |
| Story parameters (genre, preferences) | Personalization | Google Gemini AI |
| Subscription status | Premium access | RevenueCat |
| Story ratings & read counts | User experience | Local device only |
❌ What We DO NOT Collect:
- Device info for tracking (model, OS, identifiers)
- Usage analytics (time spent, features used)
- Crash reports or error logs
- Location data (GPS)
- IP addresses for tracking
- Your contacts or other apps
- Browsing behavior
🔒 Key Privacy Facts:
- ✅ Payment: Handled by Apple (we don't see your credit card)
- ✅ Stories: Stored locally on your device
- ✅ AI Processing: Memory text/images sent to Google Gemini
- ✅ No Ads: We don't share data with advertisers
- ✅ No Selling: We never sell your data
- ✅ Your Rights: Access, correct, delete, export your data
- ✅ Age: 13 years or older
Important Links
By using MemorySparks, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.
Effective Date: January 29, 2026 | Last Updated: January 29, 2026 | Version: 2.1 (Updated for App Store submission)
© 2025 MemorySparks. All rights reserved. Operated by Hans Leonel Jurado Munoz | Lima, Peru
← Back to home