NightlyTale
← Back to home

Privacy Policy

Last updated: 2026/06/26

Who we are

NightlyTale is a South African children's bedtime-story subscription service. We are the Responsible Party under the Protection of Personal Information Act 4 of 2013 (POPIA).

What we collect

  • Parent/guardian email address and hashed password (required to create an account)
  • Child's first name (optional), age (2 to 12), favourite animal, story category, and preferred story language
  • Payment token from Paystack (we never store your full card details, Paystack does)
  • Story history (title and body) to personalise future stories and avoid repeats

Why we collect it

Solely to generate and deliver personalised bedtime stories to your child each night. We do not sell, share, or use this data for advertising.

Children's data

We collect minimal data about children with the explicit consent of the parent or legal guardian. A child's first name is entirely optional. We do not collect any other personal details about children.

Your rights (POPIA)

  • Access: view all data we hold about you from your dashboard
  • Correction: edit your child's details at any time from your dashboard
  • Deletion: delete your account and all associated data from your dashboard. This is immediate and permanent
  • Objection: contact us at support@nightlytale.com to object to any processing

Third-party services

  • Supabase: secure cloud database (EU/US data centres with SA-compliant contracts)
  • Anthropic: AI story generation (data is not used to train their models under our API agreement)
  • Resend: transactional email delivery
  • Paystack: PCI-DSS compliant payment processing in ZAR
  • Vercel: web hosting

Data retention

We retain your data while your account is active. When you delete your account all data is permanently removed within 24 hours. Anonymised story counts (no names, no email) may be retained for 12 months for service quality purposes.

Contact

For any privacy queries: support@nightlytale.com