Privacy Policy — Coco Bedtime Stories

Last updated: 2026-03-23

1. Introduction

LayerNines Inc. ("we", "us", "our") operates the Coco Bedtime Stories mobile application ("Coco", "the App"). This Privacy Policy explains how we collect, use, disclose, and protect information when you use our App. By using Coco, you consent to the practices described in this policy.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Email address or social login credentials (Apple Sign In, Google Sign In) used for authentication.
• Child Profile: Child's first name, age, and selected bedtime friend character. This information is used solely to personalize bedtime stories within the App.
• Story Creation Inputs: Mood selection, daily events, and parent messages entered when creating a personalized story. These inputs are used solely for generating the requested story.
• Customer Support: Information you provide when contacting support, including your name, email, and details of your inquiry.

2.2 Information Collected Automatically

• Usage Data: App session duration, feature interactions, story playback patterns, navigation events.
• Device Information: Device model, operating system and version, app version, device language settings, time zone.
• Crash and Performance Data: Anonymized crash logs and performance metrics collected via Firebase Crashlytics to diagnose and fix issues.
• Push Notification Tokens: Device tokens for delivering optional bedtime reminders (Firebase Cloud Messaging). You can disable notifications at any time via device settings.

2.3 Purchase Information

In-app purchases and subscriptions are processed entirely by the Apple App Store or Google Play Store. We receive purchase confirmation receipts and subscription status from the respective platform. We do not collect, process, or store payment card numbers, bank account details, or other financial credentials.

2.4 Information We Do NOT Collect

• Precise location or GPS data
• Contact lists or address books
• Photos, camera, or gallery access
• Microphone recordings or voice data
• Browsing history or cross-app tracking data
• Advertising identifiers (we do not serve ads)

3. How We Use Information

• Story Personalization: Child name, age, mood, and events are sent to our AI service (Google Vertex AI) to generate personalized bedtime stories.
• Audio Narration: Story text is sent to our text-to-speech service to generate audio narration.
• Account Management: Creating and maintaining your user account, managing subscriptions and story points.
• Purchase Validation: Verifying in-app purchase and subscription receipts with Apple/Google.
• Push Notifications: Sending optional bedtime reminders and story completion notifications.
• Service Improvement: Anonymized, aggregated analytics to improve content quality and app performance.
• Customer Support: Responding to inquiries and resolving issues.

4. Data Sharing and Third-Party Services (Data Minimization Principle)

We do not sell, rent, or provide your account information (such as email) to any third party. To deliver core functionality (AI story and voice generation), only de-identified 'input text' that cannot be linked back to the user is processed through the following partnerships:

• Story and Voice Generation (Google LLC): Only the text (prompt) directly entered by the user for story creation is transmitted, and this data is processed without being combined with the user's account information.
• Service Infrastructure and Security (Google LLC, Cloudflare, Inc.): Cloud infrastructure is used for stable app operation and media file storage. Only de-identified (anonymized) device data is collected for analytics and error analysis.
• Legal Requirements: When required by applicable law, regulation, court order, or legal process.

5. Children's Privacy

Coco is designed for use by parents and guardians with their children. We take children's privacy very seriously and comply with the U.S. Children's Online Privacy Protection Act (COPPA) and Korea's Personal Information Protection Act (PIPA).

• The App is intended for adults (parents/guardians) who create stories for their children. Children should use the App under parental supervision.
• We collect only the minimum information necessary to personalize stories (child's first name, age, and character preference).
• Child profile data is stored only within the parent's account and is never shared with other users or third parties for marketing purposes.
• We do not display any advertising to children or adults within the App.
• We do not enable children to make purchases. All in-app purchases require the account holder's authorization.
• Parents/guardians can review, modify, or delete their child's profile at any time from within the App.
• Parents/guardians can request complete deletion of all child-related data by contacting us.

6. In-App Purchases and Subscriptions

• Story Points and subscription plans are available as in-app purchases through the Apple App Store and Google Play Store.
• All payment processing is handled by the respective app store platform. We do not have access to your payment details.
• Subscription terms, pricing, and renewal are governed by your agreement with the app store platform.
• To manage or cancel a subscription, use the subscription management features in your device's app store settings.
• Refund requests should be directed to Apple or Google per their respective refund policies.

7. Data Retention

• Generated Stories: Story text, images, and audio are retained until you delete them or your account.
• Child Profile Data: Retained until you remove the child profile or delete your account.
• Account Data: Retained until you request account deletion. Upon deletion request, all associated data is permanently removed within 30 days.
• Usage Analytics: Anonymized usage data may be retained for up to 12 months for service improvement.
• Crash Reports: Retained for up to 90 days for debugging purposes.

8. Data Security

We implement industry-standard security measures to protect your data:

• All data transmission is encrypted using TLS/SSL.
• Data at rest is encrypted on our cloud infrastructure.
• Access to personal data is restricted to authorized personnel on a need-to-know basis.
• We conduct regular security reviews of our infrastructure and code.

While we take reasonable measures to protect your information, no method of electronic transmission or storage is 100% secure.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate personal data.
• Deletion: Request deletion of your account and all associated personal data.
• Data Portability: Request export of your data in a machine-readable format.
• Withdraw Consent: Withdraw consent for data processing at any time (which may limit App functionality).
• Opt-Out of Notifications: Disable push notifications via your device settings at any time.

To exercise any of these rights, please contact us using the information below. We will respond within 30 days.

10. International Data Transfers

Your data may be processed on servers located in the United States, South Korea, and other countries where our service providers operate. By using the App, you consent to the transfer of your data to these countries, which may have different data protection laws than your country of residence.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through an in-app notification or by updating the "Last updated" date. Continued use of the App after such changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:

• Company: LayerNines Inc.
• Email: support@layernines.com