Privacy Policy

Introduction

Welcome to LittleTunesAI's Privacy Policy. This document explains how we handle your data and protect your family's privacy.

This Privacy Policy is prepared in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) — Regulation (EU) 2016/679 of the European Parliament and of the Council.

In this document, you will learn how we collect, use, and protect your personal data when you create an account, use our services, or contact us.

If you choose to purchase a subscription, additional details about data processing related to your purchase will be provided during the checkout process.

Who We Are

LittleTunesAI is created and operated by Paweł Tymczuk, a company dedicated to creating safe, engaging, and educational musical experiences for children and families. We are committed to protecting the privacy of our users, especially children.

What Our App Does

LittleTunesAI creates personalized AI-generated songs to help children with their daily routines. Our app generates custom lullabies, morning songs, mealtime tunes, potty training songs, and more — all featuring your child's name or nickname to make each moment special and engaging. The songs are designed to make everyday activities fun while supporting healthy habits and emotional development.

Designed for Families

LittleTunesAI is specifically designed for children aged 0-7 years, intended to be used with parental involvement and supervision. The app is operated by parents or guardians who create accounts, manage child profiles, and control all aspects of the experience. Children do not interact directly with the app or provide any personal information themselves — all data is provided and managed by their parents or guardians.

Children's Privacy (COPPA Compliance)

We are committed to protecting children's privacy and fully comply with the Children's Online Privacy Protection Act (COPPA).

Important: This app is intended for use by parents and guardians. We do not knowingly collect personal information from children under the age of 13 without verified parental consent.

Key COPPA Compliance Measures

• We do not knowingly collect personal information from children under the age of 13
• Baby information is used solely to personalize song generation content
• Parents retain full control over their child's data
• We do not engage in behavioral advertising or tracking of children
• Children's data is never shared with third parties
• Parents may request deletion of their child's data at any time

Parental Controls

• Account creation requires adult verification
• Parents can review, manage, and delete child information
• No automatic data collection from children
• Clear and verifiable parental consent mechanisms are in place

EU Children's Data Protection (GDPR-K)

In addition to COPPA, we comply with the GDPR's specific provisions for protecting children's personal data under Article 8, commonly referred to as "GDPR-K" (GDPR for Kids).

Under GDPR Article 8, processing of a child's personal data requires parental consent for children under the age of 16 (or lower age as set by EU member states, but not below 13).

Our GDPR-K Compliance Measures

• Parental consent is required before any child profile is created
• We collect only the minimum data necessary (child's first name or nickname and age range)
• Parents have full rights to access, rectify, and delete their child's data
• No profiling or automated decision-making is performed on children's data
• Children's data is processed lawfully, fairly, and transparently
• Data is stored securely within the EU or in jurisdictions with adequate protection

Age-Appropriate Design

• The app interface is designed for parent/guardian operation only
• No direct marketing or push notifications are sent to children
• Privacy settings are configured to the highest protection level by default
• Clear and child-friendly privacy information is available upon request

Information We Collect

Account Information

When you create an account, we collect your email address, name and photo from the authentication provider. All this information is stored securely and used solely to identify you. We never share this information with third parties nor use it for advertising purposes. If you choose to subscribe, the payment information is collected through secure payment processor. We do not store your payment information. All payment information is processed by the payment processor and is not stored on our servers.

Child Profile Information

To personalize songs, we collect your child's first name or nickname and age range. This information is used solely to create customized musical content with our AI partner and is never shared with any other third parties nor used for advertising purposes.

Usage Data

We collect anonymous usage data to improve our service, including which categories are most popular, playback statistics, and app performance metrics.

Information We Do Not Collect

We do not collect or process the following types of information:

• Precise location or GPS data
• Photos, videos, or other media files
• Contact lists or address book data
• Social media account information or content
• Biometric identifiers
• Health or medical information

How We Use Your Information

• Generate personalized songs with your child's name
• Provide and maintain our service
• Process payments and subscriptions
• Send important service updates
• Improve and optimize our app
• Provide customer support

Data Security

We implement industry-standard security measures to protect your data:

• End-to-end encryption for all data transmission using TLS 1.3
• Data at rest is encrypted using AES-256, passwords are hashed using bcrypt
• Secure cloud storage with regular backups
• Regular security audits and updates
• GDPR and CCPA compliant data handling

Data Retention

We retain your data only for as long as necessary to provide our services:

• Account data: Retained while your account remains active
• Child information: Permanently deleted upon account deletion
• Usage data: Anonymized after 2 years
• Generated songs: Stored according to your subscription tier

Data Deletion

You can delete your account and all associated data at any time by contacting us. Upon deletion:

• All personal information will be permanently removed within 30 days
• Generated songs and child profiles will be deleted
• Subscription will be canceled and no further charges will occur

Data Sharing & Third Parties

We do not sell your personal information. We may share limited data with trusted third parties only for the following purposes:

Payment Processors

We use secure payment processors to handle subscription payments. They only receive the information necessary to process your payment.

AI Service Providers

To generate personalized songs, we share your child's first name with our AI partners. No other personal information is shared.

Cloud Infrastructure

We use reputable cloud service providers to store data securely. All data is encrypted and stored in compliance with industry standards.

Your Rights (GDPR Compliance)

Under GDPR and similar data protection laws, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict: Limit how we process your data
• Right to Portability: Receive your data in a portable format
• Right to Object: Object to certain types of processing

To exercise any of these rights, please contact us.

International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) with service providers
• Data processing agreements with all third parties
• Encryption of data during international transfers
• Regular audits of international data handling practices

Cookies & Tracking

Our mobile app uses minimal tracking technologies:

Essential Cookies

Required for the app to function properly, including authentication and preferences.

Analytics (Optional)

Anonymous usage data to help us improve the app. You can opt out in the app settings.

We do not use advertising cookies or third-party tracking for marketing purposes.

Data Breach Response

In the unlikely event of a data breach, we are committed to:

• Notifying affected users within 72 hours of discovery
• Reporting to relevant data protection authorities as required
• Taking immediate steps to contain and investigate the breach
• Implementing measures to prevent future incidents

Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes:

• We will update the "Last updated" date at the top of this page
• For significant changes, we will notify you via email or in-app notification
• Continued use of the app after changes constitutes acceptance of the updated policy