Legal

Privacy Policy

Last updated: April 2026

The short version

We don't train AI on your content. We don't sell your data. You can delete everything at any time. We comply with GDPR and the EU AI Act.

What we collect

  • Account info: email address, display name, avatar
  • Content: stories, chapters, and interactions you create
  • Preferences: your explicit settings and AI-learned preferences
  • Usage data: interaction counts and reading history
  • Payment info: processed by Stripe — we never see your card number

How we use it

  • To provide and improve the Platform
  • To personalize your AI writing experience via the preference engine
  • To process payments and manage subscriptions
  • To moderate content and enforce community guidelines
  • To send you notifications you've opted into

What we never do

  • Use your stories or content to train AI models
  • Sell, share, or monetize your personal data
  • Read your private stories (only you can access them)
  • Store your payment card information

Data storage & security

All content is encrypted at rest in AWS DynamoDB. Data is stored in the US (us-east-1). We use industry-standard security practices including encrypted connections (TLS), secure authentication (AWS Cognito), and role-based access controls.

Your rights

You have the right to:
  • Access all data we hold about you
  • Export your stories and preferences
  • Delete your account and all associated data
  • Correct any inaccurate information
  • Withdraw consent for data processing

Anonymous publishing

You may publish stories under a pen name. No real identity is required. We do not link pen names to real identities in any public-facing way.

EU AI Act compliance

FictionMaker is designed to comply with the EU AI Act (effective June 2026). Content generated with AI is clearly distinguishable from human-only content. We maintain audit trails for AI-generated content as required.

Contact

Privacy concerns? Contact our Data Protection Officer at privacy@fictionmaker.com.