Skip to main content
Protagonist Press

Privacy Policy

Last updated: March 4, 2026

1. Overview

Protagonist Press ("we", "our", "us") is committed to protecting the privacy of all users, with particular attention to the privacy of young readers. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your information.

2. Data We Collect

We collect the following categories of information:

  • Account information: Email address and authentication credentials (password hash or magic link tokens).
  • Protagonist profiles: First name, age, grade level, interests, personality traits, and story preferences. We never collect or store last names for protagonists.
  • Order information: Shipping address, payment method (processed by Stripe; we never store card numbers), and order history.
  • Newsletter subscriptions: Email address only.

3. COPPA Compliance: Age-Based Privacy Tiers

We implement three privacy tiers based on the age of the protagonist to ensure compliance with the Children's Online Privacy Protection Act (COPPA) and provide age-appropriate privacy protections:

Under 13: COPPA Protected

  • Verifiable parental consent is required at checkout before any data processing begins.
  • Aggressive PII filtering is applied to all free-text fields (school names, addresses, and friend full names are automatically removed).
  • Full right-to-delete cascade: deleting a protagonist profile permanently removes all associated data including generated content and orders.
  • Data is never used in training datasets under any circumstances.

Ages 13–17: Safe Harbor

  • Age-appropriate content filters are applied to generated stories.
  • PII filtering is active on all free-text inputs.
  • No parental consent gate is required.
  • Data is never used in training datasets.

Ages 18+: Standard

  • Standard privacy policy protections apply.
  • PII filtering is recommended but optional for free-text inputs.
  • Data is never used in training datasets.

Always-On Rules (All Age Tiers)

  • We never store protagonist last names at any layer of our system.
  • PII filtering runs on all wizard free-text fields for protagonists under 18 to remove school names, addresses, and friend full names.
  • No user data, regardless of age, is ever used in AI training datasets. This is enforced contractually with all AI providers.

4. How We Use Your Data

We use collected data exclusively for:

  • Generating your personalized novel based on the protagonist profile you provide.
  • Processing and fulfilling your order, including printing and shipping.
  • Communicating order status updates and service-related notices.
  • Sending newsletter updates if you have opted in (you may unsubscribe at any time).

5. Data Retention

We retain your data according to the following schedule:

  • Account data: Retained for the life of your account. Deleted upon account deletion request.
  • Protagonist profiles: Retained until you delete the profile or your account. Deletion cascades to all associated records.
  • Generated content: Retained until you delete the protagonist profile or your account. Deletion cascades to all generated books, chapters, and story materials.
  • Order records: Retained for 7 years for tax and legal compliance, then permanently deleted.
  • Wizard draft data: Incomplete wizard sessions are automatically purged after 30 days.
  • Parental consent records: Retained for 7 years for COPPA audit trail compliance.

For the complete data retention schedule, including third-party processor details, see our full Data Retention Policy.

6. PII Handling

All free-text inputs in the creation wizard are processed through our PII filter before storage. This filter automatically detects and removes:

  • School names and educational institution references
  • Street addresses and location identifiers
  • Friend or family member full names
  • Phone numbers and email addresses

Protagonist first names are intentionally excluded from PII filtering, as they are essential to the personalization service.

7. Right to Delete

You may request deletion of your data at any time. Deleting a protagonist profile initiates a full cascade deletion that permanently removes:

  • The protagonist profile and all associated details
  • All generated book content and story materials
  • All order records associated with that protagonist (subject to legal retention requirements)
  • Any parental consent records

To request deletion, use the delete function in your dashboard or contact us at privacy@protagonistpress.com.

8. Third-Party Processors

We share data with the following third-party processors, each bound by data processing agreements:

  • Supabase: Database hosting, authentication, and file storage. Data stored in the United States.
  • Stripe: Payment processing. Stripe processes payment card data directly; we never store card numbers on our servers.
  • Resend: Email delivery for order confirmations, magic link authentication, and newsletters.
  • AI Providers (Anthropic, OpenAI): Story generation and quality evaluation. Protagonist profile data is sent to AI providers solely for generation purposes. We contractually prohibit the use of any customer data for model training.
  • Lulu: Print fulfillment and shipping. Shipping addresses are shared with Lulu solely for order fulfillment.

9. Cookies and Tracking

We use essential cookies for authentication and session management (HttpOnly, Secure, SameSite=Lax). We do not use third-party tracking cookies or advertising pixels. Analytics, if implemented, will use privacy-respecting, cookie-free solutions.

10. Contact

For privacy-related questions or data deletion requests, contact us at privacy@protagonistpress.com.