Privacy Policy

App name: LumiNap

Last updated: May 2026

1. Introduction

Welcome to LumiNap (the "App", "we", "our", or "us"). We respect the privacy of our users, especially children, and are committed to protecting their information in compliance with the Children's Online Privacy Protection Act (COPPA), the General Data Protection Regulation (GDPR), the Apple App Store Kids Category guidelines, and the Google Play Families Policy.

LumiNap is designed for children aged 4 and up and offers interactive bedtime stories and mini-games that encourage creativity and focus. The App is published in the Apple Kids Category and participates in the Google Play Designed for Families program.

2. Information We Collect and Use

2.1 What we collect

To keep the App stable, fix bugs, and improve user experience, we collect a limited set of technical telemetry on our own servers:

2.2 What we do not collect

LumiNap does not collect:

2.3 Legal basis

Where COPPA applies, this telemetry is collected under the "support for the internal operations of the App" exception and is used only to maintain and improve the App. Where the GDPR applies, the legal basis is our legitimate interest in keeping the App stable and free of defects (Article 6(1)(f)). Telemetry is never used for advertising, profiling, or any decision that produces legal or similarly significant effects on users.

3. Third-Party Services

3.1 Subscriptions and In-App Purchases

LumiNap offers in-app subscriptions and purchases through the Apple App Store (on iOS / iPadOS) and Google Play (on Android). All payments are processed by the respective stores. We do not receive or store any payment, billing, or account information.

3.2 Firebase Remote Config (Google)

We use Firebase Remote Config to update non-personal application configuration — for example, feature flags, default values, and content metadata such as which stories are available. Remote Config does not collect personal information from users; in the course of fetching configuration, Google receives standard request metadata such as app version, operating system version, and an instance identifier.

3.3 Push Notifications

We use Firebase Cloud Messaging (Google) and the Apple Push Notification service (Apple) to deliver occasional broadcast announcements about new stories and features. Messages are sent to all users or to a topic; we do not target individual users and we do not collect, store, or have access to push tokens. Google and Apple act solely as data processors for the purpose of delivering these messages.

3.4 No advertising, analytics, or tracking SDKs

LumiNap does not integrate any advertising SDKs (no AdMob, no other ad networks), any third-party analytics SDKs, or any behavioural tracking SDKs. We do not build user profiles. We do not sell, rent, or share any data with advertisers, data brokers, or other third parties for marketing purposes.

4. Internet Access

The App requires an internet connection to download stories and graphic assets from cloud storage. Once downloaded, content is available offline and the App can function without an active connection.

The only data the App transmits to our own servers is the technical telemetry described in Section 2 (crash reports, session metrics, and the pseudonymous install identifier). All transmission uses encrypted HTTPS connections.

5. Data Security

We implement appropriate technical and organizational measures to protect data against unauthorized access, alteration, or deletion. All communication with our backend and with third-party services (Apple, Google) is encrypted using HTTPS / TLS. Access to telemetry stored on our backend is restricted to the Developer.

6. Children's Privacy

We do not collect any personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us using the details in Section 9. We will promptly delete any such information.

7. Data Retention and Deletion

Telemetry described in Section 2 (crash reports, session metrics, and the pseudonymous install identifier) is retained for up to 12 months and then automatically deleted from our backend.

To request earlier deletion, please email us at the address in Section 9. Because the telemetry is not linked to any name, email, or account, we cannot locate records belonging to a specific person from contact details alone. To help us perform a best-effort deletion of records associated with your device, please include in your request:

If we cannot uniquely identify the records, all telemetry will in any case be automatically deleted within the 12-month retention window described above.

8. Parental Rights and Controls

Parents and guardians have the right to:

To exercise any of these rights, contact us by email at the address in Section 9. Please include the information listed in Section 7 to help us locate the relevant records.

9. Contact Information

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. The latest revision date is shown at the top of this document. If significant changes occur, we will notify users through an app update or notice within the app.

Compliance