Privacy Policy

• Your photos are never stored. They are processed to make the coloring page and drawing steps, then immediately discarded.
• Kids never have accounts. Accounts belong to parents. We collect no personal information from children.
• We collect almost nothing: a parent email address, the drawings the app makes, and payment status. That is the entire list.
• No ads, no trackers, no selling data. Ever, on any page. Kid-facing screens carry no analytics at all.

When you pick a photo, it is sent over an encrypted connection to our server, which passes it to Google's Gemini API to generate a coloring page and drawing steps. The result comes straight back to your device. Our server does not store the photo, and it does not keep a copy of the generated page. We have an automated test in our codebase that fails our release process if photo-storing code ever appears.

Google processes the photo as a data processor under its API terms; we have not enabled any setting that would let Google use your photos to train models, and Google's paid API terms prohibit it from doing so.

• Parent email address — to create and sign in to the family account (we use sign-in links, so there is no password to remember or for us to protect badly).
• Drawings and tutorials — the coloring pages and step-by-step tutorials the app generates are saved on your device, and also to your private family account if you have one, so a lost tablet doesn't lose them.
• Usage counts — how many tutorials your account has generated this month (that's how the free tier works), and standard server logs (IP address, timestamps) kept briefly for abuse prevention and debugging.
• Payment status — whether a subscription is active. Payments are processed by Stripe; card numbers go directly to Stripe and never touch our servers.

We do not collect names, birthdays, locations, contacts, or anything about your child. The app never asks the child anything.

Step by Sketch is designed for children to use with a parent, and we comply with the U.S. Children's Online Privacy Protection Act, including the amended rule effective 2025–2026:

• Accounts can only be created by a parent or guardian, who attests to being an adult and verifies their email address. Paid subscriptions additionally verify the parent through the payment card, a COPPA-recognized consent method.
• We collect no personal information from children. Photos — which a parent or child may submit for processing — are used solely to generate the drawing content, are never retained, and are never used for any other purpose. This qualifies for COPPA's transient-use treatment, and we disclose it anyway because parents deserve to know exactly what happens.
• There is no behavioral advertising, no third-party ad SDK, and no analytics of any kind on kid-facing screens. The only analytics we run are cookieless, aggregate page counts on parent-facing pages.
• Parents can review or delete everything we hold at any time — see "Your controls" below.

We use a small set of service providers, each only for what is listed: Google (Gemini API — transient photo processing), Supabase (database and authentication for family accounts), Vercel (hosting), Stripe (payments), and a cookieless analytics service on parent-facing pages only. None of them may use your data for their own purposes. We never sell or share personal information with advertisers or data brokers.

• Delete a drawing: delete it in the gallery; if your account synced it, it is deleted there too.
• Delete your account and everything in it: email privacy@stepbysketch.com from your account email and we will delete the account, drawings and email address within 30 days, and confirm when done.
• Use it with no account at all: the free try-it flow works without signing up; drawings then exist only on your device.

Account data is kept while the account is active. Server logs used for abuse prevention are kept no longer than 30 days. Stripe retains transaction records as required by financial regulations.

If we ever change what we collect or how we use it, we will update this page, change the date at the top, and email account holders before the change takes effect. We will never quietly start collecting more.

Questions, requests, or worries: privacy@stepbysketch.com.