1. Who we are
Mossly ("we", "us", "Mossly") is the data controller responsible for processing your information under this policy. Mossly is a bedtime-story app: a parent records their own voice, and Mossly generates personalized stories read aloud in that cloned voice. Contact us at developer@totaunion88.com with any privacy question, data-rights request, or to report a concern.
Mossly is offered in Taiwan and the United States and is operated from Taiwan. For data-rights requests from users in the European Union or the United Kingdom (e.g. travellers who downloaded from the US store), please reach us at the email above; we will respond within 30 days.
2. Accounts
Mossly has a single kind of account: a parent account, created by an adult (18 or older). There is no child login. A "child profile" is simply a few fields (name, age, language) stored inside the parent account so stories can be personalized — the child never signs in, has no username, and cannot enter anything into the app.
| Account | Who creates it | Who controls the data | Sign-in |
|---|---|---|---|
| Parent | An adult (18+) | The parent | Sign in with Apple (iOS) or Google (Android) |
| Child profile | The parent, inside their account | The parent, on behalf of the child | None — children never sign in |
We do not offer email/password sign-in. Authentication is handled by Apple and Google; we never see your password for those providers.
3. What we collect
Everything we collect is required to run the service. Mossly has no advertising SDK, no third-party analytics SDK, and no marketing data platform.
3.1 From the parent
| Field | Source | Why |
|---|---|---|
| Email address | From Sign in with Apple or Google | Sign-in identity, account recovery, deletion confirmation |
| Apple / Google subject ID + account user ID | From the sign-in provider | The stable identifier for your account |
| Voice recording (a short audio sample) | You record it with your microphone, with your explicit consent | To create a private voice model that reads stories in your voice. A voiceprint is biometric / sensitive personal data (see § 7 and § 12). |
| Voice model ID | Returned by our voice provider after cloning | So the app can generate story audio in your voice |
| Subscription status / purchase history | From RevenueCat when you subscribe | To unlock and manage your subscription |
3.2 From the child profile
| Field | Source | Why |
|---|---|---|
| Child's name | Parent enters it | So the child is the hero of the story |
| Child's age | Parent enters it | Age-appropriate story language and length |
| Story language (zh-TW or en) | Parent picks | Which language stories are written and read in |
3.3 Generated stories
| Field | When | What we do |
|---|---|---|
| Story script (text) | When you generate a story | The story topic plus the child's name and age are sent to Google Gemini to write the script (see § 5). The script is stored so you can replay the story. |
| Story audio (mp3) | After the script is written | Generated by our voice provider (MiniMax TTS) in your cloned voice and stored privately so you can replay it. |
3.4 What we never collect
- Any voice other than the voice of the consenting adult who recorded it — never another person's voice.
- The child's photo, biometrics, contacts, or precise location.
- Location (no GPS, no IP-based geolocation), browsing, or app usage outside Mossly.
- Advertising identifiers (IDFA / GAID) or marketing attribution.
- Credit-card or payment-card numbers — purchases are handled entirely by Apple / Google billing.
- Analytics or crash data. Our v1 build ships with analytics and crash reporting disabled.
4. How we use what we collect
For each piece of data above, the only thing we do with it is what's in the "Why" column. Specifically, we use your data to: create your voice model, generate and read stories, run your account, and manage your subscription. We do not:
- Train AI models on your voice, your stories, or your child's data.
- Sell, rent, or share your data with anyone for advertising or marketing.
- Use your voice for anything other than generating stories inside your own account.
5. Third-party processors (sub-processors)
Mossly relies on the following providers to run the service. They process your data on our instructions only, as our sub-processors — not for their own purposes.
| Processor | What they do | What we send |
|---|---|---|
| MiniMax (international nodes — Singapore / United States) | Voice cloning and text-to-speech (reading stories in your voice) | Your voice recording (to build the model) and story scripts (to read aloud) |
| Google (Gemini API, United States) | Writes the story script | The story topic plus the child's name and age |
| Supabase Inc. (Asia Pacific — Singapore) | Hosts the database, authentication, private storage buckets, and server functions | Everything in § 3 is stored in Supabase's managed infrastructure |
| RevenueCat, Inc. (United States) | Manages subscription state and entitlements | Your account user ID and subscription / purchase events (no card data) |
| Apple / Google | Sign-in and in-app purchase billing | Authentication tokens; billing is handled entirely on their side |
No advertising, analytics, or attribution companies have access to your data. We do not use Google Analytics, Firebase Analytics, Mixpanel, Amplitude, Segment, Crashlytics, or any similar service in v1.
6. How long we keep it
| Data | Retention |
|---|---|
| Voice recording (your sample) | Stored privately until you re-record or delete your account. |
| Voice model | Kept until you delete it (by re-recording) or delete your account. On account deletion we also instruct our voice provider to delete the model. |
| Child profile (name, age, language) | Active until you delete it or delete your account. |
| Generated stories (script + audio) | Active until you delete the story or delete your account. |
| Account + subscription record | Active until you delete the account. |
| Account deletion | Immediate and permanent. When you delete your account, your database rows and stored files are erased right away, and we instruct our voice provider to delete your voice model. There is no grace period and the deletion cannot be undone. |
7. Children
Mossly creates stories for children, but it is a tool used by the parent. The account holder is an adult; the child never interacts with the app — they only listen to a finished story. Because of this:
- United States — COPPA (15 U.S.C. § 6501 et seq.) does not directly apply, because we do not collect personal information online directly from a child. The only child information we hold — the child's name and age — is entered by the parent. We nonetheless apply COPPA-style data minimisation: we collect the minimum needed, never use it for advertising or profiling, and never train AI models on it.
- We do not knowingly let a child create an account or record a voice. The person recording a voice must be the consenting adult account holder (18+).
- The child has no public profile; nothing about the child is shared with other Mossly users.
If you believe a child has provided us information directly, contact developer@totaunion88.com and we will delete it.
8. Your rights and controls
You can do all of these from inside the Mossly app:
| Right | How |
|---|---|
| Re-record (replace) your voice | Settings → My Voice → re-record. This replaces the old model. |
| Delete a story | Library → swipe a story → Delete. |
| Delete your entire account | Settings → Delete account. Immediate and permanent; also deletes your voice model. |
| Access or correct your data | Email developer@totaunion88.com. Response within 30 days. |
| Withdraw consent | Delete the account (above). |
9. Security
- Transport encryption: TLS 1.2+ for every connection.
- At-rest encryption: Supabase encrypts all database data and storage objects at rest using AES-256.
- Private storage: voice samples, voice previews, and story audio live in private storage buckets served only via short-lived signed URLs.
- Row-level security (RLS): every user can only read / write their own rows; enforced at the database level by policies that check
auth.uid(). - Biometric care: your voice recording is treated as sensitive data and is only ever used to build your own voice model.
- Vulnerability response: developer@totaunion88.com.
No system is 100% secure. If we discover a breach affecting your personal information, we will notify you and the relevant supervisory authority within 72 hours where required (e.g. GDPR Article 33, Taiwan PDPA).
10. International data transfers
Our infrastructure is in Asia Pacific (Singapore). Some processing happens elsewhere: voice cloning and text-to-speech run on MiniMax international nodes (Singapore / United States); story scripts are written by Google Gemini (United States); subscription state is managed by RevenueCat (United States). When data leaves Singapore for the EU/UK context, we rely on the European Commission's Standard Contractual Clauses (SCCs) or the UK International Data Transfer Addendum.
11. Changes to this policy
If we make material changes, we will update the "Last updated" date above and, for changes that affect how we handle your voice or your child's data, surface an in-app notice the next time you open the app.
12. Region-specific rights
12.1 European Union (GDPR)
If you live in the EU, you have the rights of access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21), and withdrawal of consent (Art. 7(3)). A voiceprint is a special category of personal data under Article 9; we process it only on the basis of your explicit consent, which you give before recording and can withdraw at any time by re-recording or deleting your account. You may lodge a complaint with your national supervisory authority. Legal bases under Art. 6: your consent (Art. 6(1)(a) + Art. 9(2)(a) for the voiceprint) and performance of our contract with you (Art. 6(1)(b)).
12.2 United Kingdom
Same rights as EU GDPR, exercised against Mossly, with complaints to the Information Commissioner's Office (ICO).
12.3 California (CCPA / CPRA)
- Right to know, delete, correct, and limit the use of sensitive personal information (your voiceprint is sensitive personal information).
- Opt out of sale or sharing — not applicable: we do not sell or share your personal information for cross-context behavioural advertising, ever.
- Non-discrimination for exercising these rights.
Exercise these at developer@totaunion88.com. Response within 45 days.
12.4 Taiwan (Personal Data Protection Act, 個人資料保護法)
If you are in Taiwan, under the Personal Data Protection Act ("PDPA") you may, with respect to the personal data we hold about you: (1) inquire and request to review it; (2) request a copy; (3) request supplementation or correction; (4) request that we stop collecting, processing, or using it; and (5) request its deletion. We collect your data to provide the Mossly storytelling service and process it within the scope of that purpose. Because a voiceprint is sensitive personal data, we collect and use it only with your separate consent, given before you record. To exercise any PDPA right, contact developer@totaunion88.com; you may exercise these rights freely and we will not provide the service in a way that penalizes you for doing so, except where a right's exercise makes the core feature (storytelling in your voice) impossible.
13. Apple and Google platform disclosures
Mossly is distributed through Apple's App Store and Google's Play Store, and our data practices are disclosed in Apple's App Privacy and Google Play's Data Safety sections. Consistent with those: we do not track you across other apps or websites (no ATT tracking), we use no advertising SDKs, and we support in-app account and data deletion.
14. Contact
- Email: developer@totaunion88.com
- Postal: available on request via email
For data-rights requests, include the email tied to your account so we can verify your identity.
Owner: Mossly
Initial publication: 2026-05-29
Last reviewed by counsel: self-drafted (no formal counsel review)
Next scheduled review: 12 months from last review