Privacy Policy

Last Updated: December 30, 2025

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Display name
  • Profile information you provide
  • Authentication credentials (via Firebase Auth)

1.2 User-Generated Content

We store content you create on the platform:

  • AI characters you create (name, description, definitions, greetings)
  • Chat conversations with AI characters
  • User personas you create
  • Lorebook entries and extensions

1.3 Usage Data

We collect information about how you use the Service:

  • Pages visited and features used
  • Characters you interact with
  • Search queries
  • Error logs and diagnostic data

1.4 API Keys (BYOK)

If you provide your own API keys, we store them encrypted. We do not have access to your plaintext API keys and cannot view them.

2. How We Use Your Information

2.1 Service Operation

  • Provide and maintain the Service
  • Process your requests and interactions with AI models
  • Store and manage your characters and chats
  • Enable character discovery and sharing

2.2 Service Improvement

  • Analyze usage patterns to improve features
  • Monitor service performance and errors
  • Develop new features based on user needs

2.3 Communication

  • Send service-related notifications
  • Respond to support requests
  • Notify you of important updates (with your consent)

2.4 Safety and Compliance

  • Enforce our Terms of Service
  • Detect and prevent abuse or prohibited content
  • Comply with legal obligations

3. Data Sharing and Third Parties

3.1 AI Model Providers

When you use AI models, your messages are sent to third-party providers (OpenAI, Anthropic, Google, etc.). Each provider has their own privacy policy and data handling practices.

3.2 Firebase Services

We use Google Firebase for authentication and backend services. Google's privacy policy applies to data processed by Firebase.

3.3 No Sale of Personal Data

We do not sell your personal information to third parties. We only share data as necessary to operate the Service or as required by law.

4. Data Security

4.1 Encryption

We use industry-standard encryption to protect your data in transit (HTTPS) and at rest. API keys are encrypted before storage.

4.2 Access Controls

Access to user data is restricted to authorized personnel only and is logged for security auditing.

4.3 Security Limitations

While we implement security measures, no system is completely secure. You are responsible for maintaining the security of your account credentials.

5. Your Privacy Rights

5.1 Access and Export

You can access and export your data, including characters and chats, at any time through your account settings.

5.2 Deletion

You can delete characters, chats, and your entire account. Deletion is permanent and cannot be undone. Some data may be retained in backups for a limited period.

5.3 Correction

You can update your account information and character data at any time.

5.4 Opt-Out

You can opt out of non-essential communications through your account settings.

6. Data Retention

We retain your data as follows:

  • Active Accounts: Data retained while your account is active
  • Deleted Accounts: Most data deleted within 30 days
  • Legal Requirements: Some data may be retained longer if required by law
  • Backups: Backup copies may exist for up to 90 days

7. Children's Privacy

Tiny Land is not intended for users under 18. We do not knowingly collect information from children. If we learn we have collected data from someone under 18, we will delete it promptly.

8. International Data Transfers

Your data may be processed and stored in the United States or other countries where our service providers operate. By using the Service, you consent to this transfer.

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Authentication and session management
  • Preference storage (theme, settings)
  • Analytics to understand usage patterns

You can control cookies through your browser settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy with an updated date. Continued use after changes constitutes acceptance.

11. Contact Us

For questions about this Privacy Policy or your data, please contact us at contact@tinyland.ai.

12. GDPR Rights (EU Users)

If you are in the European Union, you have additional rights under GDPR:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

To exercise these rights, contact us at the email above.

← Back to Home
Terms of ServiceCommunity GuidelinesAbout Us