Data Processing Agreement (DPA)

Effective Date: February 5, 2026

This Data Processing Agreement ("DPA") forms part of the StoryMaster AI Terms & Conditions and applies whenever StoryMaster AI processes Personal Data on behalf of its users while providing the StoryMaster AI platform and related services.

This DPA is intended to support compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), and other applicable privacy regulations.

1. Purpose

This DPA defines the responsibilities of StoryMaster AI regarding the collection, processing, storage, protection, and deletion of Personal Data processed through the StoryMaster AI platform.

Our objective is to process Personal Data securely, transparently, and only for legitimate business purposes.

2. Scope of Processing

StoryMaster AI processes Personal Data solely to provide the Services requested by users.

Processing activities may include:

  • Account management
  • Authentication
  • AI-powered book generation
  • AI writing assistance
  • Chapter editing
  • Character creation
  • AI illustration generation
  • Cover generation
  • Book formatting
  • Project storage
  • File export
  • Subscription management
  • Customer support
  • Platform security
  • Service improvement

StoryMaster AI processes Personal Data only in accordance with user instructions and applicable law.

3. Categories of Personal Data

Depending on how the Services are used, StoryMaster AI may process:

  • Name
  • Email address
  • Account information
  • Billing information
  • Book manuscripts
  • Uploaded documents
  • Generated books
  • Characters
  • Illustrations
  • Book covers
  • Images
  • User preferences
  • Device information
  • IP addresses
  • Usage logs
  • Support communications

We process only the information necessary to deliver our Services.

4. Purpose of Processing

Personal Data is processed exclusively for purposes such as:

  • Providing StoryMaster AI Services
  • Managing user accounts
  • Generating AI content
  • Improving platform performance
  • Processing payments
  • Preventing fraud
  • Maintaining security
  • Providing customer support
  • Complying with legal obligations

StoryMaster AI does not sell Personal Data.

5. AI Processing

StoryMaster AI uses trusted AI technologies to generate books, illustrations, covers, and related content.

User prompts and uploaded content are processed solely to generate requested outputs.

StoryMaster AI does not use customer manuscripts, uploaded books, or private content to train proprietary AI models without the customer's explicit consent.

AI-generated content may require human review and verification.

6. Security Measures

StoryMaster AI implements commercially reasonable technical and organizational measures designed to protect Personal Data.

These include:

  • AES-256 encryption for stored data
  • TLS 1.3 encryption for data in transit
  • Secure cloud infrastructure
  • Role-based access controls
  • Multi-factor authentication for administrative systems
  • Security monitoring
  • Regular software updates
  • Automated backups
  • Disaster recovery procedures
  • Security incident response processes

Security controls are regularly reviewed and improved.

7. Confidentiality

All employees, contractors, and authorized personnel with access to Personal Data are subject to confidentiality obligations and may access Personal Data only when necessary to perform their responsibilities.

8. Subprocessors

StoryMaster AI may engage carefully selected third-party service providers to support platform operations.

These may include providers of:

  • Cloud hosting
  • AI model APIs
  • Payment processing
  • Authentication
  • Email delivery
  • Analytics
  • Database hosting
  • File storage
  • Customer support

All subprocessors are contractually required to maintain appropriate security and confidentiality standards.

9. International Data Transfers

StoryMaster AI operates globally.

Where Personal Data is transferred outside the European Economic Area (EEA), United Kingdom, or Switzerland, appropriate safeguards are implemented, including where applicable:

  • Standard Contractual Clauses (SCCs)
  • UK International Data Transfer Addendum
  • Other legally recognized transfer mechanisms

10. Data Subject Rights

Where required by applicable law, users may request to:

  • Access their Personal Data
  • Correct inaccurate information
  • Delete Personal Data
  • Export Personal Data
  • Restrict processing
  • Object to processing

StoryMaster AI will respond to verified requests within the timeframes required by applicable law.

11. Data Retention

Personal Data is retained only for as long as necessary to:

  • Provide the Services
  • Maintain user accounts
  • Comply with legal obligations
  • Resolve disputes
  • Protect platform security

Upon account deletion, Personal Data will be deleted or anonymized within a reasonable period unless retention is required by law.

12. Security Incidents

In the event of a confirmed security incident affecting Personal Data, StoryMaster AI will:

  • Investigate the incident promptly
  • Take appropriate containment measures
  • Notify affected users where required by applicable law
  • Cooperate with relevant regulatory authorities when legally required

13. Compliance

StoryMaster AI is committed to maintaining compliance with applicable privacy and data protection laws, including:

  • General Data Protection Regulation (GDPR)
  • UK GDPR
  • California Consumer Privacy Act (CCPA)
  • California Privacy Rights Act (CPRA)
  • Swiss Federal Act on Data Protection (FADP)
  • Other applicable international privacy regulations

14. Updates to This Agreement

StoryMaster AI may update this DPA from time to time to reflect changes in legal requirements, technology, or our Services.

The latest version will always be available through the StoryMaster AI website.

Continued use of the Services after updates become effective constitutes acceptance of the revised DPA.

15. Contact

For questions regarding this Data Processing Agreement or StoryMaster AI's data protection practices, please contact:

Data Protection OfficerStoryMaster AI

Email: dpo@storymaster.ai

Website: https://storymaster.ai

1.5k+
Happy Authors

Join Our Author Community

Get writing tips, publishing hacks, and the latest updates from StoryMaster AI straight to your inbox.