Privacy Policy

1. Information We Collect

2. How We Use Your Information

We use your personal information for the following purposes: • To create your personalised book: Your child’s name, profile details, and photograph are processed by our AI systems to generate a unique story and illustrations tailored to your child. • To fulfil your order: Your contact and shipping details are used to produce, ship, and deliver your book. • To process payment: Payment details are transmitted securely to our payment provider. We do not store your card details. • To communicate with you: We send order confirmations, shipping updates, and respond to your enquiries via email. • To improve our service: We may analyse aggregated, de-identified usage data to improve our website, product quality, and customer experience. • To comply with legal obligations: We may use or disclose information where required by law or to protect our legal rights. We will not use your personal information for purposes other than those described above without your consent.

3. AI Processing and Automated Decision-Making

Almia uses artificial intelligence to create your personalised book. We believe in transparency about how this works: • Story generation: AI models process your child’s name, age, interests, and personality traits to generate a unique story. • Illustration generation: AI models create original illustrations based on your child’s profile information and uploaded photograph (if provided). These models process the photograph to generate stylised, storybook-style illustrations. • Content safety: Automated safety filters review generated content for age-appropriateness before inclusion in your book. Your child’s personal information and photographs are used as inputs to these AI systems solely for the purpose of creating your personalised book. They are not used to train AI models. Where data is transmitted to third-party AI service providers for processing, we select providers that offer appropriate data handling commitments and do not retain your data beyond what is needed to complete the request.

4. Children’s Information

We take the privacy of children seriously. Almia’s service is designed for parents and caregivers to create books for their children. We do not knowingly collect personal information directly from children. • All information about children is provided by their parent or legal guardian. • We collect only the child information necessary to create the personalised book. • We do not use children’s information for marketing or advertising purposes. • We do not sell or share children’s information with third parties for their own purposes. • You may request deletion of your child’s information at any time (see Section 9). If we become aware that we have collected information from a child without verified parental consent, we will take steps to delete that information promptly.

5. Sharing and Disclosure

We share personal information only in the following limited circumstances: • Print fulfilment partners: Your book’s file and shipping address are shared with our print partner to produce and ship your book. Our print partner operates under data processing obligations. • AI service providers: Child profile information and photographs are transmitted to third-party AI providers to generate your book’s story and illustrations. These providers process data under contractual data handling agreements. • Payment provider: Your payment provider processes your transaction. Their handling of your payment information is governed by their own privacy policy. • Email service provider: We use a third-party email service to send transactional emails (order confirmations, shipping updates). Your email address and name are shared for this purpose. • Legal requirements: We may disclose information if required by law, regulation, legal process, or governmental request. We do not sell your personal information. We do not share personal information with advertisers or marketing partners.

6. International Data Transfers

Some of our service providers operate outside Australia and New Zealand. When your data is transferred internationally, we take reasonable steps to ensure it receives comparable protection: • AI processing services may process data outside Australia. • Our payment provider operates globally. • Print fulfilment for Australian orders is handled within Australia. We select service providers that maintain appropriate security standards and data handling practices.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected: • Order and account information: Retained for the duration of your account and for 7 years after your last order for tax, legal, and warranty purposes. • Child photographs: Retained for 90 days after your book is delivered to allow for reprints or issue resolution, then permanently deleted unless you request earlier deletion. • Generated book content: The final book file is retained in your account for reordering purposes. You may request its deletion at any time. • Website analytics data: Aggregated and de-identified data may be retained indefinitely. Individual browsing data is retained for no more than 26 months.

8. Cookies and Tracking

Our website uses cookies and similar technologies to: • Essential cookies: Maintain your session, remember your cart, and enable core website functionality. These cannot be disabled. • Analytics cookies: Help us understand how visitors use our website so we can improve it. We use privacy-respecting analytics that do not track you across other websites. We do not use advertising or tracking cookies. We do not participate in cross-site tracking networks.

9. Your Rights

10. Data Security

We implement appropriate technical and organisational measures to protect your personal information, including: • Encryption of data in transit (TLS/HTTPS) and at rest. • Cloud infrastructure hosted in Australia for domestic data residency. • Access controls limiting who within our organisation can access personal information. • Secure payment processing through PCI DSS compliant providers. • Regular review of security practices and service provider arrangements. No method of electronic transmission or storage is completely secure. While we take reasonable precautions, we cannot guarantee absolute security. In the event of a data breach that is likely to cause serious harm, we will notify affected individuals and the relevant authorities in accordance with the Notifiable Data Breaches scheme (Australia) and the NZ Privacy Act 2020.

11. Marketing Communications

We will only send you marketing communications if you have opted in to receive them. You can unsubscribe at any time by clicking the unsubscribe link in any marketing email or by contacting us. Unsubscribing from marketing will not affect transactional emails related to your orders. We comply with the Spam Act 2003 (Cth) and the Unsolicited Electronic Messages Act 2007 (NZ).

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to read their privacy policies before providing any personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Material changes will be posted on our website with an updated effective date. If we make significant changes to how we handle children’s information, we will take reasonable steps to notify affected users.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights: Privacy enquiries: privacy@almia.com.au (monitored for privacy-related requests only) For all other questions, please use the chat bubble in the corner of almia.com.au.