Privacy Policy

My Mini Canvas is a mobile application developed and operated by GOODTECH HLDGS PTE. LTD., a company incorporated in Singapore (UEN: 202621535H) (“we”, “our”, or “the Company”).

For privacy-related enquiries, contact us at [email protected].

Data stored on your device

All memories — drawings, voice recordings, stories, illustrations, and parent notes — are stored exclusively on your device using Apple's SwiftData framework. We have no access to this data. It is not transmitted to our servers.

Data we do not collect

• We do not collect children's names, birthdates, photographs, or any other personal information about minors.
• We do not create user accounts or user profiles.
• We do not use advertising identifiers (IDFA, GAID, or equivalent).
• We do not conduct behavioural analytics or cross-app tracking.
• We do not sell your data to any third party, ever.

Voice recognition

The App uses Apple's on-device Speech Recognition (SFSpeechRecognizer) with requiresOnDeviceRecognition = true. Audio is processed locally on your device and is never transmitted to Apple or any third party for transcription purposes.

Draw Together (optional feature)

The App includes a built-in drawing canvas powered by Apple's PencilKit framework. Drawings created on this canvas are stored only on your device and are never transmitted to any external service. PencilKit processing is entirely on-device.

AI features — how they work

My Mini Canvas offers optional AI features (story generation, illustration, and read-aloud). These features route through a secure My Mini Canvas server (hosted on Cloudflare's infrastructure) before reaching the underlying AI providers. We operate this server so you never need accounts with any AI provider.

Our server holds no persistent user data — it processes each request and discards it. The only information retained is an anonymous per-device usage counter (no name, no email, no account) used to enforce monthly rate limits.

AI Story Generation (optional)

When you generate a story, the drawing's title, the child's spoken transcript (if provided), the parent's note (if provided), and a resized thumbnail of the drawing are transmitted via our server to Anthropic's Claude API. The child's name is never transmitted. See Anthropic's Privacy Policy at anthropic.com/privacy.

AI Illustration Generation (optional)

When you generate an illustration, a text prompt derived from the drawing title and story is transmitted via our server to OpenAI's image generation API. No drawing image, no child audio, and no personal identifiers are transmitted. The generated image is reviewed by the parent before saving to the device. See OpenAI's Privacy Policy at openai.com/privacy.

AI Read-Aloud (optional)

When you use Read Aloud, the saved story text is transmitted via our server to ElevenLabs' text-to-speech API (primary) or Google's Gemini text-to-speech API (fallback) to generate a narrated audio file. Only the story text is sent — no child audio, no drawings, no personal identifiers. See ElevenLabs' Privacy Policy at elevenlabs.io/privacy and Google's Privacy Policy at policies.google.com/privacy.

My Mini Canvas is designed to be used by parents and caregivers on behalf of their children. The App is not directed to children under 13 and children do not use it independently — a parent or guardian controls all interactions. We do not knowingly collect personal information from children under 13.

In compliance with the Children's Online Privacy Protection Act (COPPA):

• We do not collect a child's name, photograph, voice recording, or any other personal identifier via our servers.
• All voice recordings, drawings (including Draw Together canvas drawings), stories, and illustrations are stored locally on the parent's device.
• We do not transmit any children's content to AI services without explicit parental opt-in at the time of each action (see Section 2).
• No AI processing occurs without the parent actively initiating it. AI features are always opt-in, never automatic.
• Voice recognition uses Apple's on-device framework only — child audio is never sent to any server.

If you believe a child under 13 has provided us with personal information without appropriate parental consent, please contact us at [email protected].

Your device's standard iCloud Backup settings may include data stored by My Mini Canvas (drawings, stories, voice recordings). This is governed by Apple's iCloud Terms of Service and Privacy Policy. You can exclude our App from iCloud Backup in iOS Settings → [Your Name] → iCloud → Manage Storage.

All data is stored on your device. You may delete individual memories within the App at any time. Deleting the App from your device removes all associated data. Because we hold no data on our servers, there is no account deletion process required on our end.

Depending on your jurisdiction, you may have rights including access, rectification, erasure, and portability. As we hold no personal data about you or your children on our servers, most of these rights are exercised directly on your device via the App.

For questions about your rights under GDPR (EU/EEA), CCPA (California), PDPA (Singapore, Thailand), or any other applicable privacy law, contact us at [email protected].

Under CCPA: we do not sell, share, or disclose personal information for cross-context behavioural advertising. There is no need to opt out — we simply don't do it.

Data stored on your device is protected by your device's security model (Face ID, Touch ID, passcode). We recommend enabling App Lock within the App and keeping your device's operating system up to date.

AI requests are routed through our Cloudflare Workers server over HTTPS. The server authenticates each request using an anonymous device token (SHA-256 of your device's vendor identifier — no personal information). API keys for Anthropic, OpenAI, and Google are stored exclusively as server-side secrets and never transmitted to or stored on your device.

My Mini Canvas contains no third-party analytics SDKs, advertising networks, or tracking libraries. We use no cookies, pixels, fingerprinting, or any other tracking mechanism.

We may update this Privacy Policy from time to time. Material changes will be communicated via an in-app notice or by updating the “Last updated” date above. Continued use of the App after any change constitutes acceptance of the updated policy.

GOODTECH HLDGS PTE. LTD.
UEN: 202621535H · Singapore
Privacy enquiries: [email protected]
General: [email protected]