Privacy Policy — BabyBinge

Last updated: March 2026

1. Introduction

BabyBinge GmbH ("BabyBinge", "we", "us") is committed to protecting the privacy of children and families. This Privacy Policy explains what data we collect, how we use it, how we store it, and your rights under the General Data Protection Regulation (GDPR), the Children's Online Privacy Protection Act (COPPA), and other applicable laws.

BabyBinge is the data controller. Our registered address is in Frankfurt am Main, Germany.

2. Data We Collect

We collect only the minimum data necessary to provide the Service:

Account information: email address (from Google/Apple sign-in), display name, country (optional)
Child profiles: first name, age group (0–2, 2–4, or 4–5)
Avatar preferences: text-based prompts describing desired avatar appearance
Episode data: prompts, generation settings, watch history, ratings
Usage data: feature interactions, session duration, screen views
Device information: OS version, device model, app version (for crash reports and compatibility)
TV pairing data: When connecting a TV device, a temporary 6-digit pairing code, device type (Android TV / Fire TV), and an optional device name chosen by the parent
Subscription data: plan type, billing status (payment details are handled entirely by Apple/Google/Stripe/Razorpay)

3. Data We Never Collect

Photographs of children or any person
Biometric data of any kind (face geometry, fingerprints, voice prints)
Precise location data (GPS coordinates)
Microphone or camera input
Contact lists, call logs, or social media accounts
Advertising identifiers or cross-app tracking data

4. How We Use Your Data

To generate personalised cartoon episodes for your children
To create and render 3D avatars from text descriptions
To improve content quality based on ratings and watch patterns
To provide customer support when you contact us
To send notifications about new episodes, features, and account activity
To comply with legal obligations (e.g. COPPA consent records)
To detect and prevent abuse of our safety systems

5. Legal Basis for Processing (GDPR Art. 6)

Consent (Art. 6(1)(a)): processing of child data, avatar generation, optional analytics
Contract performance (Art. 6(1)(b)): account management, subscription billing, episode delivery
Legitimate interest (Art. 6(1)(f)): fraud prevention, service improvement, crash reporting
Legal obligation (Art. 6(1)(c)): tax records, COPPA compliance records

6. Data Storage & Security

All data is stored in the European Union, specifically in the AWS eu-central-1 region (Frankfurt, Germany).

Security measures include:

Encryption in transit using TLS 1.3
Encryption at rest using AES-256
Role-based access control with principle of least privilege
Regular security audits and penetration testing
Automated vulnerability scanning

7. Data Processors

We use the following third-party data processors:

Processor	Purpose
Amazon Web Services (AWS)	Cloud hosting and storage (EU region)
Firebase (Google)	Authentication and crash reporting
Stripe	Payment processing (EU/international)
Razorpay	Payment processing (India)
Apple / Google	In-app purchase processing
Hetzner	GPU rendering infrastructure (EU)
xAI (Grok Aurora)	Avatar image generation
RunPod	GPU infrastructure for AI rendering workloads
Lightricks (LTX-2.3)	Video generation. Self-hosted on RunPod. No personal data sent to Lightricks. LTX-2 Community License.
Real-ESRGAN	Video upscaling. Self-hosted. BSD-3-Clause.
ElevenLabs	One-time creation of character voice reference recordings by admin team. No end-user data processed. No per-episode API calls.
Fish Audio	One-time child voice profile creation by admin team. No end-user data.
Qwen3-TTS (Alibaba Qwen team)	Voice and speech generation. Self-hosted on RunPod. No personal data sent to Alibaba. Apache 2.0 license.
Anthropic (Claude, Haiku)	Content moderation, safety filtering, and translation

Each processor operates under a Data Processing Agreement (DPA) that meets GDPR requirements. No child data is transferred outside the EU except where necessary for authentication (Firebase) under Standard Contractual Clauses.

Self-hosted AI services: In addition to third-party processors, BabyBinge operates self-hosted AI models on our own infrastructure for video generation, upscaling, voice synthesis, and music composition. The self-hosted models are: LTX-2.3 (primary video generation), Qwen3-TTS (voice and speech generation), Wan 2.1 (fallback video generation), and Real-ESRGAN (video upscaling). Lip synchronisation uses geometric computation, not an AI model. These services run entirely within our EU data centres and no personal data leaves our infrastructure during AI processing. Self-hosted models are not third-party processors and are covered by BabyBinge's own data protection obligations as data controller.

Episode audio: Episode audio consists of character voices (Qwen3-TTS, self-hosted), sound effects (royalty-free, Freesound.org, CC0), ambient backgrounds (royalty-free, CC0), background music (owned by BabyBinge), and lip synchronisation (geometric computation, not AI). All audio mixing uses open-source FFmpeg on our own servers.

TV App: BabyBinge is available on Android TV and Amazon Fire TV as a read-only viewing app. The TV app is paired with the parent's phone using a temporary 6-digit code displayed on the TV screen. The parent enters this code in the BabyBinge phone app to approve the connection and select which child profile the TV displays. Pairing codes expire after 10 minutes and cannot be reused. After pairing, the TV receives a Firebase authentication session that allows it to access the family's episode library. The TV app does not collect any additional personal data beyond the device type and optional device name. Parents can disconnect TV devices at any time.

8. Children's Privacy (COPPA Compliance)

BabyBinge is designed for children under 13. We comply with COPPA worldwide, regardless of the user's location.

We obtain verifiable parental consent before collecting any data related to a child
Parents can review all data collected about their child at any time
Parents can request deletion of their child's data at any time
We do not condition a child's participation on disclosing more data than is reasonably necessary
Consent records are stored in an immutable ledger

9. Your Rights (GDPR)

Under the GDPR, you have the right to:

Access: request a copy of all data we hold about you and your children
Rectification: correct any inaccurate data
Erasure: request deletion of all your data ("right to be forgotten")
Data portability: receive your data in a machine-readable format
Restriction: request that we limit processing of your data
Objection: object to processing based on legitimate interest
Withdraw consent: withdraw any consent at any time without affecting prior processing

To exercise any of these rights, visit Settings → Privacy & Data in the app, or contact anirban@babybinge.app.

We will respond to all data subject requests within 30 days.

10. Data Retention

Active accounts: data is retained while your account is active
Deleted accounts: all personal data is permanently removed within 30 days of deletion, including episodes, avatars, ratings, and watch history
Account closure: data is retained for a maximum of 5 years after account closure for legal compliance, then permanently deleted
Consent records: retained for the duration required by applicable law (typically 5 years after last activity)
Anonymised analytics: may be retained indefinitely as they contain no personal data

11. Cookies & Tracking

The BabyBinge mobile app does not use cookies. We do not engage in cross-app tracking, behavioural advertising, or sale of personal data.

The BabyBinge website (babybinge.app) uses only essential cookies required for authentication and session management.

12. Contact & Complaints

Data Protection Officer: anirban@babybinge.app
General Support: anirban@babybinge.app

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. Our lead supervisory authority is the Hessian Data Protection Commissioner (Der Hessische Beauftragte für Datenschutz und Informationsfreiheit).