Privacy Policy
Last updated: May 2026 · Plain-English version
The 60-second TL;DR
We collect only what's needed to give you AI baby names, partner-shared voting, voice clones, and bedtime stories in your voice. We never sell your data. You can delete everything in one click from your library page. Voice biometric data has its own Voice Privacy Notice that's stricter than this main policy. Questions: hello@fablely.ai.
1 · Who we are
Fablely is an independent small-team project building AI naming and voice-storytelling tools for new and expecting parents. We're not a venture-backed startup. We're a few parents who got tired of bad baby-naming tools and built something better. Our contact email is hello@fablely.ai; a postal address will be added before our first paid plan launches.
2 · What we collect
Automatically (no signup required)
- Anonymous session ID — a random UUID stored in your browser's localStorage. Lets us tie multiple visits together without knowing who you are.
- Form preferences — gender, cultural traditions, surname, names to avoid, existing kids' names. Stored so we can show you your past generations.
- Generated content — the 10 names per session, ratings, voice clones, stories. Stored so you can come back to them.
- IP address — only for rate-limiting (preventing abuse). Stored hashed in a counter table, not as raw IP, and auto-deleted every 24 hours.
- Cookie-free analytics — we do not use Google Analytics, Facebook Pixel, or any third-party tracker. We track page load counts in Vercel's privacy-respecting built-in analytics (no cookies, no fingerprinting).
If you sign up for an account
- Email address — required for login and Vault unlock notifications.
- Display name — optional, what we call you in emails.
- Due date / baby birthday — optional, only if you provide it.
- OAuth provider data — if you sign in with Google, we get your email and Google profile name. We never see your Google password.
If you record a voice (paid plans only)
See our Voice & Biometric Privacy Notice for the full details on voice data — it's covered separately because biometric data has stricter legal protections (BIPA, CUBI, etc.).
3 · Why we collect it
Plain English: only to make the product work and to communicate with you.
- Naming + theme prefs → generate names that fit your family
- Email → log in, send Vault unlock notifications, password resets
- Voice data → generate stories narrated in your voice (your voice, your stories)
- IP → block bots and abuse (rate limiting)
We do NOT use your data for:
- ❌ Selling, leasing, or trading to third parties
- ❌ Targeted advertising
- ❌ Training AI models for other users' benefit
- ❌ Profiling, scoring, or any algorithmic decision-making about you
4 · Who we share it with
We use exactly these third parties, and only as needed to run the product:
- Anthropic (Claude API): receives the form preferences when generating names; receives baby name + theme when generating stories. Their privacy policy.
- ElevenLabs (voice synthesis): receives voice samples + story text for synthesis. Their privacy policy.
- Supabase (database + storage): hosts your data on US-East AWS. Encrypted at rest. Their privacy policy.
- Vercel (hosting + edge functions): serves the website. Their privacy policy.
- Resend (email): sends Vault unlock notifications + account emails. Their privacy policy.
- Stripe (payments — coming soon): handles credit card processing. Fablely never sees your card number.
That's it. No marketers, no data brokers, no ad networks.
5 · How long we keep it
- Anonymous sessions: up to 12 months from last activity, then auto-purged.
- Account data: until you cancel, plus 90 days grace period.
- Voice clones: see Voice Privacy Notice (12 months from last login OR 7 days from delete request).
- Generated stories: until you delete them, or 90 days post-cancellation.
- Rate-limit counters: 24 hours.
- Backup snapshots: 30 days (encrypted, write-once, for disaster recovery only).
6 · Your rights (GDPR + CCPA + etc.)
Regardless of where you live, you can do all of these:
- Access: see everything we have about you — /library shows your sessions, voices, and stories. For a complete export, email hello@fablely.ai.
- Delete: /library → "Danger zone" → wipes everything in seconds. Or email us.
- Correct: edit your account from settings (coming) or email us.
- Portability: request a JSON export of everything. Free, any time.
- Object/restrict: email us to limit how we use your data.
- Withdraw consent: for voice biometric data, see Voice Privacy Notice.
We respond within 30 days (most requests within 48 hours). No charge.
7 · Children's data
Fablely is built BY parents FOR parents. We do not knowingly collect data from anyone under 18. Our account signup process requires affirming you are 18+ years old. If you believe a minor has created an account without parental consent, email hello@fablely.ai and we'll delete it within 24 hours.
Names and stories you generate for YOUR child are not "data about the child" in any legally meaningful sense — they're stories made by the parent, owned by the parent.
8 · Security
- All traffic is encrypted in transit (TLS 1.3).
- Database is encrypted at rest (AES-256).
- Voice files are stored in a private bucket with signed-URL access (90-day expiry).
- API keys are encrypted at the Vercel environment level.
- Service-role database access is restricted to our serverless functions; no employee has direct production database access.
- We have a 24-hour key rotation procedure documented for accidental leaks.
No system is 100% secure. If we ever discover a breach affecting your data, we'll notify you by email within 72 hours and post a public incident report on this domain.
9 · International users
Fablely operates from the US. Data is stored on US-East AWS via Supabase. By using the product, you consent to your data being processed in the US.
EU/UK users: we rely on the EU-US Data Privacy Framework (Supabase, Vercel, Anthropic, ElevenLabs are all DPF-certified or use Standard Contractual Clauses).
California users: CCPA gives you the same rights as Section 6 above, plus the right to opt out of "sale" of personal info — easy, since we don't sell anyway.
10 · Changes to this policy
If we materially change how we collect or use data, we'll email all active users at least 14 days before the change takes effect and post a banner on the homepage. The "Last updated" date at the top of this page reflects the most recent change.
11 · Contact
All privacy questions: hello@fablely.ai
We respond within 30 days, usually 48 hours.