# VerseLab Privacy Policy Last updated: 2026-01-09 ## Overview This Privacy Policy explains what information VerseLab ("we", "our", or "us") collects, how we use it, and your choices. VerseLab is a user‑generated content (UGC) app for creating and sharing poetry, participating in slams, and interacting with the community. Plain‑language summary for parents and guardians: VerseLab collects only the data needed to run the service, offers additional protections for users under 18 through our Enhanced Safety Policy, and provides simple ways to request data access or deletion. We do not sell personal data. ## Age Signals and Parental Notice - At sign‑up, we ask for your birthdate to determine age‑appropriate settings under our Age Signals framework. - Disclaimer: Your birthdate is used for age verification and safety settings only. It will not be displayed publicly on your profile. - If you are under 18, Enhanced Safety defaults apply. These include stricter privacy and messaging limits, and, where required by law, limited or non‑personalized advertising. Where verification is needed, we may offer platform‑level verification options (e.g., Apple/Google account age signals). We do not require government IDs. ## Information we collect - Account data: email address, username, display name, and password (stored as a hash). - Profile data: bio, avatar, and preferences (notifications, content filters, safety settings). - Content you create: poems, images, videos, comments, likes, messages, clubs and slams participation, and related metadata (timestamps, visibility settings). - Device and app data: app version, device model, crash diagnostics, coarse app analytics, and limited usage events needed to provide features (e.g., notifications, safety rate‑limits). - Approximate location (if you grant permission) to support basic regional experiences; precise location is not required. ## How we use your information - Provide and improve core features (feeds, creation tools, messaging, slams, discovery). - Operate authentication, account management, and safety controls (e.g., rate limits, block lists, Enhanced Safety guards). - Send push or email notifications you opt into and operational messages (e.g., policy or security notices). - Moderate content, detect abuse, and protect safety; enforce our EULA/Community Guidelines and Child Safety Standards. - Personalize ranking and discovery where permitted by your settings and applicable law. - Comply with legal obligations and respond to lawful requests. ## Minors and Enhanced Safety If you are under 18, we apply additional protections by default: - Privacy guards: If Enhanced Safety is turned on, you cannot broaden certain privacy settings (e.g., a friends‑only poem cannot be changed to public) until you turn Enhanced Safety off or you become an adult, subject to local law. - Messaging limits: We may restrict who can DM you, impose rate limits, or require mutual connections to reduce unwanted contact. - Discovery limits: We may limit public discovery surfaces for minors (e.g., rankings, recommendations) and apply stricter visibility filters. - Advertising: Where ad experiences are present, we limit or disable personalized ads for minors as required by applicable laws (e.g., COPPA‑like and youth privacy laws). We do not knowingly allow behavioral profiling of minors for advertising. - Data minimization: We collect and retain less data for minors where feasible, consistent with product operation and legal obligations. ## Third‑party services we use We rely on reputable providers to operate VerseLab. These processors handle data subject to their own privacy policies: - Supabase (auth, database, storage, realtime): stores account profiles, posts, and app data. - Firebase Cloud Messaging (FCM) and Apple Push Notification service (APNs): deliver push notifications. - Google AdMob (mobile) and Google AdSense (web): serve advertisements where enabled; minors receive contextual or limited ads as required by law. - Wikipedia (content source): we may fetch public articles for Education cards; your device requests the article when opened. - Biometric APIs (Face ID/Touch ID or Android Biometrics): optional, used locally to accelerate sign‑in. Biometric data never leaves the device. ## Cookies and similar technologies On web, we may use cookies or local storage to maintain your session and preferences. Ad services may set their own cookies under their policies. You can control cookies via your browser settings. ## Data sharing and disclosures - Service providers: we share data with processors only as needed to operate VerseLab under contracts that limit their use to our instructions. - Legal compliance and safety: we may disclose information to comply with law, protect rights and safety, prevent fraud/abuse, and maintain service integrity. - Business transfers: if we undergo a merger, acquisition, or asset sale, your information may be transferred as permitted by law. - We do not sell your personal data. ## User‑generated content visibility Content you publish (e.g., poems, slams, comments) may be visible to the public or to your followers/friends depending on your settings and age‑related protections. Messages are visible only to participants. Avoid posting sensitive personal information in public content. ## Advertising and tracking choices Where ads are enabled, AdMob/AdSense may use device identifiers and other signals to deliver and measure ads. On iOS and Android you can use platform settings to limit ad tracking. In‑app controls let you adjust push/email preferences. For minors, we restrict personalized advertising as described above. ## Data retention We retain your account data while your account is active. If you request deletion, we begin irreversible deletion of account‑level data within 30 days and delete backups within 90 days where feasible. Some records (e.g., safety/audit logs, fraud prevention) may be retained as required by law. Public content you published may be deleted or anonymized depending on technical and community considerations. ## Your rights and choices - Delete: You can delete your account from Account Settings. This removes your profile and personal data as described above. - Export: Request a copy of your data by using Account Settings → Export My Data (which opens an email to support@verselabapp.com) or by emailing us directly. - Correction: Update profile fields in Edit Profile; contact us for other corrections. - Objections and restrictions: Where applicable law provides, you may object to or restrict certain processing. ## Security We use industry‑standard safeguards including HTTPS in transit, access controls, and defense‑in‑depth monitoring. No method of transmission or storage is 100% secure; we continuously improve our protections and limit access to personal data. ## International transfers Your information may be processed and stored outside your country. We use appropriate safeguards and contractual commitments with our processors to protect your data. ## Changes to this policy We may update this Privacy Policy from time to time. We will post the updated policy in‑app and update the “Last updated” date. Material changes may be communicated via in‑app notice or email. ## Contact us Questions or privacy requests? Email support@verselabapp.com.