TrueTale Privacy Policy

1. INTRODUCTION

This Privacy Policy explains how Andrea Giulio Cerasoni, trading as TrueTale ("we", "us", or "our"), collects, uses, and protects your personal data when you use our website and services at truetale.app.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR).

2. DATA CONTROLLER

The data controller responsible for your personal data is Andrea Giulio Cerasoni (trading as TrueTale), Lytchett House, 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FA.

3. INFORMATION WE COLLECT

3.1 Information You Provide

When you purchase a Founding Membership, we collect:

• Full name
• Email address
• Payment information (processed securely by Stripe - we never see your card details)

3.2 Analytics Data

We use PostHog for website analytics. Depending on your cookie preferences:

If you accept analytics cookies:

• Browser type and version
• Device type (mobile/desktop)
• Pages visited and time spent
• User interactions (clicks, scroll depth)
• Conversion funnel progression
• Technical performance metrics
• Session information across visits

If you decline analytics cookies:

• We still collect the same types of data listed above
• However, it's collected in "cookieless mode" - no data persists between sessions
• Each visit is treated as a new anonymous session

3.3 Essential Cookies

We use essential cookies that are necessary for the website to function:

• Theme preference (remembers your light/dark mode choice)
• Cookie consent choice (remembers your privacy preferences)

4. HOW WE USE YOUR INFORMATION

4.1 Personal Data (Name, Email)

We use your personal data to:

• Process your Founding Member purchase
• Provide Founding Member benefits
• Send product development updates
• Grant beta access when available
• Enable feature voting
• Respond to your inquiries

4.2 Analytics Data

We use analytics data to:

• Understand how visitors use our website
• Improve user experience
• Identify technical issues
• Measure conversion rates
• Make data-driven improvements

All analytics data is anonymous and never linked to your personal information.

5. COOKIES AND SIMILAR TECHNOLOGIES

5.1 What Are Cookies and Local Storage?

Cookies are small text files stored on your device when you visit our website. Local storage is a similar technology that allows websites to store information in your browser, which can persist between visits.

5.2 How We Use Cookies and Local Storage

Essential Cookies (Always Active)

• Theme settings (light/dark mode)
• Cookie consent preferences
• These are necessary for the website to function and remember your choices

Analytics Cookies & Storage (Your Choice)

• PostHog analytics cookies (ph_ cookies)
• Stripe browser storage for fraud prevention (__stripe_mid, __stripe_sid)
  • These are stored in your browser's local storage, not as traditional cookies
• Only set if you accept analytics cookies via our cookie banner

5.3 Your Cookie Choices

When you first visit our website, you'll see a cookie banner where you can:

• Accept All: Enables analytics cookies and Stripe's fraud prevention storage
• Essential Only: Disables analytics cookies and non-essential storage; we use cookieless tracking instead

You can change your preferences at any time by clearing your browser cookies and local storage, then revisiting our site.

5.4 Cookieless Analytics

If you choose "Essential Only", we use PostHog's cookieless mode which:

• Does not store any cookies on your device
• Does not track you across sessions
• Treats each visit as a new anonymous session
• Still helps us understand general usage patterns

6. LEGAL BASIS FOR PROCESSING

We process your personal data based on:

• Contract: To fulfill our Founding Member agreement with you
• Legitimate Interests: To operate and improve our business (analytics data)
• Consent: For analytics cookies, local storage, and marketing communications
• Legal Obligation: To comply with applicable laws

7. DATA SHARING AND THIRD PARTIES

We share your data only with trusted service providers:

7.1 Service Providers

• Stripe: Payment processing (see Stripe's Privacy Policy)
  • We never see or store your payment card details
  • Stripe uses browser local storage for fraud prevention
• ConvertKit: Email communications (see ConvertKit's Privacy Policy)
  • Used for product updates and newsletters
• PostHog: Website analytics (see PostHog's Privacy Policy)
  • Analytics data is anonymous
  • Cookies only set with your consent

7.2 Legal Requirements

We may disclose your data if required by law or to protect our rights, safety, or property.

We never sell, rent, or trade your personal data.

8. DATA RETENTION

We retain your data as follows:

• Founding Member data: As long as you maintain your membership
• Financial records: 6 years after transaction (UK legal requirement)
• Email list: Until you unsubscribe
• Analytics data: Anonymous data may be retained for up to 2 years

9. YOUR RIGHTS

Under UK GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Restriction: Limit how we process your personal data
• Portability: Receive your data in a machine-readable format
• Object: Opt-out of certain processing activities
• Withdraw Consent: For consent-based processing (e.g., analytics cookies, marketing emails)

To exercise these rights, contact us at support@truetale.app. We will respond within 30 days.

10. DATA SECURITY

We protect your personal data through:

• Secure HTTPS encryption on our website
• Secure payment processing via Stripe (PCI-DSS compliant)
• Regular security reviews
• Limited access to personal data (founder only)
• Secure password policies

While we implement industry-standard security measures, no internet transmission is 100% secure.

11. INTERNATIONAL TRANSFERS

Your data may be processed in countries outside the UK:

• United States: Stripe and ConvertKit operate under appropriate safeguards
• EU: PostHog data is processed in EU data centers

We ensure appropriate safeguards are in place for all international transfers in compliance with UK GDPR.

12. CHILDREN'S PRIVACY

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will delete the data immediately.

13. MARKETING COMMUNICATIONS

If you're a Founding Member, we may send you:

• Product development updates
• Beta access invitations
• Feature voting requests
• TrueTale news and announcements

You can opt-out at any time by:

• Clicking "unsubscribe" in any email
• Emailing support@truetale.app

Opting out of marketing doesn't affect your Founding Member benefits.

14. CHANGES TO THIS POLICY

We may update this Privacy Policy occasionally. When we make material changes:

• We'll update the "Last Updated" date
• We'll notify Founding Members via email
• We'll post a notice on our website

Continued use of our services after changes constitutes acceptance.

15. COMPLAINTS

If you have concerns about how we handle your personal data:

• Contact us first: support@truetale.app - we'll try to resolve it directly
• Escalate to the ICO: You have the right to lodge a complaint with the Information Commissioner's Office

16. CONTACT US

For any questions about this Privacy Policy or your personal data, please contact:

We aim to respond to all privacy inquiries within 48 hours.