Skip to content
Lumora
Sign in

Children's Privacy

How we protect children's privacy.

Last updated: May 28, 2026

The short version

  • Parents create everything. Lumora accounts are only for adults (18+). Children do not create accounts, set passwords, or interact with us directly.
  • No ads to children. Ever.We do not show advertising in our product, and we never use children's information for advertising of any kind, anywhere.
  • No AI training on your child.We do not use your child's name, photo, or descriptive details to train our AI models or anyone else's.
  • You can review and delete everything. Any child profile, story, or uploaded photo can be deleted from your dashboard, instantly.
  • We comply with COPPA.If you're in the US and your child is under 13, this page describes exactly how that compliance works.

Who we are

Lumora is operated by figbish (the "Operator" for COPPA purposes). For all children's privacy inquiries, including verifiable parental consent, review of collected data, or requests for deletion, contact us at privacy@lumora.kids or hello@lumora.kids. A real human handles every request, usually within 1 business day.

Our model: parents create everything

Lumora is designed for parents and guardians to use with or for their children. The product flow assumes an adult is at the keyboard:

  • Only adults (18+) may create accounts. This is enforced in our Terms of Service and at signup.
  • Children do not log in. There is no kid-facing login screen, no child account type, no separate kid profile beyond what a parent enters for personalization.
  • When a parent enters their child's name, age, pronouns, or uploads a photo, the parent is providing this information themselves — they have already consented because they are the ones acting.
  • Stories generated for a child are visible only to the parent's account that created them.

What information about a child we collect

When you, the parent, create a child profile or generate a story, you may provide:

  • First name or nickname.Used so the story's hero shares your child's name. We don't need a last name and recommend you don't provide one.
  • Age or age tier. Used to calibrate vocabulary, page count, and themes (toddler vs early reader vs older).
  • Pronouns. So the story refers to your child correctly.
  • Descriptive details. Things like favorite color, hair, eye color, what makes them laugh. Used only to make the story feel personal.
  • An optional photo.Uploaded photos are sent to Anthropic's Claude Haiku vision model for safety moderation (no faces of clearly-distressed children, no inappropriate content), then used by our illustration pipeline to inform descriptive features (e.g., long curly brown hair, freckles, glasses) for the story's artwork. The photo bytes themselves are not embedded into the generated artwork; the AI illustrator never sees the original photo.

We do not collect a child's real address, phone number, school, social media handle, or geolocation. We do not allow children to chat with each other, or with us, through Lumora.

How parental consent works

Under COPPA, an operator must obtain verifiable parental consent before collecting personal information from a child under 13. Because Lumora's entire flow requires an adult account holder to act on the child's behalf, consent is built into the product:

  • You agree to our Terms of Service at signup, which confirms you are 18+ and the parent or guardian of any child whose details you enter.
  • Entering a child's details requires you to be signed into your account. There is no anonymous-with-child-data flow.
  • Uploading a photo of your child requires you to sign in first or claim the anonymous session to your account; the upload completes only after explicit submission by the signed-in adult.

For higher-risk operations (purchases over the COPPA high-risk threshold, sharing of child data with a third party not listed below), we may request additional verifiable consent. We do not currently do any of those things.

Your rights as a parent

At any time, with no penalty or change to your service, you may:

  • Review all information we have about your child. Visit your dashboard or email privacy@lumora.kids for an export.
  • Correct any inaccurate information from your dashboard.
  • Delete a child profile, an uploaded photo, or a generated story — instantly, from your dashboard. The underlying files are removed from our object storage within 30 days.
  • Refuse further collection. Stop using Lumora at any time. Delete your account from /account/data or follow the prompts at /account/delete-confirm. All associated child data is removed.

No advertising to children

We do not show advertising in Lumora. We do not use children's information to build profiles for behavioral advertising. We do not allow third-party ad networks to track visitors on our site. We do not sell, rent, or trade children's information to data brokers, marketers, or anyone else.

No AI training on your child's identity

Generating a personalized story requires sending the child's details to our AI providers (Anthropic for text, Replicate / Black Forest Labs for illustrations). These providers process the request and return the result; the child's details are sent for the purpose of generating that specific story, under provider data-use terms that prohibit using customer prompts for model training.

We do not train our own models on your child's name, photo, or descriptive details. We do not share child information with third parties for the purpose of training their models.

Who processes the data on our behalf

Lumora uses a small set of infrastructure providers, each under contractual obligations that limit how they may use the data:

  • Anthropic— generates the story text. Sees the story prompt (which may include your child's first name, age, pronouns, and descriptive details). Anthropic's commercial terms prohibit training on customer data without consent.
  • Black Forest Labs / Replicate — generates the illustrations. Sees a derived prompt describing the story scene; does not see the original photo upload.
  • Cloudflare — hosts illustrations and runs bot-protection (Turnstile) on our generation endpoints.
  • Neon (Postgres) — stores account, child profile, and story metadata in encrypted form.
  • Clerk — handles parent account login. Never sees child profile data.
  • Stripe — handles billing. Never sees child profile data.
  • Resend — sends transactional emails (receipts, story-ready notifications) to the parent account email only.

See our main Privacy Policy for how we handle all data, and our Cookie Policy for browser-storage details.

Data retention

We keep child profile data and story data only as long as your account remains active, or until you delete it, whichever is shorter. When you delete a child profile or a story, the metadata is removed from our database within 24 hours and the associated illustration files are removed from our object storage within 30 days (the gap is to allow backup-restore in case of accidental deletion).

When you delete your entire account, all associated child profiles, stories, and uploaded photos are removed under the same schedule. Anonymized aggregate analytics (e.g., "a story for a 7-year-old was created today") may be retained but contain no identifying information about your child.

How we protect children's data

  • All connections to Lumora use HTTPS / TLS.
  • Database connections are encrypted in transit. Account passwords are never stored in plaintext (Clerk handles this with industry-standard hashing).
  • Uploaded photos are stored in a private object store; the public URL is a short-lived signed link that expires automatically.
  • Story URLs are random UUIDs. They cannot be enumerated; someone would have to be sent the exact link to view a story.
  • Internal access to data is restricted to the operator and logged.

Reporting concerns or violations

If you believe a child has created an account on Lumora without parental consent, or if you have any concern about how children's data is being handled, please contact us immediately at privacy@lumora.kids. We will investigate and delete the relevant data within 48 hours of confirmation.

If we ever materially change how we handle children's data, we will update this page and notify account holders by email before the change takes effect.

Questions

Write to privacy@lumora.kids or hello@lumora.kids. A real person reads every email.