Skip to content

Privacy Policy

Last Updated: April 11, 2026

Summary of Key Points

  • We collect only the data necessary to provide our storytelling service
  • Your CV and career data are used solely to generate personalized stories
  • We use Anthropic Claude AI for intelligent content generation
  • Your data is encrypted and securely stored
  • You have full control over your data and can request deletion anytime
  • We comply with GDPR and international privacy standards
  • We never sell your personal data to third parties

StoryLenses ("we," "our," or "us"), operated by narrative.digital UG (haftungsbeschränkt), Weinbergsweg 24, 10119 Berlin, Germany, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our application storytelling service.

By using StoryLenses, you agree to the collection and use of information in accordance with this policy.

The data controller responsible for your personal data is narrative.digital UG (haftungsbeschränkt), represented by Daniel Hernandez Garcia. For data protection inquiries, please contact us at privacy@storylenses.app.

1. Information We Collect

Account Information

  • Email address (used for authentication via magic link)
  • Account credentials and session data

Profile Data

  • Personal information (name, contact details, location)
  • Professional experience and work history
  • Education background
  • Skills and certifications
  • Languages spoken
  • Professional summary
  • CV/Resume content (when uploaded)

Story Content

  • Job descriptions and company information you provide
  • Career stories and narratives you create
  • STAR framework responses (Situation, Task, Action, Result)
  • Draft and published stories
  • Saved anecdotes and achievements

Usage Data

  • Device information and browser type
  • IP address and location data
  • Usage patterns and feature interactions
  • Analytics data via Google Analytics and Microsoft Clarity

Payment Information

Payment processing is handled securely by Stripe. We do not store your credit card information. Stripe may collect and process payment details according to their privacy policy.

2. How We Use Your Information

We use the information we collect to:

  • Provide and maintain our service
  • Generate AI-powered career stories and narratives
  • Analyze job descriptions and match them to your profile
  • Parse and extract information from uploaded CVs/resumes
  • Improve and personalize your experience
  • Send transactional emails (authentication, notifications)
  • Process payments and manage subscriptions
  • Analyze usage patterns to improve our service
  • Comply with legal obligations
  • Prevent fraud and abuse

3. Legal Basis for Processing

We process your personal data on the following legal bases under GDPR Article 6:

Contract Performance (Art. 6(1)(b) GDPR)

Processing necessary to provide our service to you, including account creation, story generation, CV parsing, and payment processing.

Consent (Art. 6(1)(a) GDPR)

Where you have given explicit consent, such as for marketing communications, analytics cookies (Google Analytics, Microsoft Clarity), and session replay.

Legitimate Interests (Art. 6(1)(f) GDPR)

Processing necessary for our legitimate interests, including service improvement, fraud prevention, security monitoring, and error tracking, provided these interests are not overridden by your rights.

Legal Obligation (Art. 6(1)(c) GDPR)

Processing necessary to comply with legal obligations, such as tax and accounting requirements.

4. AI Processing and Third-Party Services

Anthropic Claude AI

We use Anthropic's Claude AI API to:

  • Analyze job descriptions and extract key information
  • Generate professional career narratives and stories
  • Process and understand your career data

Your data sent to Claude AI is processed according to Anthropic's privacy policy and data processing agreements.

Other Third-Party Services

  • VercelHosting and deployment platform
  • NeonPostgreSQL database for data storage
  • ResendEmail delivery service for authentication
  • StripePayment processing
  • Google AnalyticsUsage analytics
  • Microsoft ClarityUser behavior analytics
  • LangfuseLLM observability and quality monitoring
  • SentryError tracking and performance monitoring

5. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Data is stored securely in encrypted PostgreSQL databases (Neon)
  • Authentication uses secure magic link tokens via NextAuth.js
  • All data transmission uses HTTPS/TLS encryption
  • Access to user data is restricted to authorized personnel only
  • Regular security audits and updates

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you services. You may request deletion of your data at any time by contacting us.

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

7. Your Rights (GDPR Compliance)

If you are in the European Economic Area (EEA), you have certain data protection rights:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Request transfer of your data
  • Object to processing of your data
  • Request restriction of processing
  • Withdraw consent at any time

To exercise these rights, please contact us at privacy@storylenses.app

You also have the right to lodge a complaint with a data protection supervisory authority. The competent supervisory authority for narrative.digital UG is the Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Friedrichstr. 219, 10969 Berlin, Germany.

8. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Maintain your session and authentication state
  • Remember your preferences (language, settings)
  • Analyze usage patterns via Google Analytics and Microsoft Clarity
  • Improve service performance and user experience

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features.

9. Children's Privacy

StoryLenses is not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws, including GDPR.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@storylenses.app

Privacy Policy - StoryLenses | StoryLenses