Meta Author
Privacy & Security

Privacy Policy

We respect your privacy and are committed to protecting your personal information and creative work. Learn how we handle your data.

Effective Date: January 20, 2025

Last Updated: January 20, 2025

Our Privacy Commitment

Your creative work belongs to you. We collect only what's necessary to provide our service and never sell your personal information or creative content.

1. Introduction

Meta Author ("we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and share information when you use our story creation platform.

2. Information We Collect

Account Information

  • • Email address
  • • Username and profile
  • • Authentication credentials

Content Data

  • • Stories and manuscripts
  • • Characters and world-building
  • • Project files and notes

Usage Information

  • • Writing session data
  • • Feature usage patterns
  • • Device and browser info

Technical Data

  • • Log files and error reports
  • • Performance analytics
  • • Cloud sync information

3. How We Use Your Information and Legal Basis

GDPR Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

Contract Performance (Art. 6(1)(b))

  • • Provide and maintain the Meta Author service
  • • Sync your content across devices
  • • Process your writing projects and data

Legitimate Interest (Art. 6(1)(f))

  • • Improve our features and user experience
  • • Ensure security and prevent abuse
  • • Analyze usage patterns for service optimization

Consent (Art. 6(1)(a))

  • • Marketing communications (where applicable)
  • • Optional analytics and tracking
  • • Beta testing feedback collection

Legal Obligation (Art. 6(1)(c))

  • • Comply with applicable laws
  • • Respond to legal requests
  • • Maintain required business records

4. Data Storage and Security

Security Measures

  • • Encrypted data transmission (HTTPS/TLS)
  • • Secure cloud infrastructure
  • • Regular security audits and monitoring
  • • Access controls and staff training

Beta Considerations

During beta, security measures are continuously being improved. We cannot guarantee complete data preservation during system updates. Users are encouraged to maintain local backups of important work.

5. Data Sharing and Disclosure

We do not sell your personal information.

We may share data only in these limited circumstances:

Service Providers

  • Cloud hosting and infrastructure providers
  • Analytics and performance monitoring services
  • Customer support and communication tools

Legal Requirements

  • When required by law or legal process
  • To protect our rights or prevent illegal activity
  • In case of business transfer or acquisition

6. Your Rights and Choices (GDPR Articles 15-22)

Data Subject Rights Under GDPR

If you are located in the EU/EEA, you have the following rights regarding your personal data:

Right of Access (Art. 15)

  • • Request a copy of your personal data
  • • Information about how we process your data
  • • Details about data sharing and retention

Right to Rectification (Art. 16)

  • • Correct inaccurate personal data
  • • Complete incomplete data
  • • Update outdated information

Right to Erasure (Art. 17)

  • • Request deletion of your personal data
  • • "Right to be forgotten" in certain circumstances
  • • Subject to legal retention requirements

Right to Restrict Processing (Art. 18)

  • • Limit how we process your data
  • • Suspend processing in certain cases
  • • Maintain data without active processing

Right to Data Portability (Art. 20)

  • • Export your data in machine-readable format
  • • Transfer data to another service provider
  • • Receive data in structured, commonly used format

Right to Object (Art. 21)

  • • Object to processing based on legitimate interest
  • • Opt out of direct marketing
  • • Object to automated decision-making

How to Exercise Your Rights

  • • Email us at: privacy@metaauthor.com
  • • Response time: Within 30 days of verified request
  • • Identity verification may be required
  • • No fee for reasonable requests (excessive requests may incur charges)
  • • Right to lodge complaint with supervisory authority

7. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your login session
  • Remember your preferences and settings
  • Analyze usage patterns and improve performance
  • Provide personalized features

You can control cookie settings through your browser preferences.

8. Third-Party Services

Meta Author may integrate with third-party services:

  • Cloud storage providers for sync functionality
  • Analytics services for usage insights
  • Authentication providers for secure login

Each third-party service has its own privacy policy governing their data practices.

9. Children's Privacy

Meta Author is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information promptly.

10. International Data Transfers

Cross-Border Data Processing

Your personal data may be transferred to and processed in countries outside your jurisdiction, including the United States.

EU/EEA Data Transfers

  • • Standard Contractual Clauses (SCCs)
  • • Adequacy decisions where applicable
  • • Additional safeguards for high-risk transfers
  • • Regular assessment of transfer mechanisms

Transfer Safeguards

  • • Encryption in transit and at rest
  • • Contractual data protection obligations
  • • Regular security assessments
  • • Data minimization principles

11. Data Retention and Deletion

Retention Principles

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy and comply with legal obligations.

Active Account Data

  • • Account information: Duration of account
  • • User content: Duration of account + 30 days
  • • Usage analytics: 24 months maximum
  • • Support communications: 3 years

Post-Deletion Retention

  • • Financial records: 7 years (legal requirement)
  • • Security logs: 12 months
  • • Legal compliance data: As required by law
  • • Backup systems: Up to 90 days

Automated Deletion Process

  • Inactive accounts (no login for 2+ years) receive deletion notice
  • 30-day grace period before automated deletion
  • User content permanently deleted within 30 days of account closure
  • Anonymized analytics data may be retained for service improvement

12. Data Breach Notification

Our Commitment to Data Security

In the unlikely event of a data breach affecting your personal information, we are committed to transparent and timely notification.

Notification Timeline

  • • Supervisory authorities: Within 72 hours
  • • Affected users: Without undue delay
  • • High-risk breaches: Immediate notification
  • • Public disclosure: As legally required

Notification Content

  • • Nature and scope of the breach
  • • Types of data potentially affected
  • • Steps taken to address the breach
  • • Recommended actions for users

13. Beta Privacy Considerations

During the beta period:

  • • Privacy practices may evolve as we improve the service
  • • Additional data may be collected for testing and improvement purposes
  • • We may implement new privacy features and protections
  • • Users will be notified of significant privacy policy changes
  • • Enhanced monitoring for security vulnerabilities during development

14. Changes to This Policy

Policy Update Notification

We will provide at least 30 days' advance notice for material changes to this Privacy Policy.

We will notify you of material changes through:

  • Email notifications to your registered address
  • Prominent notices within the Meta Author interface
  • Updates posted on our website
  • For significant changes affecting your rights: explicit consent request

15. Contact Us

Data Protection Officer

Email: privacy@metaauthor.com

Response Time: Within 30 days

For GDPR Requests: Include "GDPR Request" in subject line

Mailing Address

Meta Author Privacy Team

[Company Address]

[City, State, ZIP Code]

[Country]

Supervisory Authority Contact

EU/EEA residents have the right to lodge a complaint with their local data protection authority. You can find contact information for EU data protection authorities at: https://edpb.europa.eu

16. Compliance and Certifications

Regulatory Compliance

  • • GDPR (General Data Protection Regulation)
  • • CCPA (California Consumer Privacy Act)
  • • PIPEDA (Personal Information Protection and Electronic Documents Act)
  • • Other applicable regional privacy laws

Security Standards

  • • SOC 2 Type II compliance (planned)
  • • ISO 27001 security framework
  • • Regular third-party security audits
  • • Industry best practices implementation

We are committed to maintaining the highest standards of data protection and regularly review our practices to ensure ongoing compliance as we expand our services globally.