Your data, handled with care.

To make your book and run our business, we collect:

• Account info: name, email, and (if you sign up with email/password) a one-way bcrypt hash of your password. We never see or store your plain-text password.
• Hero info: the child's first name, age, gender, and the photos you upload. Used to generate your book.
• Order details: shipping address, the book you ordered, payment status (we don't store card numbers — that goes through Stripe).
• Usage analytics: page views and product events via PostHog. Helps us see what's working and what's broken. No selling, no ads.

Photos you upload are used only to generate your hero portrait, train a hero-specific AI model, and render the book you ordered. They're stored encrypted at rest in Cloudflare R2 (S3-compatible object storage). We don't sell them, share them with advertisers, or use them to train models for other customers.

You can delete the uploaded photos for any hero from your account page at any time. Photos auto-expire after 90 days unless you place an order, in which case we keep them long enough to re-print if needed.

We use a small set of vendors to run the Service. They each see only what they need to:

• Stripe — payment processing. Sees your name, email, and card.
• Replicate — runs the AI image-generation models. Sees your uploaded photos and our prompts.
• Anthropic — extracts hero traits (eye color, hair, etc.) from your photo for the illustration prompt.
• Cloudflare R2 — encrypted file storage for photos and rendered pages.
• Lulu — print and ship the physical book. Sees your shipping address and the printable PDF.
• Resend — transactional email (order ready, shipped, etc.). Sees your email address.
• PostHog — anonymized product analytics.
• Google — only if you sign in with Google; receives the standard OAuth scopes (email, profile).

We use a single first-party session cookie to keep you signed in and a CSRF cookie to protect form submissions. We don't use third-party advertising cookies.

You can, at any time:

• Delete uploaded photos for any hero on the account page.
• Request a copy of your data by emailing us.
• Request full account deletion by emailing us — we'll remove all photos, hero data, and account info, keeping only the minimum needed for tax/legal records on past orders.
• Opt out of non-essential analytics in your account.

Email hello@createmyherobook.com and we'll get back to you within 7 days.

CreateMyHeroBook is intended for use by adults purchasing books for children. We do not knowingly collect personal information directly from children. The hero photos and information you upload are about your child, but the account, order, and communications are with you as the adult.

We use HTTPS everywhere, encrypted storage at rest, hashed passwords, and access controls so only authorized systems can read your data. No system is perfectly secure — if we ever discover a breach affecting your account, we'll notify you promptly.

Our servers are in the United States. If you're using the Service from outside the US, you consent to your data being transferred to and processed in the US.

If we make material changes, we'll email you and post a notice on the site at least 14 days before they take effect.

Questions or requests? Email hello@createmyherobook.com, or write to: CreateMyHeroBook LLC, Florida, USA.