Legal
Privacy Policy
Last updated: 7 May 2026
The short version
We collect the minimum information needed to run Branchbound: your account email, what you do inside the app, and payment information when you subscribe. We don't sell your data. We don't run advertising trackers. We don't use your story content to train AI models. We use a small list of named third-party services to deliver the product, listed below. We support your rights to access, correct, or delete your data.
The rest of this page covers the details.
Who we are
Branchbound is operated by M6IX33 Pty. Ltd. ATF JMJ Family Trust, trading as Branchbound Studio (referred to in this policy as "Branchbound", "we", "us", "our"). We are an Australian-registered entity based in Melbourne.
For privacy questions or to exercise the rights described below, contact us at augustine@branchboundstudio.com.
What this policy covers
- The Branchbound website at
branchboundstudio.com(this marketing site). - The Branchbound application at
app.branchboundstudio.com(the reader and Studio). - Any related services we operate under the Branchbound name.
It does not cover third-party websites we link to. When you follow a link off Branchbound, that site's privacy policy governs.
Information we collect
Information you give us
- Account information: email address, display name, and a hashed password when you sign up. Passwords are stored using industry-standard hashing (bcrypt) — we never see them in readable form. Branchbound accounts may only be created by adults aged 18 or older.
- Profile information: avatar (if you upload one) and any preferences you set.
- Story content: any stories, scenes, or notes you create in Studio. This stays private to your account unless you publish it.
- Payment information: when you subscribe, our payment processor (Paddle) collects your card or bank details. Branchbound never sees or stores your full payment details. We receive a confirmation that the subscription is active and a small set of metadata (subscription tier, billing cycle, country for tax purposes).
- Communications: if you email us or fill out a contact form, we keep a record of the conversation.
Information we collect automatically
- Usage data: which pages you visit, which stories you read, which choices you make. Used to improve the product and understand which features are valuable.
- Device data: browser type, operating system, screen size, timezone. Used for compatibility and rendering decisions.
- IP address: captured by our analytics provider for coarse geographic analysis (country/region) and basic abuse detection. The raw IP is not stored long-term — our analytics provider converts it to coarse location at ingest.
- Error and diagnostic data: if Branchbound errors out, we collect a stack trace and the route you were on. Form fields and visible text are masked in any session diagnostics; we capture the structure of what happened, not the content of what you typed.
- Cookies and similar: we use cookies to keep you signed in and remember preferences. We do not use third-party advertising cookies. We are working on a cookie consent banner; in the meantime, you can disable non-essential cookies through your browser settings.
Information we do NOT collect
- We do not buy data about you from data brokers.
- We do not sell or rent your personal information to anyone.
- We do not use your story content to train AI models, except where you explicitly opt in via a feature that says so.
- We do not share story content, account email, or user-created content with advertising platforms — only the standard browsing-behavior data those platforms require for conversion measurement, and only when you've accepted marketing cookies through our consent banner.
How we use your information
- To provide the service: deliver stories, save your progress, sync across devices.
- To bill you: process subscriptions through Paddle, send receipts.
- To communicate with you: send password resets, account notifications, important service announcements. Marketing emails (if any) require your explicit opt-in and you can unsubscribe at any time.
- To improve the product: understand which features people use and where they get stuck.
- To keep the service safe: detect bugs, prevent abuse, investigate fraudulent payments.
- To comply with the law: respond to lawful requests, enforce our Terms of Service, defend our rights.
Lawful basis for processing (GDPR / UK GDPR users)
For users in the European Union, the European Economic Area, or the United Kingdom, we process your personal information under one of the following bases:
- Contract (Article 6(1)(b)): we need certain data — email, payment, usage — to deliver the service you subscribed to.
- Legitimate interest (Article 6(1)(f)): we use error data and product analytics to keep the product working and improve it. We balance this against your rights and only use the minimum needed. You can object to processing on this basis; see Your rights.
- Legal obligation (Article 6(1)(c)): some data we keep because tax, accounting, or consumer protection law requires it.
- Consent (Article 6(1)(a)): for marketing communications and any optional features that involve additional data processing. You can withdraw consent at any time.
Who we share your information with
We share data with the following named sub-processors. Each processes data only as instructed by us.
| Provider | Purpose | Where data is held |
|---|---|---|
| Supabase | Database, authentication, file storage | EU or US (depending on your region) |
| Cloudflare | Web hosting, CDN, off-site backups (R2) | Global edge network |
| Paddle | Payment processing, billing, tax compliance. Paddle is the merchant of record for your subscription. | EU / US |
| Postmark | Transactional email (password resets, receipts, notifications) | US |
| PostHog | Product analytics, session replay, feature flags | US |
| Sentry | Error tracking, debugging | US |
| Anthropic / ElevenLabs | Internal story-production tools used by our team for authored content. No personal data from end users is sent to these providers. | US |
We are in the process of executing formal Data Processing Agreements with each sub-processor. In the meantime, each provider's published Data Processing Addendum and standard terms apply to data processed on our behalf.
We may also share information with law enforcement when legally required (e.g., a valid subpoena or order under the Privacy Act 1988), or with successors if we sell or merge the business. In the latter case we will notify users of the change and give you a chance to delete your account before any transfer.
International transfers
Branchbound is operated from Australia. Our sub-processors are based in the United States, the European Union, and the United Kingdom. By using Branchbound, you understand your data may be processed outside your country of residence. Where required by law, we rely on the standard contractual safeguards offered by each sub-processor in their published Data Processing Addendum.
How long we keep your information
- Account data: as long as your account is active. If you delete your account, we soft-delete and anonymize your profile; identifying data is purged after a 30-day grace period.
- Payment records: retained for 5 years from completion of the relevant transaction (Australian Taxation Office record-keeping requirement).
- Audit logs: retained for 2 years for security and compliance investigations.
- Backups: weekly off-site backups roll over on a tiered retention schedule (30 days of dailies, 6 months of weeklies, 12 months of monthlies). Deleted account data may persist in backups for up to that retention period before being purged on the next backup cycle.
- Aggregated, fully anonymized usage data: retained on an ongoing basis for product improvement. "Fully anonymized" means stripped of all direct and indirect identifiers such that re-identification of an individual is not reasonably possible.
Children's privacy
Branchbound is currently for adult subscribers only. We do not allow direct account creation by anyone under 18, and we do not knowingly collect personal information from anyone under 18.
Family-profile features (where parents could add child profiles to their account under verifiable parental consent) are planned for a future release. This policy will be updated with a full children's-privacy section when those features ship; until then, no child profile functionality exists in Branchbound.
If you believe a minor has created an account by misrepresenting their age, please contact us at augustine@branchboundstudio.com and we will delete the account and any associated data as soon as we become aware.
Your rights
Rights everyone has
- Access: ask for a copy of the personal information we hold about you.
- Correction: ask us to correct anything inaccurate.
- Deletion: ask us to delete your account and personal information. Some data — payment records, audit logs — must be retained for legal reasons; we'll explain what stays and what goes.
- Objection: ask us to stop processing your data for analytics or marketing.
- Portability: ask for an export of your data in a machine-readable JSON format.
Rights specific to GDPR / UK GDPR users
In addition to the above, EU/EEA and UK users have:
- The right to restrict processing in certain circumstances.
- The right to withdraw consent at any time, where we rely on consent.
- The right to lodge a complaint with your local data protection authority. UK users may contact the ICO (ico.org.uk). EU/EEA users may contact their national supervisory authority.
We aim to respond to GDPR/UK GDPR requests within one calendar month, with a possible extension of two further months for complex requests, where we will notify you of the extension within the first month.
Rights specific to the Australian Privacy Act
Australian users have the right to:
- Access the personal information we hold about you.
- Correct inaccurate information.
- Make a complaint about how we handle your information — first to us, then to the Office of the Australian Information Commissioner (OAIC, oaic.gov.au) if unresolved.
We aim to respond to APP 12 access requests within 30 days. We will not charge a fee for making a request.
Verification of requests
To protect your information, we will verify your identity before fulfilling a request to access, correct, delete, or export your data. If you have an active account, we'll typically verify by confirming your control of the account email.
To exercise any of these rights, use the controls in your account settings or email augustine@branchboundstudio.com.
California Consumer Privacy Act (CCPA)
Branchbound does not currently meet the thresholds that make CCPA/CPRA applicable (annual gross revenue over USD 26.6M, processing personal information of 100,000+ California consumers or households, or deriving 50% or more of revenue from selling personal information). If our scale changes such that CCPA applies, we will update this policy and provide California-specific rights at that time.
Security
We take security seriously. Specific measures include:
- TLS encryption for all data in transit.
- Encryption at rest for our database (managed by Supabase).
- Bcrypt password hashing — we never store passwords in readable form.
- Row-level security policies that scope data access to its owner.
- Audit logging of changes to user-data tables.
- Daily off-site backups with tiered retention.
- Internal review of any direct database access; production changes ship through versioned migrations.
No internet-connected service is 100% secure, and we don't claim to be. If we learn of a security incident that affects your personal information, we will notify you and the relevant authority within the legally required timeframes — for Australian users, this means notifying the OAIC and affected individuals as soon as practicable after we determine an eligible data breach has occurred under the Notifiable Data Breaches scheme. For EU/UK users, we will notify the relevant supervisory authority within 72 hours where required.
Cookies and similar technologies
We use a small number of cookies and similar technologies:
- Essential cookies: keep you signed in and remember your preferences. These cannot be disabled — without them, the service does not work.
- Analytics cookies: set by PostHog so we can understand product usage. We are working on a consent banner that will gate these for new visitors. In the meantime, you can decline them by configuring your browser to block third-party cookies.
- Marketing cookies: may include cookies set by advertising platforms such as Meta Pixel, Google Ads, or similar partners on our marketing site, used to measure which marketing channels bring people to Branchbound. These are gated behind your consent banner — declining them does not affect your access to the service. We do not share story content or other user-created content with these platforms.
We do not participate in cross-context behavioural advertising beyond the standard conversion and attribution measurement described above.
Automated decision-making
Branchbound does not make automated decisions about you that produce legal or similarly significant effects. The story engine evaluates your choices to determine the next scene, but this is the operation of the product you've chosen to use, not a decision made about you in any legal sense. We do not use AI or automated systems to determine subscription pricing, account suspension, content access, or any other consequential decision.
Changes to this policy
We may update this policy from time to time. When we make a material change, we will:
- Update the "Last updated" date at the top of this page.
- For substantive changes (new categories of data, new sub-processors, expanded uses), email registered users at least 14 days before the change takes effect.
How to contact us
For questions, concerns, or to exercise any right described above:
Email: augustine@branchboundstudio.com
Postal: 17 Bayswater Road, Croydon VIC 3136, Australia
If you are not satisfied with our response, you may also contact:
- The Office of the Australian Information Commissioner at oaic.gov.au (Australian users).
- The Information Commissioner's Office at ico.org.uk (UK users).
- Your national data protection authority (EU/EEA users).