Chronicle Builder · Ember Ink Studio
Privacy Notice
Last updated: June 26, 2026
This Privacy Notice explains how Ember Ink Studio, trading as Chronicle Builder ("we", "us", or "our"), collects and uses personal data when you use Chronicle Builder (the "Service"). Ember Ink Studio is the data controller of the personal data described here.
1. Personal data we collect
- Account data: email address, password hash, display name, profile preferences, timezone.
- Content data: manuscripts, chapters, characters, world entries, notes, snapshots, and other content you create in the Service.
- AI interaction data: prompts you submit to AI features and the outputs returned to you.
- Usage and telemetry: pages visited, features used, AI credit usage, writing sessions, device and browser type, IP address, and approximate location derived from IP.
- Support data: messages you send to support, including any attachments you provide.
- Billing identifiers: subscription tier, billing status, and Paddle customer/subscription identifiers. Card and bank details are collected and stored directly by Paddle and are not visible to us.
2. How we use personal data
- To provide the Service — create your account, store and sync your content, run AI features you trigger, and apply your plan entitlements. Legal basis: performance of a contract.
- To secure the Service — detect and prevent fraud, abuse, and unauthorized access; enforce usage limits and our Terms. Legal basis: legitimate interests.
- To improve the Service — analyse aggregated usage to fix bugs and improve features. We do not use your manuscript content to train third-party AI models. Legal basis: legitimate interests.
- To communicate with you — send transactional messages (account, security, billing) and respond to support requests. Legal basis: contract / legitimate interests.
- To comply with law — meet tax, accounting, and other legal obligations. Legal basis: legal obligation.
- Marketing — only where you have opted in or where permitted by law; you can opt out at any time. Legal basis: consent / legitimate interests.
3. Who we share personal data with
- Paddle — our Merchant of Record. Paddle handles checkout, payments, subscription management, tax calculation, invoicing, and refunds. Paddle is an independent controller for the personal data it collects in that role. See Paddle's Privacy Notice.
- Hosting and infrastructure providers — cloud hosting, database, file storage, email delivery, and error monitoring providers that process data on our behalf as processors.
- AI providers — when you use an AI feature, the relevant prompt and the context needed to answer it are sent to a third-party model provider on our behalf. Providers are contractually restricted from using your content to train their models.
- Professional advisers — lawyers, accountants, and auditors, where reasonably necessary.
- Authorities — where we are required to disclose by law, court order, or to protect our rights and the safety of users.
- Successors — a buyer or successor in connection with a merger, acquisition, or sale of assets, subject to standard confidentiality protections.
We do not sell your personal data.
4. International transfers
Personal data may be processed outside your country, including in the United States and the European Economic Area. Where required, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or an adequacy decision.
5. Retention
We keep account and content data for as long as your account is active. If you delete your account, we will delete or anonymise associated content within a reasonable period, except where we need to retain limited records for legal, tax, fraud-prevention, or dispute-resolution purposes. Billing records held by Paddle are retained per Paddle's own policy.
6. Your rights
Depending on where you live, you may have the right to:
- access the personal data we hold about you;
- request correction of inaccurate data;
- request deletion of your data;
- restrict or object to certain processing;
- receive a portable copy of data you provided;
- withdraw consent where processing is based on consent;
- lodge a complaint with your local data-protection authority.
To exercise these rights, email support@chroniclebuilder.com. We aim to respond within one month.
7. Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, role separation, and regular review of permissions. No system is perfectly secure; if you believe your account has been compromised, contact us immediately.
8. Cookies and similar technologies
Chronicle Builder uses cookies and local storage that are strictly necessary to keep you signed in, remember your preferences, and operate the Service. We may also use limited analytics cookies to understand aggregate usage. Where required by law, we will ask for your consent before setting non-essential cookies, and you can withdraw consent at any time through your browser settings.
9. Children
Chronicle Builder is not directed to children under 13 (or the equivalent minimum age in your country). We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will delete it.
10. Changes to this notice
We may update this Privacy Notice from time to time. If we make material changes, we will notify you. The "Last updated" date at the top of this page reflects the latest revision.
11. Contact
Ember Ink Studio · Chronicle Builder · support@chroniclebuilder.com
