Privacy Policy
Last updated: February 2026
1. Data Controller
My Little Journeys is responsible for processing personal data collected via the website mylittlejourneys.com.
Contact: Array
2. Data Collected
We only collect data necessary to provide our services:
First name, last name, email address — collected when creating an account or placing an order.
Complete postal address — required for shipping the printed book.
Transmitted to our AI provider (Segmind) to generate illustrations. Used exclusively for book personalization and deleted after generation.
Processed exclusively by Stripe. My Little Journeys does not store any banking data on its servers.
3. Processing Purposes
- Creation and personalization of the illustrated book
- Order and billing management
- Shipping and delivery tracking
- Sending transactional emails related to your order
- Customer support and dispute management
- Service improvement
4. Legal Basis
The processing of your data is based on:
- Contract execution: processing necessary for fulfilling your order
- Legal obligation: retention of accounting and tax data
- Legitimate interest: service improvement and fraud prevention
- Consent: for optional marketing communications
5. Data Sharing
Your data may be transmitted to the following partners, strictly within the scope of our services:
Receives the child's photo to generate illustrations. Photo deleted after processing.
Processes payments securely. PCI DSS compliant.
Used for sending transactional emails (order confirmation, notifications).
Your delivery address is transmitted to our logistics partner for shipping.
No data is sold to third parties or used for advertising purposes.
6. Retention Period
- Account data: retained for the duration of your account + 3 years
- Order data: 10 years (accounting and tax obligations)
- Child's photo: deleted after book generation (a few hours)
- Payment data: not stored on our servers
- Connection logs: 1 year maximum
7. Your Rights
In accordance with GDPR, you have the following rights over your personal data:
- Right of access: obtain a copy of your data
- Right to rectification: correct inaccurate data
- Right to erasure: request deletion of your data ("right to be forgotten")
- Right to data portability: receive your data in a structured format
- Right to object: object to certain processing
- Right to restriction: restrict processing of your data
8. Cookies
This site only uses technical cookies necessary for its operation:
- Session cookie: maintains your connection during the visit
- CSRF cookie: protection against Cross-Site Request Forgery attacks
No advertising, third-party tracking or behavioral analysis cookies are used without your explicit consent.
9. Security
My Little Journeys implements appropriate technical and organizational measures to protect your data against unauthorized access, loss or destruction:
- Encrypted HTTPS connection (TLS)
- Hashed passwords (bcrypt)
- Data access limited to authorized personnel
- Access monitoring and security event logging
10. Changes
My Little Journeys reserves the right to modify this privacy policy at any time. The current version is the one published on this page with its update date. In case of substantial changes, we will inform you by email.