Privacy Policy

How we handle information at My Dream Monsters.

Last updated: May 5, 2026

My Dream Monsters ("we", "us", "the Service") is operated by Viviscape Solutions and provides a safe, creative space where children can share monster artwork under the supervision of a parent or guardian. This Privacy Policy explains what information we collect, how we use it, and the rights you and your child have over that information.

1. Who can use the Service

Children under 13 may use My Dream Monsters only through an account created and consented to by a parent or legal guardian. Parents register first; child profiles are created and managed from the parent's account.

2. Information we collect

  • From parents: name, email address, hashed password, and payment-related metadata (we do not store card numbers — payment details are handled by Stripe).
  • From child profiles: a display name and (optionally) an avatar character. Children do not need to provide email addresses or real names. Email login is restricted to parents.
  • Artwork: images uploaded by children (with title and optional description), plus thumbs-up reactions on approved artwork.
  • Technical data: standard server logs (IP address, browser type, request timestamps) used for security and debugging.

3. How we use information

  • To run the Service: store and display artwork, process logins, handle moderation, and send transactional emails (verification, password reset, payment receipts, parent-controlled notifications).
  • To keep children safe: every uploaded artwork is reviewed by an admin before it appears in any public gallery.
  • To process payments for upload tokens through Stripe.

We do not sell, rent, or share child data with advertisers. We do not show third-party advertising on the Service.

4. Sharing and visibility

Parents control whether each piece of artwork is private (invite-only) or public. Private artwork is only visible through share links the parent generates and emails to specific recipients. Public artwork appears in the moderated gallery once an admin approves it.

5. Parental rights

Under COPPA and similar laws, parents have the right to:

  • Review the personal information collected from their child.
  • Request deletion of their child's account, profile, and artwork at any time.
  • Refuse further collection or use of their child's information.

To exercise these rights, contact us at privacy@mydreammonsters.com.

6. Data retention

Account and artwork data are retained while the account is active. When a parent deletes a child profile or closes the parent account, associated artwork and personal information are soft-deleted and removed from public view immediately, then purged from production storage within 30 days. Backups are retained for up to 90 days for disaster-recovery purposes.

7. Security

Passwords are stored using BCrypt hashing. Data in transit is encrypted via HTTPS. Artwork files are stored in Azure Blob Storage. We follow standard industry practices to protect against unauthorized access, but no online service is 100% secure.

8. Third-party services

We use a small number of trusted third-party providers to operate the Service:

  • Stripe — payment processing.
  • SendGrid — transactional email delivery.
  • Microsoft Azure — hosting, database, and blob storage.

These providers receive only the information needed to perform their function and are contractually required to protect it.

9. Cookies

We use a single authentication cookie to keep parents and children logged in. We do not use third-party advertising or tracking cookies.

10. Changes to this policy

If we make material changes, we will notify the parent's registered email address and update the "Last updated" date at the top of this page.

11. Contact

Questions or concerns? Email privacy@mydreammonsters.com.