← Back to home

Privacy Notice

Last updated: 20 May 2026

1. Who we are

Tildi ("Tildi", "we", "us", or "our") is a service operated by Maximillian James Brown. We act as the data controller for the personal data described in this notice. If you have any questions about this notice or your data, contact us through the support channel inside the app.

2. Data we collect

  • Account data: email address, password (hashed), and display name provided during onboarding.
  • Child profile data: the child's first name, age, reading level, and preferences you provide to personalise stories.
  • Usage data: books opened, reading progress, lesson completions, time spent in the app, and feature interactions.
  • Device and technical data: IP address, browser type, device identifiers, and approximate location derived from IP.
  • Support communications: any messages, screenshots, or feedback you send us.

3. How we use your data

  • To create and maintain your account and child profiles.
  • To provide the core reading and learning experience and personalise content.
  • To process subscriptions and purchases through our payment provider.
  • To prevent fraud, abuse, and security incidents.
  • To improve the product through aggregated analytics.
  • To respond to support requests and send service-related communications.

4. Legal basis

We process your data under the following legal bases: performance of our contract with you (providing the service), our legitimate interests (improving and securing the product), your consent (where required, such as for optional analytics or marketing), and compliance with legal obligations.

5. Sharing your data

We share personal data only with the following categories of recipients:

  • Service providers / subprocessors: cloud hosting, database, AI inference, and analytics providers acting on our instructions.
  • Paddle.com Market Limited: our Merchant of Record. Paddle handles checkout, billing, payment processing, sales-tax compliance, invoicing, and refund requests for all purchases.
  • Professional advisers: legal, accounting, and compliance advisers when needed.
  • Authorities: where required by law, court order, or to protect our rights.

We do not sell your personal data.

6. International transfers

Some of our service providers operate outside the UK and EEA. Where data is transferred internationally, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

7. Retention

We keep your data for as long as your account is active. If you delete your account, we delete or anonymise your personal data within a reasonable period, except where we are required to retain certain records (e.g. tax invoices held by Paddle) by law.

8. Your rights

Depending on your location, you may have rights to access, rectify, delete, restrict or object to our processing, port your data, and withdraw consent. You may also lodge a complaint with your local data-protection authority. To exercise any right, contact us via the in-app support channel and we will respond within one month.

9. Security

We use appropriate technical and organisational measures including encryption in transit, access controls, and regular security reviews to protect your data. No system is perfectly secure, but we work hard to keep yours safe.

10. Cookies

We use strictly necessary cookies to keep you signed in and to operate the service. We may use limited analytics cookies to understand usage. You can manage cookies through your browser settings.

11. Children

Tildi is intended for use by parents and guardians on behalf of their children. Accounts must be created by an adult. We collect only the minimum child-profile information needed to personalise the experience.

12. Changes

We may update this notice from time to time. Material changes will be communicated through the app or by email.