Privacy Policy

Last updated: April 24, 2026

This Privacy Policy describes how leARn ("we", "us", or "our") collects, uses, and shares information when you use our mobile application ("App"). leARn is designed as a family-friendly educational app for young learners (ages 3-8). We are committed to protecting the privacy of children and complying with applicable laws, including the Children's Online Privacy Protection Act (COPPA), the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy regulations.

1. Information We Collect

1.1 Information Provided by Parents

When a parent or guardian creates an account or manages child profiles, we may collect:

• Parent's email address (for account management and communication)
• Child's first name or nickname (for personalization within the app)
• Child's age or date of birth (to provide age-appropriate content)
• Preferred language settings

The App runs in guest mode by default and does not require account creation. Parental email is collected only after the first successful purchase so that purchase receipts and subscription restoration can be delivered.

1.2 Information Collected Automatically

We automatically collect limited technical information:

• Device category (model family, operating system, and OS version)
• App version and anonymous installation identifier
• Screen dimensions and aspect ratio (for responsive UI)
• System language and preferred locale
• Approximate country, derived from the operating system's regional setting (we do not perform IP-based geolocation lookups)
• Anonymous in-app usage events (e.g., module opened, time spent on a screen, button tapped)
• Crash reports and performance diagnostics

We do not collect advertising identifiers or any information that can personally identify a child. Specifically, we do not collect:

• IDFA (Identifier for Advertisers, iOS)
• IDFV (Identifier for Vendors, iOS) - collection disabled in Analytics
• Advertising ID (Android)
• Android SSAID
• Precise location (GPS, Bluetooth, or Wi-Fi scanning)
• Contacts, photos, or calendar data

1.3 Speech and Voice Data

Our App includes speech recognition features for pronunciation practice. Voice data is processed in real-time by the device's built-in speech recognition services (Apple Speech Framework or Google Speech Services) to provide pronunciation feedback. Raw audio is not stored on our servers. Transcribed text is used only to evaluate the current exercise and is discarded after the session ends.

1.4 Camera and AR Data

The App uses your device's camera solely for Augmented Reality (AR) experiences that overlay educational content onto the real-world view. Camera frames are processed locally on the device and are not transmitted, stored, or shared with our servers or any third party.

2. How We Use Information

We use the collected information to:

• Provide and improve the App's educational features
• Personalize the learning experience based on age and progress
• Manage subscriptions, purchases, and account recovery
• Send important service-related communications to parents (via the email provided)
• Analyze app performance and fix bugs using aggregated, non-identifying metrics
• Comply with legal obligations

We never use children's information for behavioral advertising, interest-based profiling, or marketing to children.

3. Analytics Configuration

We use Google Analytics for Firebase to understand how the App is used in aggregate (for example, which learning modules are popular or where users abandon a tutorial). Our Firebase Analytics integration is configured specifically for Apple's "Made for Kids" category and complies with COPPA:

• Advertising identifier collection is disabled at the build level (IDFA, IDFV, Android Advertising ID, and SSAID are never read)
• Ad personalization signals are disabled (allow_ad_personalization_signals = false)
• Ad storage is disabled (allow_ad_storage = false)
• Ad user data sharing is disabled (allow_ad_user_data = false)
• Google Signals (cross-device tracking for advertising) is disabled at the Google Analytics property level
• Event parameters are limited to non-personal, non-sensitive values (such as screen names and button identifiers)
• Analytics event data retention is set to the minimum permitted value (2 months)

These controls ensure that Firebase Analytics cannot be used to track, profile, or advertise to children.

4. Children's Privacy (COPPA Compliance)

We take children's privacy very seriously. leARn is designed for young learners and complies with COPPA:

• We do not collect personal information from children without verified parental action
• We do not display advertisements to children - the App is completely ad-free
• We do not engage in behavioral or contextual advertising
• We do not allow children to make purchases without a parental gate
• We do not share children's personal information with third parties for marketing purposes
• Parents can review, modify, or delete their child's information at any time

4.1 Parental Gate

Before any purchase, account deletion, or navigation to external websites (other than required legal pages such as this Privacy Policy, the Terms of Use, and the EULA), the App presents a parental gate that requires a user to enter their four-digit birth year. Access is granted only if the verified age is 13 or older. The gate is requested every time - there is no grace period.

5. Data Sharing and Third Parties

We do not sell personal information. Limited data is shared with a small number of service providers strictly for providing the App:

• Apple and Google: Payment processing, subscription management, and app distribution.
• RevenueCat: A subscription management platform that synchronizes purchase state with the App Store and Google Play. Shared data is limited to an anonymous subscriber ID and subscription status.
• Google Analytics for Firebase: Aggregated, anonymized usage data, configured in Kids-compliant mode as described in Section 3.
• Firebase Crashlytics: Crash reports and non-identifying stack traces to diagnose and fix stability issues.
• AI providers (e.g., OpenAI) for story generation: When a user generates a story, we send non-personal prompt data (theme, characters, setting) to the AI provider. No personal information, child name, or user identifier is included in the prompt.
• Legal requirements: We may disclose information when required by law, legal process, or to protect our rights, users, or the public.

6. Data Storage and Security

We implement industry-standard security measures to protect your information:

• Data is encrypted in transit (TLS 1.2+) and at rest
• Access to personal data is restricted to authorized personnel on a need-to-know basis
• Authentication tokens are stored using platform-provided secure storage
• We regularly review and update our security practices
• Learning progress is stored locally on the device and optionally synchronized to secure cloud storage tied to the parent account

7. Data Retention

We retain personal information only for as long as necessary to provide our services. Analytics event data is retained for a maximum of 2 months. When an account is deleted:

• Personal information is permanently deleted from our servers within 30 days
• Anonymized, aggregated data (with no link back to the user) may be retained for service improvement
• Backup copies are purged in the next scheduled backup cycle (no later than 60 days)

8. Account Deletion

You can delete your account and all associated personal data directly from within the App at any time:

1. Open the App and go to Settings.
2. Pass the parental math gate.
3. Tap Delete Account.
4. Enter your four-digit birth year in the adult verification prompt.
5. Confirm deletion in the confirmation dialog.

Upon confirmation, your account, child profiles, learning progress, subscription identifiers, and all server-side personal data are permanently deleted. Local tokens and preferences on the device are cleared, and the App returns to its first-run state.

If you are unable to access the App, you may also request deletion by emailing privacy@learnkids.ai. We will complete the request within 30 days.

9. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of the data we hold about you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (see Section 8 for in-app account deletion)
• Portability: Request your data in a portable format
• Objection: Object to certain processing of your data
• Withdrawal of consent: Withdraw consent previously granted at any time

To exercise these rights, contact us at privacy@learnkids.ai.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including the United States where our cloud providers operate. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws (including Standard Contractual Clauses where required by GDPR).

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and, where appropriate, through in-app notifications or email to the parent account.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: privacy@learnkids.ai
• Support: support@learnkids.ai
• Website: https://learnkids.ai