We build trust through transparency, industry-leading encryption, and strict adherence to children’s privacy regulations. Your family’s information never leaves our secure ecosystem.
📅 Last Updated: November 15, 2024Every system, process, and policy is designed with one goal: protecting your family’s digital footprint.
All data in transit and at rest is encrypted using AES-256 and TLS 1.3 protocols. Only authorized systems can decrypt and access your family’s information.
We never sell, rent, or share your personal data with third-party advertisers or data brokers. Your family’s information stays with you and us.
We strictly comply with COPPA and GDPR-K. No tracking, no cookies, and no behavioral profiling on minors. Parental consent is required for all accounts.
Independent third-party security firms conduct quarterly penetration testing and annual SOC 2 Type II compliance reviews to identify and patch vulnerabilities.
Parents can view, export, or permanently delete their family’s data at any time through the dashboard. No hidden processes, no account lockouts.
Set visibility permissions, approve data sharing, and manage access for family members. You control who sees what, and when.
We hold ourselves to the highest standards recognized by global privacy and security authorities.
Verified compliance with the Children’s Online Privacy Protection Act. No data collection under age 13 without verifiable parental consent.
Fully compliant with EU General Data Protection Regulation, including special provisions for children’s data (GDPR-K) and data portability rights.
Annually audited service organization control report covering security, availability, processing integrity, confidentiality, and privacy.
Internationally recognized information security management standard for systematic risk assessment and control implementation.
Clear, straightforward answers to how your information is collected, used, and protected.
Only essential data required for functionality: parent email, child age group, preferred language, and optional profile preferences. No device fingerprinting or cross-site tracking.
Data is stored in geographically restricted, SOC 2 compliant cloud regions. Access is restricted to authorized personnel using multi-factor authentication and role-based permissions.
We retain data only as long as your account is active. Upon account deletion or request, all personal data is permanently erased within 30 days. Backup systems are purged within 90 days.
We only partner with providers that sign Data Processing Agreements (DPAs) matching or exceeding our security standards. Full vendor list available upon request.
We welcome responsible disclosure. If you find a security issue, have a data request, or need assistance, reach out directly.