MyNannyTutor← Back to Home

Children's Privacy Policy

Last updated: 2026-04-10

MyNannyTutor ("we", "us", "our") takes children's privacy very seriously. This Children's Privacy Policy explains how we collect, use, and protect the personal data of children who use our AI tutoring service through accounts created by their parents or legal guardians.

This policy should be read alongside our general Privacy Policy, which covers data practices for all users.

1. Our Commitment to Children's Privacy

  • Children cannot create their own accounts. Only parents or legal guardians can create a child profile.
  • We collect only the minimum data necessary to provide the tutoring service.
  • We never use children's data for advertising or marketing.
  • We never sell or rent children's personal data to third parties.
  • We never contact children directly for marketing purposes.
  • Parents have full visibility and control over their child's data at all times.

2. Parental Consent

We require parental consent before collecting child data. By creating a child profile on MyNannyTutor, you as the parent or legal guardian are providing consent for us to collect and process your child's data as described in this policy.

For users in the United States, we implement verifiable parental consent (VPC) through our payment verification process, in compliance with COPPA. When you create a child profile, the profile enters a 7-day provisional period. During this time, your child can complete an introductory session. To continue using the service, you must purchase a minutes package within 7 days. This payment serves as verifiable parental consent under COPPA. If no purchase is made within 7 days, all provisional child data is automatically and permanently deleted.

You may withdraw your consent at any time by deleting your child's profile or contacting us. Withdrawal of consent will result in deletion of your child's data as described in Section 8 below.

3. What Child Data We Collect

3.1 Profile Information

  • Display name (can be a nickname — real name is not required)
  • Age or grade level
  • Preferred subjects and learning preferences
  • Avatar selection

3.2 Tutoring Session Data

  • Questions asked during sessions and answers provided by the child
  • Time spent per question and per session
  • Hints and guidance provided by Nancy
  • Board interactions (drawings, written answers on the digital board)
  • Session transcripts (text records of the tutoring conversation)

3.3 Voice and Audio Data

  • Nancy speaks to children using AI-generated voice (text-to-speech).
  • Voice sessions are conducted via real-time communication (RTC). The child's voice is processed in real-time for speech-to-text conversion and may be temporarily processed for quality assurance, content safety verification, and service improvement purposes including the development of speech processing and voice interaction systems.
  • Voice audio is not retained in long-term storage beyond the configurable session retention period. Text transcripts derived from voice interactions are retained as part of session data as described in Section 3.2.

3.4 Homework Photos

  • Photos of homework uploaded by the parent or child
  • These are processed using OCR (optical character recognition) and AI analysis to extract questions
  • Photos may contain the child's handwriting, name, or school information visible in the image

3.5 Academic Performance Data

  • Concept mastery scores across subjects and topics
  • Accuracy rates and improvement trends
  • Learning patterns and areas needing additional support
  • Achievement badges earned through the gamification system

4. How We Use Child Data

4.1 Direct Educational Purposes

  • Tutoring: To provide personalised homework help — adapting explanations, hints, difficulty calibration, and pedagogical strategy to the child's demonstrated level and learning profile.
  • Progress tracking: To generate session reports, academic progress dashboards, comparative benchmarks, and learning velocity assessments for parents.
  • Learning adaptation: To identify the child's strengths, weaknesses, concept mastery trajectories, mistake patterns, and areas needing additional practice, enabling the Service to dynamically adjust its instructional approach.
  • Gamification: To award achievement badges, track learning streaks, manage engagement incentives, and provide positive reinforcement within the platform.
  • Teacher reports: If a parent has linked their child to a teacher's class, summary academic data, performance metrics, and progress indicators may be shared with that teacher.

4.2 Service Improvement and Technology Development

In addition to direct educational delivery, child interaction data is used for the following purposes in accordance with the data processing terms described in our Privacy Policy (Sections 3.2 and 3.3):

  • AI and model improvement: Anonymised and de-identified child interaction data — including tutoring session transcripts, question-answer exchanges, pedagogical outcomes, and engagement patterns — may be used to train, fine-tune, validate, and improve the artificial intelligence models, machine learning systems, and automated pedagogical algorithms that power the Service. All training data is anonymised prior to use; no personally identifiable child information is used in model training.
  • Derived educational analytics: We derive anonymised, aggregated statistical insights, educational benchmarks, curriculum analytics, difficulty assessments, and learning pattern analyses from child interaction data. Such derived data does not identify any individual child.
  • Research and publication: Anonymised and aggregated findings derived from child interaction data may be used in internal research, published in educational or academic contexts, or incorporated into commercial educational analytics products. No published or shared data will identify any individual child.

5. What We Do NOT Do With Child Data

  • We never use identifiable child data for advertising or targeted marketing.
  • We never sell, rent, or trade personally identifiable child data to third parties.
  • We never create advertising profiles of children.
  • We never allow children to make their data publicly visible.
  • We never contact children directly via email, SMS, or other channels.
  • We never share individually identifiable child data with third parties for their own independent purposes.

6. Third-Party Processing

To provide the tutoring service, children's data is processed by the following categories of service providers:

  • AI language models (Alibaba Cloud / DashScope): Tutoring conversations and homework question text are sent to AI models for generating educational responses. These providers process data according to their service agreements and do not retain conversation data for their own purposes.
  • Hosting infrastructure: Session data is stored on our secure cloud servers.

All service providers are contractually required to handle children's data with appropriate safeguards and to use it only for the specific purposes we define.

7. Parental Rights and Controls

As a parent or legal guardian, you have the right to:

  • Review all data we hold about your child, including session reports, academic profiles, and learning history.
  • Access session transcripts and progress data through the parent dashboard at any time.
  • Correct any inaccurate information about your child.
  • Delete your child's account and all associated personally identifiable data. Deletion requests are processed with a 24-hour cooling-off period, after which all identifiable child data is permanently and irreversibly deleted. Anonymised, de-identified, and aggregated data derived prior to deletion — including statistical models and machine learning parameters — is retained as described in Section 4.2 and our Privacy Policy.
  • Withdraw consent for data collection at any time, which will result in the deactivation of the child's tutoring access.
  • Download your child's learning data in a portable format upon request.

To exercise any of these rights, use the parent dashboard or contact us at privacy@mynannytutor.com.

8. Data Retention and Deletion

  • Active accounts: Child data is retained for as long as the parent's account is active to enable continuous progress tracking.
  • Account deletion: When a parent deletes a child's profile, all associated data is permanently deleted after a 24-hour cooling-off period. This includes session data, academic profiles, homework photos, and gamification records.
  • Inactive accounts: If a parent's account has been inactive for 12 months (no purchased minutes, no sessions), child data may be deleted after 30 days' notice to the parent by email.
  • Voice data: Real-time voice is never stored. It is processed in-session only and discarded immediately after the session.

9. Safety and Security Measures

  • Child accounts are protected by parent-managed access PINs.
  • Children cannot change their own account settings or privacy preferences.
  • Nancy includes an input safety gate that filters inappropriate content before it reaches the AI model.
  • Session content is monitored for safety — Nancy is designed to stay strictly on-topic (homework) and deflect off-topic or inappropriate requests.
  • All data is encrypted in transit (HTTPS/TLS) and at rest.
  • Access to child data is restricted to the parent account and, if applicable, the linked teacher.

10. Age-Appropriate Design

Our platform is designed with children's best interests in mind:

  • Privacy settings default to the highest protection level.
  • No social features, messaging, or public profiles for children.
  • Gamification is designed for educational motivation, not addictive engagement.
  • No push notifications sent directly to children outside of active sessions.
  • No dark patterns or manipulative design elements in the child interface.

11. International Users

If you and your child are located in the European Union, the United Kingdom, or the United States, the following additional protections apply:

  • EU/UK (GDPR): We process children's data based on parental consent (Article 8). Parents may exercise all GDPR rights on behalf of their children, including the right to erasure, access, and data portability.
  • US (COPPA): We comply with the Children's Online Privacy Protection Act. For children under 13, we use a two-tier consent mechanism:
    • Provisional tier: When a parent creates a child profile, the profile is created in a provisional state. During this 7-day provisional period, the child may complete one introductory tutoring session. Provisional data is stored internally and is not shared with any third parties beyond what is strictly necessary for the introductory session.
    • Verified tier: When the parent purchases a minutes package, the payment transaction serves as verifiable parental consent (VPC). The child profile is upgraded to verified status and the full service becomes available.
    • Automatic deletion: If no purchase is made within 7 days, all provisional child data — including the profile, any session records, and derived analytics — is automatically and permanently deleted.
    Parents may review, delete, or refuse further collection of their child's data at any time.

12. Changes to This Policy

If we make material changes to how we handle children's data, we will notify parents by email and request renewed consent where required. The "Last updated" date at the top indicates when this policy was last revised.

13. Contact Us

For questions about this Children's Privacy Policy or to exercise parental rights: