1. Overview
MomTeach ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy describes:
- What personal information we collect
- How we use and protect that information
- Your rights regarding your data
- Our compliance with GDPR, COPPA, and other privacy laws
π Our Privacy Promise
- β
We NEVER sell your data
- β
We NEVER show ads to children
- β
We NEVER share voice or photo data with third parties
- β
We use bank-level encryption (AES-256)
- β
You control your data - delete it anytime
2. Information We Collect
2.1 Information You Provide
Account Information
- Full name - For account identification
- Email address - For login and communications
- Password - Encrypted and never stored in plain text
- Phone number (optional) - For account recovery
Payment Information
- Billing address
- Payment method (credit card, processed by secure payment processors)
- Transaction history
Note: Credit card numbers are NOT stored on our servers. We use PCI-DSS compliant payment processors.
Voice & Avatar Data
- Voice recordings - 30-second samples for AI voice cloning
- Photos - For avatar creation (face only)
- Family member names - For avatar identification (e.g., "Mom," "Grandma")
Educational Content (BYOB)
- Uploaded textbooks/materials (PDF, ePub format)
- Custom curriculum content
Child Information (With Parental Consent)
- Child's first name (not full name)
- Age or grade level (P1-P6)
- Learning progress data
- Quiz results and scores
- Lesson completion rates
We do NOT collect: Child's full name, email, phone, address, photos, or any personal identifiers beyond first name.
2.2 Information Collected Automatically
Usage Data
- Pages visited and features used
- Time spent on the platform
- Lessons accessed and completed
- Device information (type, OS, browser)
- IP address and approximate location (country/city)
Technical Data
- Browser type and version
- Device identifiers
- Screen resolution
- Language preferences
- Time zone
Cookies & Tracking Technologies
We use cookies to remember your preferences and improve user experience. See our Cookie Policy for details.
3. How We Use Your Information
3.1 Primary Uses
Service Delivery
- Create and manage your account
- Process voice recordings to generate AI voice clones
- Generate avatars from your photos
- Deliver personalized lessons
- Track learning progress
- Provide customer support
Billing & Payment
- Process subscription payments
- Send billing receipts and invoices
- Manage refunds and disputes
- Prevent fraud
Communication
- Send account notifications
- Provide customer support
- Send service updates and announcements
- Send marketing emails (with your consent - you can opt out)
3.2 Secondary Uses
Service Improvement
- Analyze usage patterns to improve features
- Conduct research and development
- Improve AI models (using anonymized data only)
- Test new features
Legal & Safety
- Comply with legal obligations
- Enforce our Terms of Service
- Prevent fraud and abuse
- Protect user safety and security
3.3 What We DON'T Do
β We NEVER:
- Sell your personal data to third parties
- Share voice recordings or photos with anyone
- Use your data for unrelated purposes
- Show targeted ads to children
- Track children across other websites
- Share children's data with advertisers
4. Information Sharing
4.1 We Share Information With:
Service Providers (Limited Access)
- Cloud Hosting: AWS (data storage, servers)
- Payment Processing: Stripe/PayPal (billing only)
- Email Service: SendGrid/Mailchimp (account emails)
- Analytics: Google Analytics (anonymized usage data)
- Customer Support: Zendesk/Intercom (support tickets)
All service providers sign Data Processing Agreements (DPAs) and are GDPR-compliant.
Legal Requirements
We may disclose information if required by law:
- Court orders or subpoenas
- Law enforcement requests
- Protection of our legal rights
- Prevention of fraud or safety threats
Business Transfers
If MomTeach is acquired or merged, your information may be transferred to the new entity. We will notify you and ensure continued privacy protection.
4.2 We DON'T Share With:
- β Advertisers or marketing companies
- β Data brokers
- β Social media platforms
- β Third-party analytics for tracking children
- β Any entity for purposes unrelated to our Service
5. Data Security
5.1 Technical Security Measures
π Encryption
- Data at Rest: AES-256 encryption
- Data in Transit: TLS 1.3 (HTTPS)
- Voice/Photo Data: End-to-end encrypted
π‘οΈ Infrastructure
- AWS secure cloud hosting
- Regular security audits
- Intrusion detection systems
- Automated backups (encrypted)
π Access Control
- Multi-factor authentication (MFA)
- Role-based access for employees
- Least privilege principle
- Access logging and monitoring
π₯ Employee Training
- Annual privacy training
- Confidentiality agreements
- Limited data access
- Background checks
5.2 Your Responsibility
You can help protect your account by:
- Using a strong, unique password
- Enabling two-factor authentication (2FA)
- Not sharing your login credentials
- Logging out on shared devices
- Reporting suspicious activity immediately
5.3 Breach Notification
In the unlikely event of a data breach:
- We will notify affected users within 72 hours
- We will notify relevant authorities as required by law
- We will provide details and recommended actions
- We will offer credit monitoring if sensitive data is compromised
6. Data Retention
6.1 How Long We Keep Your Data
| Data Type |
Retention Period |
Reason |
| Account Information |
While account is active |
Service delivery |
| Voice Recordings |
Active subscription + 30 days |
AI model, user choice |
| Photos (Avatars) |
Active subscription + 30 days |
Avatar generation, user choice |
| Learning Progress |
Active subscription + 90 days |
User access to history |
| Billing Records |
7 years |
Legal/tax requirements |
| Usage Analytics |
12 months (anonymized) |
Service improvement |
| Support Tickets |
3 years |
Quality assurance |
6.2 Deletion Process
Upon account deletion:
- Immediate: Account access revoked
- 30 days: Voice & photo data deleted
- 90 days: Learning progress data deleted
- Retained: Billing records (legal requirement)
6.3 Right to Deletion
You can request immediate deletion of your data at any time (except where legal retention is required). See "Your Rights" section below.
7. Your Rights
7.1 Access & Control
You have the right to:
π Access
Request a copy of all your personal data
βοΈ Rectify
Correct inaccurate or incomplete data
ποΈ Delete
Request deletion of your data ("right to be forgotten")
βΈοΈ Restrict
Limit how we process your data
π€ Port
Export your data in a machine-readable format
π« Object
Object to certain data processing activities
π Withdraw
Withdraw consent at any time
π§ Opt-Out
Unsubscribe from marketing emails
7.2 How to Exercise Your Rights
To exercise any of these rights:
- Email us: [email protected]
- Account Settings: Manage data in your account dashboard
- Support Chat: Contact customer support
We will respond within 30 days (GDPR requires response within 1 month).
8. GDPR Rights (EU Users)
8.1 Legal Basis for Processing
We process your data under the following legal bases:
- Contract: To provide the Service you subscribed to
- Consent: For marketing communications and voice cloning
- Legitimate Interest: For service improvement and fraud prevention
- Legal Obligation: For tax and legal compliance
8.2 Data Protection Officer
Our Data Protection Officer (DPO) oversees GDPR compliance:
Email: [email protected]
8.3 EU Data Storage
EU users' data is stored on AWS servers located in the EU (Frankfurt region) to comply with GDPR data localization requirements.
8.4 Right to Lodge a Complaint
If you believe we have violated your privacy rights, you can lodge a complaint with your local supervisory authority:
- Ireland: Data Protection Commission (DPC)
- UK: Information Commissioner's Office (ICO)
- Germany: Federal Commissioner for Data Protection (BfDI)
8.5 Automated Decision-Making
We use AI for:
- Voice cloning (with your consent)
- Avatar generation (with your consent)
- Lesson personalization (based on learning progress)
You have the right to opt-out of automated decision-making and request human review.
9. Children's Privacy (COPPA Compliance)
9.1 COPPA Certification
MomTeach is certified COPPA-compliant by [Certification Body]. We strictly adhere to the Children's Online Privacy Protection Act (COPPA) requirements.
9.2 Parental Consent
We require verifiable parental consent before collecting any information from children under 13. By creating an account, parents consent to:
- Collection of child's first name and grade level
- Tracking of learning progress
- Storage of lesson completion data
9.3 What We Collect from Children
We ONLY collect:
- First name (not full name)
- Age or grade level (P1-P6)
- Learning progress (quiz scores, lesson completion)
We NEVER collect from children:
- β Full name
- β Email address
- β Phone number
- β Physical address
- β Photos or videos
- β Social media profiles
- β Biometric data
- β Location data beyond country
9.4 How We Use Children's Data
Children's data is used ONLY for:
- Delivering personalized lessons
- Tracking learning progress
- Showing progress to parents/guardians
9.5 No Advertising to Children
π‘οΈ Zero Ads Promise
- β
We NEVER show ads to children
- β
We NEVER track children for behavioral advertising
- β
We NEVER share children's data with advertisers
- β
We NEVER allow third-party tracking of children
9.6 Parental Rights Under COPPA
Parents have the right to:
- Review all data collected from their child
- Request deletion of their child's data
- Refuse further collection of their child's data
- Receive notice of changes to our practices
Contact: [email protected]
9.7 Age Verification
We use age verification mechanisms to ensure only adults (18+) can create accounts and manage children's profiles.
10. Cookies & Tracking
10.1 Types of Cookies We Use
| Cookie Type |
Purpose |
Duration |
| Essential |
Login, security, session management |
Session |
| Functional |
Remember preferences, language |
1 year |
| Analytics |
Understand usage (Google Analytics) |
2 years |
| Marketing |
Track campaign effectiveness |
90 days |
10.2 Cookie Control
You can manage cookies through:
- Cookie Banner: Accept/reject on first visit
- Account Settings: Manage preferences anytime
- Browser Settings: Block or delete cookies
10.3 Third-Party Cookies
We use limited third-party cookies for:
- Google Analytics (anonymized usage tracking)
- Payment processing (Stripe/PayPal)
Note: No third-party cookies are used to track children.
For full details, see our Cookie Policy.
11. International Data Transfers
11.1 Data Storage Locations
- EU Users: Data stored in AWS Frankfurt (Germany)
- US Users: Data stored in AWS US East (Virginia)
- Asia Users: Data stored in AWS Singapore
11.2 Transfer Safeguards
When data is transferred internationally, we use:
- EU Standard Contractual Clauses (SCCs)
- Adequacy decisions by EU Commission
- Privacy Shield Framework (US companies)
- Encryption during transfer (TLS 1.3)
11.3 Cross-Border Processing
We may process your data in countries outside your residence. We ensure adequate protection through legal frameworks and contractual agreements.
12. Policy Changes
12.1 Notification of Changes
We may update this Privacy Policy to reflect:
- Changes in our practices
- New legal requirements
- Service improvements
12.2 How We Notify You
For material changes, we will:
- Send email notification 30 days in advance
- Display prominent notice on the platform
- Request consent for significant changes
12.3 Version History
Previous versions available at: [email protected]