Privacy Policy

1. Introduction

This Privacy Policy describes how Pennpaper ("Company," "we," "us," or "our") collects, uses, shares, and protects information about users of our AI-powered educational tutoring platform ("Service"). This policy applies to all users, including students, parents, guardians, educators, and administrators.

By accessing or using Pennpaper, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you are a parent or guardian consenting on behalf of a child, you represent that you have the legal authority to do so.

2. Definitions

• "Personal Information" means any information that identifies, relates to, describes, or could reasonably be linked to an individual.
• "Child" or "Children" means individuals under the age of 13 in the United States, or under the applicable age of consent in other jurisdictions.
• "Educational Records" means records directly related to a student's educational progress, performance, and learning activities.
• "Session Data" means real-time data generated during tutoring sessions, including voice interactions, canvas drawings, and AI-generated content.
• "AI Systems" means our artificial intelligence technologies, including but not limited to natural language processing, voice synthesis, and adaptive learning algorithms.

3. Information We Collect

3.1 Information Provided Directly

• Account Information: Name, email address, username, and password (for parents/guardians)
• Student Profile: Student's first name or nickname, grade level, and learning preferences
• Payment Information: Processed securely through third-party payment processors; we do not store complete payment card numbers
• Communications: Feedback, support requests, and correspondence with us

3.2 Information Collected Automatically

• Session Data: Voice recordings during tutoring sessions, canvas drawings and written work, AI tutor interactions and responses, learning progress and assessment data
• Usage Data: Session duration and frequency, features accessed, learning path progression, performance metrics
• Device Information: Browser type and version, operating system, device identifiers, screen resolution
• Technical Data: IP address (anonymized for children), connection quality metrics, error logs for troubleshooting

3.3 Information from Third Parties

• Educational Institutions: Student roster data, class assignments (when integrated with schools)
• Authentication Providers: Basic profile information when using single sign-on

4. How We Use Information

4.1 Primary Purposes

• Providing personalized AI tutoring services
• Adapting learning content to student skill levels
• Generating progress reports for parents and educators
• Improving educational outcomes through data-driven insights
• Operating, maintaining, and enhancing the Service

4.2 AI Training and Improvement

We may use anonymized and aggregated data to improve our AI systems. We will never use identifiable student data to train AI models without explicit parental consent. Any data used for AI improvement is stripped of all personal identifiers and cannot be traced back to individual students.

4.3 We Do NOT Use Information For

• Behavioral advertising or marketing to children
• Selling personal information to third parties
• Creating profiles for non-educational purposes
• Discriminatory decision-making

5. Voice and Audio Data

Our Service uses voice interaction technology. Here's how we handle audio data:

• Real-time Processing: Voice is processed in real-time to enable natural conversation with the AI tutor
• Temporary Storage: Voice data is temporarily processed during sessions and is not permanently stored unless required for essential service functionality
• No Biometric Collection: We do not create or store voice prints or other biometric identifiers
• Transcription: Voice interactions may be transcribed for session records, which are subject to the same protections as other educational records

6. Children's Privacy (COPPA Compliance)

6.1 Parental Consent

We require verifiable parental consent before collecting personal information from children under 13. Parents may:

• Review their child's personal information
• Request deletion of their child's information
• Refuse further collection of their child's information
• Withdraw consent at any time

6.2 Limited Collection

We collect only the minimum information necessary to provide educational services to children. We do not condition a child's participation on disclosure of more personal information than is reasonably necessary.

6.3 School Authorization

When Pennpaper is used in a school setting, the school may act as the agent of parents for purposes of consent under COPPA. Schools must have appropriate authority from parents to consent on their behalf.

7. Data Sharing and Disclosure

7.1 We Share Information With

• Service Providers: Vendors who assist in providing our Service (e.g., cloud hosting, payment processing), bound by contractual obligations to protect data
• Educational Institutions: Schools and educators authorized to access student progress data
• Parents/Guardians: Full access to their child's educational data

7.2 We Do NOT Share Information For

• Advertising purposes
• Data brokerage
• Any purpose unrelated to educational services

7.3 Legal Requirements

We may disclose information when required by law, court order, or governmental authority, or when necessary to protect the rights, property, or safety of our users or others.

8. Data Security

We implement comprehensive security measures including:

• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Infrastructure Security: SOC 2 Type II compliant hosting partners
• Regular Audits: Periodic security assessments and penetration testing
• Incident Response: Documented procedures for data breach notification
• Employee Training: All staff receive privacy and security training

While we implement industry-standard security measures, no system is completely secure. We will notify affected users and relevant authorities in case of a data breach as required by applicable law.

9. Data Retention

• Active Accounts: We retain data while the account is active and for a reasonable period thereafter
• Educational Records: Retained for the duration specified by applicable educational record retention laws
• Session Recordings: Temporary session data is deleted within 30 days unless needed for essential service functionality
• Account Deletion: Upon request, we delete personal information within 30 days, except as required by law

10. Your Rights

10.1 All Users

• Access your personal information
• Correct inaccurate information
• Request deletion of your information
• Export your data in a portable format
• Opt out of non-essential data collection

10.2 California Residents (CCPA/CPRA)

• Right to know what personal information is collected, used, and disclosed
• Right to delete personal information
• Right to opt-out of sale or sharing of personal information (Note: We do not sell personal information)
• Right to non-discrimination for exercising privacy rights
• Right to correct inaccurate personal information
• Right to limit use of sensitive personal information

10.3 European Users (GDPR)

• Right to access, rectification, erasure, and data portability
• Right to restrict processing and object to processing
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

11. International Data Transfers

Our Service is operated from the United States. If you are located outside the United States, please be aware that information you provide may be transferred to, stored, and processed in the United States. We use Standard Contractual Clauses and other lawful transfer mechanisms to ensure adequate protection for international data transfers.

12. Third-Party Services

Our Service integrates with third-party services for functionality:

• LiveKit: Real-time communication infrastructure
• Beyond Presence: Avatar rendering technology
• Anthropic: AI language model provider
• OpenAI: AI language model and voice synthesis services

Each third-party service has its own privacy policy. We ensure that our data processing agreements with these providers meet or exceed our privacy standards.

13. Cookies and Tracking

We use essential cookies for:

• Session management and authentication
• Preferences and settings
• Security features

We do not use tracking cookies for advertising purposes on accounts used by children. You can control cookies through your browser settings.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by:

• Posting the updated policy with a new "Last Updated" date
• Sending email notification for significant changes
• Requiring renewed consent where legally required

Continued use of the Service after changes constitutes acceptance of the updated policy, except where consent is required.

15. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

We will respond to all privacy inquiries within 30 days, or sooner as required by applicable law.

16. Accessibility

This Privacy Policy is available in accessible formats upon request. Please contact us if you need this policy in an alternative format.