Privacy Policy

1. Who We Are

MathMigo is operated by MathMigo LLC, a California limited liability company. We provide math practice worksheets and AI-powered grading for children ages 3-12.

Contact: [email protected]

2. What We Collect

Parent Account Information: Email address (via Sign in with Apple or email/password), name (optional), and account preferences. We do not store passwords when you use Sign in with Apple.

Student Profiles: First name, date of birth (to determine appropriate curriculum level), and current skill level. Students do not create their own accounts.

Worksheet Submissions: Photos of completed worksheets that you upload for grading, along with grading results, scores, streaks, and learning progress data.

Payment Information: Subscription status and transaction history. Payment card details are processed directly by our payment providers (RevenueCat/Apple/Stripe) and are never stored on our servers.

Device & Usage Data: Device type, operating system version, app version, IP address (truncated for analytics), and general usage patterns. We use PostHog for analytics with session replay disabled.

Support Communications: Messages you send to our support team and related correspondence.

3. How We Use Your Information

Providing the Service: Generating age-appropriate worksheets, grading submitted photos using AI, tracking learning progress, and managing your subscription.

AI Grading: Worksheet photos are sent to Anthropic (Claude) for AI-powered grading. The AI analyzes the handwritten answers to provide scores and feedback. Photos are processed in real-time and are not retained by Anthropic for training purposes.

Service Improvement: We may use anonymized, aggregated data to improve our curriculum, grading accuracy, and user experience. We do not use identifiable student data to train AI models.

Communications: Sending account notifications, subscription reminders, and responding to support requests. We do not send marketing emails to children.

Legal Compliance: Meeting our legal obligations, resolving disputes, and enforcing our agreements.

We do not sell your personal information. We do not use your data for behavioral advertising.

4. Who We Share With

We share data only with service providers who need it to help us operate MathMigo:

Supabase (database hosting, authentication, file storage) - stores account data and worksheet images in the United States.

Anthropic (AI grading) - processes worksheet photos to grade answers. Photos are sent via API and not retained for model training.

RevenueCat (subscription management) - manages subscription status and integrates with Apple App Store billing.

Apple (payments, authentication) - processes App Store payments and Sign in with Apple.

PostHog (analytics) - receives anonymized usage data to help us understand how the app is used. No personal student information is sent to PostHog.

Sentry (error tracking) - receives technical error reports to help us fix bugs. Error reports do not include personal student data.

We may also disclose information: (1) if required by law, subpoena, or court order; (2) to protect our rights, safety, or property; (3) in connection with a merger, acquisition, or sale of assets (you would be notified via email before your data is transferred).

5. Children's Privacy (COPPA Compliance)

MathMigo is designed for children ages 3-12, and we take children's privacy seriously. We comply with the Children's Online Privacy Protection Act (COPPA).

Parental Consent: Only parents or legal guardians can create MathMigo accounts. By creating an account and adding a student profile, you consent to our collection of limited information about your child as described in this policy.

What We Collect From Children: First name (for personalization), date of birth (for curriculum level), skill assessments, worksheet photos, and learning progress. This is the minimum data needed to provide personalized math practice.

No Direct Collection: Children cannot create accounts, enter personal information, or contact us directly through the app. All interactions are mediated through parent accounts.

No Advertising: We do not display third-party advertisements to children. We do not engage in behavioral advertising or build marketing profiles about children.

No Social Features: MathMigo does not include social features, chat, forums, or any way for children to communicate with others.

Parental Rights: You may review your child's personal information, request corrections, or request deletion at any time by emailing [email protected]. You may also delete student profiles directly in the app.

Data Minimization: Worksheet photos are used solely for grading and progress tracking. We retain only the grading results and scores; original photos can be deleted from your account at any time.

If we learn we have collected personal information from a child without parental consent, we will delete it promptly. Contact [email protected] if you believe this has occurred.

6. Data Storage & Security

Location: Your data is stored in the United States on servers operated by Supabase (AWS infrastructure).

Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

Authentication: We support Sign in with Apple, which means we never see or store your Apple ID password. For email/password accounts, passwords are securely hashed using industry-standard algorithms.

Access Controls: Our team access to user data is limited to what is necessary for support and operations. We maintain audit logs of data access.

Infrastructure Security: Our hosting provider (Supabase) maintains SOC 2 Type II compliance and undergoes regular security audits.

No system is 100% secure. We use industry-standard protections and promptly address any security issues. If we experience a data breach affecting your information, we will notify you as required by law.

7. Data Retention & Deletion

Active Accounts: We retain your data while your account is active to provide the service and maintain learning progress history.

Account Deletion: When you delete your account, we delete your personal data within 30 days. Backup copies are purged within 90 days.

Student Profile Deletion: When you delete a student profile, that student's data (name, progress, worksheet submissions) is deleted within 30 days.

Financial Records: We retain transaction records for 7 years as required by tax and accounting regulations. This includes subscription history but not payment card details.

Anonymized Data: We may retain anonymized, aggregated data indefinitely for analytics and service improvement. This data cannot be used to identify you or your children.

To delete your data: Use the account deletion feature in app settings, delete individual student profiles in the app, or email [email protected].

8. Your Privacy Rights (California Residents)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know: You can request details about what personal information we collect, use, and share.

Right to Delete: You can request deletion of your personal information, subject to certain exceptions.

Right to Correct: You can request correction of inaccurate personal information.

Right to Opt-Out of Sale/Sharing: We do not sell personal information or share it for cross-context behavioral advertising, so there is nothing to opt out of.

Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, email [email protected] with "California Privacy Request" in the subject line. We will verify your identity and respond within 45 days.

Categories of information we collect: Identifiers (name, email), commercial information (subscription history), internet activity (usage analytics), and education information (learning progress). We collect this information directly from you and automatically through the app.

9. Your Choices

Account Information: You can update your account information in the app settings.

Student Profiles: You can edit or delete student profiles at any time.

Analytics Opt-Out: You can opt out of analytics data collection in the app settings. This will stop usage data from being sent to PostHog.

Email Communications: You can unsubscribe from non-essential emails using the link in any email. You will still receive important account notifications (billing issues, security alerts, terms updates).

Push Notifications: You can manage push notification preferences in your device settings.

Data Export: You can request an export of your data by emailing [email protected]. We will provide your data in a commonly used format within 30 days.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email at least 30 days before the changes take effect.

Minor changes (clarifications, formatting) may be made without notice. The "Last Updated" date at the top of this policy indicates when it was last revised.

Your continued use of MathMigo after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]

MathMigo LLC

California, United States

We aim to respond to all privacy inquiries within 30 days.