Learning Parenting

Privacy

How we handle your family’s data

Plain-English summary first, lawyer-friendly detail below. The short version: we keep what you put in, we don’t sell it, and you can take it back or delete it whenever you want.

Last updated: 10 May 2026

Who runs Learning Parenting

Learning Parenting is operated by TechnoOptics. We’re the data controller for everything you do inside the app. If you have a privacy question or want to invoke a data-subject right, write to privacy@learningparenting.com.

What we collect

  • Account basics. Your name, email, and the identity-provider id we receive from Google, Apple, or Microsoft when you sign in. We do not see your identity-provider password.
  • Family content. The lessons, notes, photos, calendar events, recommendations, and other parenting artefacts you create inside the app.
  • Children’s profiles. First names or nicknames, ages, and anything you choose to add. We treat these with extra care — see the section below.
  • Usage signals. Standard server logs (IP, user agent, request path) and anonymous product analytics so we can see which features are actually helping. We do not run third-party advertising trackers.
  • Billing data. If you subscribe, our payment processor (Stripe) holds your card details. We see only the last four digits and the renewal status.

How we use it

  • To deliver the features you asked for — that’s the whole product.
  • To keep the service safe (abuse detection, rate limits, fraud checks on billing).
  • To send you essential service email — receipts, security alerts, account changes.
  • To improve the product through aggregated, de-identified analytics.
  • To meet our legal obligations (tax records, lawful requests).

We do not sell your data, rent it, share it with advertisers, or use it to train third-party AI models.

Children’s privacy

Learning Parenting is built for parents. Children do not create their own accounts. The content you record about a child sits inside your account and is governed by the same rules as the rest of your family data. You can edit or delete a child profile at any time from Settings → Family, and that deletion cascades through everything tied to that profile.

Where applicable, we comply with COPPA (US), the UK Age-Appropriate Design Code, and the GDPR’s special-category provisions for data about minors.

Who we share with

A short list of vendors that run pieces of the service on our behalf. Each one has a data-processing agreement with us and is contractually barred from using your data for anything else.

  • Vercel — hosts the web application and edge functions.
  • Supabase — database, authentication, and file storage.
  • Stripe — payment processing for paid plans.
  • Identity providers (Google, Apple, Microsoft) — only when you choose them as your sign-in method.
  • Email delivery — for receipts, security alerts, and account email.

We’ll notify you in advance if we materially change this list. If we’re ever acquired, your data stays bound by the same promises.

Where your data lives

Our primary servers run in the United States and the European Union. International transfers ride the standard EU contractual clauses and equivalent safeguards. If you’re in the UK or the EEA, you keep the rights granted by the UK GDPR / EU GDPR regardless of where the bytes physically rest.

How long we keep it

We keep your content as long as your account is active. When you delete the account, we erase your data from production within 30 days; encrypted backup copies roll out of rotation within 90 days. We retain billing records for the period required by tax law (usually seven years), but those records contain no parenting content — only the financial fact of the transaction.

Your rights

  • Access. Ask for a copy of everything we hold about you.
  • Export. Download your content as portable files from Settings → Data.
  • Correction. Fix anything that’s wrong — directly in the app, or by emailing us.
  • Deletion. Erase the whole account from Settings → Account or by emailing us. Deletion is permanent.
  • Objection & restriction. Tell us to stop processing data for any of the purposes above, within the limits of what’s required to keep the service running.
  • Complaint. Lodge a complaint with your local supervisory authority (ICO in the UK, your national DPA in the EEA, your state attorney general in the US).

Security

Data is encrypted in transit (TLS 1.2+) and at rest. Database access is least-privilege, audit-logged, and gated by row-level security policies tied to the signed-in user. We support authenticator-app two-factor sign-in for every account. Our responsible-disclosure policy lives at /security.

Cookies and tracking

We use first-party cookies that are strictly necessary to keep you signed in and to remember your in-session preferences. We do not set advertising cookies and do not embed third-party trackers on authenticated pages. Aggregated, anonymous product analytics run on a privacy-respecting provider that does not build cross-site profiles.

Changes to this policy

If we change anything material, we’ll email the account owner at least 30 days before the change takes effect, and update the “Last updated” date at the top of this page. Minor wording fixes don’t trigger a notice.

Contact us

Privacy questions, data-subject requests, and anything else along those lines: privacy@learningparenting.com.