Privacy Policy — Plio Academy

Effective Date: May 1, 2026

1. Overview

Plio Academy is a nonprofit organization providing free AI education to children ages 5–17. We are committed to protecting your privacy and comply with the Children's Online Privacy Protection Act (COPPA), California Consumer Privacy Act (CCPA), and all applicable privacy laws.

2. Who This Policy Covers

This policy applies to visitors, parents and guardians, students, instructors, administrators, and donors.

3. Information We Collect

From Guardians

• Full name, email address, phone number (optional)
• Address (optional) and preferred language
• Donation information (processed by Stripe, we don't store card numbers)

From Students (via Guardian Accounts)

• Display name (not legal name)
• Date of birth — used solely to recommend an age-appropriate learning tier. It is never displayed publicly and is never shared or sold.
• Avatar emoji and color
• Learning activity: lessons completed, quiz scores, time spent
• Lesson questions asked to the Lio AI tutor (see “AI Tutor” below)

From Creators and Instructors

• Full name, email address, and account credentials (via Clerk)
• Bio, teaching experience, subject areas, and portfolio links submitted in the creator application
• Identity verification result (pass/fail only — Stripe Identity processes and stores the actual ID document; Plio Academy does not)
• Background check status (pass/fail and date — for tutors approved for live sessions)
• Application status, review notes, and competency assessment results
• Content submitted to the platform and session activity logs

Creator identity verification is performed by Stripe Identity. Stripe processes your government-issued ID directly. Plio Academy receives only a verified/not-verified result and does not store, view, or transmit your ID document.

Automatically Collected

• Usage analytics via Vercel Analytics (privacy-friendly, no tracking cookies)
• Device and browser information
• Server logs (IP address, request details, retained 30 days)

4. Children Under 13 — COPPA Compliance

Children under 13 do not create accounts directly. Parents and guardians manage all account creation and data. We never collect direct contact information (email, phone) from children under 13 — only display name, age range, avatar preferences, and learning activity.

Before activating a child's profile, we send you a confirmation email containing a direct notice. You must click a confirmation link — this constitutes verifiable parental consent under COPPA 16 CFR § 312.5(b)(1) (email plus confirmation). No child profile is activated without this confirmed click. The direct notice summarizes: what we collect from your child, how it is used, who it is shared with, and your right to review and delete.

When creating your account, you confirm you are at least 18 years old and the parent or legal guardian of any child whose profile you create.

5. How We Use Your Information

• Provide educational services and show progress reports
• Send transactional emails and communicate about policies
• Improve curriculum and analyze learning outcomes (anonymized)
• Comply with law and prevent fraud

6. Third-Party Services

We use:

• Clerk — authentication and identity
• Neon/PostgreSQL — primary database
• Vercel — hosting and CDN
• Resend — transactional email
• Stripe — donation and payment processing
• Vercel Analytics — privacy-friendly usage analytics
• Upstash Redis — short-lived session cache (holds a hashed session token and the associated Clerk user ID so sign-out takes effect quickly; no child profile data)
• Anthropic — powers the Lio AI tutor; processes lesson questions to generate educational responses. Conversations are logged and automatically moderated for child safety.
• LiveKit — real-time audio/video for live tutoring; session media is not stored beyond the session
• Cloudflare R2 — storage for tutor interview video recordings (creator data, not student data)
• Backblaze B2 — long-term storage of COPPA compliance archives and grant reports (audit-trail exports; not used for advertising or any commercial purpose)

Each is bound by a Data Processing Agreement preventing unauthorized use of your data. A complete list of sub-processors with their roles and data processing agreements is available at hello@plio.academy upon request.

AI Tutor (Lio)

Lio is an AI tutor that helps students with lesson questions. When a student asks a question, the text of that question is sent to Anthropic (the AI provider) to generate an educational response. We log these conversation turns and automatically screen them for child-safety concerns. Lio's questions and answers are never used to advertise to your child and are never sold. AI tutor conversation logs are kept on a 30-day rolling basis and then purged.

7. Cookies and Tracking

Student-facing pages do NOT use third-party tracking cookies, advertising pixels, or behavioral profiling. Only essential cookies for login and CSRF protection.

8. Data Retention

• Account & student profile data: retained while the account is active. Accounts with no learning activity for 24 months are automatically deleted by a monthly retention job.
• Guardian-requested deletion: when a guardian submits a deletion request, we complete the deletion within 30 days of verifying the request.
• Learning activity (lessons, quiz scores, SRS data, AI tutor history): deleted together with the student profile it belongs to (cascade) — whether the profile is removed by request or by the 24-month inactivity job.
• Donation records: 7 years (nonprofit financial requirements)
• Server logs: 30 days
• AI tutor (Lio) conversation logs: 30-day rolling window, then automatically purged
• Tutor interview video recordings: 90 days after tutor status change or account deletion (stored in Cloudflare R2)
• COPPA compliance archives and grant reports: retained long-term as an audit trail (stored in Backblaze B2)
• Anonymized research data: indefinitely (undergoes irreversible de-identification before retention — we do not re-identify anonymized data)

9. Your Privacy Rights

You have the right to:

• Access your personal data
• Correct inaccurate information
• Delete your account and data
• Opt out of non-essential communication

To request access, correction, or deletion, submit our data-deletion form or email privacy@plio.academy. We verify each request and complete deletions within 30 days. Requests are reviewed by our privacy team — deletion is not an instant self-service action. A guardian who deletes their own account also triggers automatic deletion of all linked child profiles and their data.

10. Security and Data Breach Notification

We use HTTPS encryption, encrypted databases, role-based access control, and regular security audits. No system is perfectly secure, but we take every reasonable precaution.

In the event of a confirmed data breach, we will notify affected guardians by email without unreasonable delay. For EU/UK data subjects, we will notify the competent supervisory authority within 72 hours of becoming aware of a confirmed breach, as required by GDPR Article 33.

For US residents, in the event of a confirmed breach affecting personal information, we will notify affected guardians without unreasonable delay and in no case later than 30 days after discovery.

11. European Users — GDPR

If you are located in the EU or UK, we process your data under the legal bases of contractual necessity, legitimate interest, consent, and legal obligation.

Children's data (GDPR Art. 8):For users under 16 (or the applicable age threshold in their EU/UK member state — e.g., 13 in Ireland and UK, 16 in Germany), we rely on verifiable parental/guardian consent under GDPR Article 8. We collect the minimum data necessary and do not use children's data for any purpose beyond providing the educational services.

Legal basis for processing children's data: verifiable parental/guardian consent (Art. 6(1)(a) and Art. 8). For other data: contractual necessity (Art. 6(1)(b)), legitimate interest (Art. 6(1)(f)), and legal obligation (Art. 6(1)(c)).

Plio Academy does not currently meet the threshold requiring a formal Data Protection Officer (DPO) under GDPR Art. 37 (we are not a public authority and our core activities do not involve large-scale systematic monitoring). Privacy inquiries from EU/UK residents: hello@plio.academy.

12. California Residents — CCPA/CPRA

As a nonprofit organization, Plio Academy qualifies for the nonprofit exemption under Cal. Civ. Code § 1798.145(a)(6). However, we voluntarily extend CCPA/CPRA privacy rights to all California residents.

We do not sell or share personal information as defined by CCPA/CPRA. No action is required. We do not use sensitive personal information for advertising, profiling, or secondary commercial purposes. If you have questions, contact hello@plio.academy.

Sensitive personal information we collect (as defined by CPRA): none of the enumerated sensitive categories (SSN, financial account credentials, precise geolocation, health data, genetic data, biometric data, racial/ethnic origin, religious beliefs, union membership, sexual orientation) — we do not collect any of these categories.

13. Governing Law and Disputes

This Privacy Policy is governed by the laws of the State of Nevada. Privacy disputes not resolved informally within 30 days may be submitted to binding arbitration under AAA rules, consistent with our Terms of Service.

14. Changes to This Policy

We may update this policy. For material changes affecting children's data, we notify guardians by email 14 days before the change takes effect.

15. Contact Us

Email: hello@plio.academy
We aim to respond within 10 business days.

This is a summary. For the full, detailed Privacy Policy effective May 1, 2026, please refer to the official document at docs/legal/privacy-2026-05.md.