Plother
Loading...
Version 1.1 · Last updated March 10, 2026
Children's Privacy (COPPA)
Plother is designed for children ages 4–15. We comply with the Children's Online Privacy Protection Act (COPPA 2025 Rule) and require verifiable parental consent before collecting any data about a child. Parents can review, revoke consent, or delete all data at any time from Settings → Data & Privacy.
Plother ("we", "our", "us") provides an AI-powered educational platform for children ages 4–15, accessed by parents/guardians who create family accounts and manage their children's learning experiences.
Parent Account Data
Email address, authentication credentials, consent records (with timestamp, IP address, and verification method as required by COPPA).
Child Profile Data
First name (used only within the app), age, grade level, learning preferences, and progress data. We never collect last names, addresses, or government IDs for children.
Learning Content
Chat messages between child and AI tutor, homework images uploaded for assistance, interactive artifacts created during sessions, and curriculum progress.
Voice Data (with consent)
If a parent chooses to set up a voice clone, audio samples of the parent's own voice are collected. Children's voices are processed in real time for the chat interface but are never stored or transmitted to our servers.
We share data only with service providers necessary to operate the platform. All providers are bound by data processing agreements. We never sell data or share it for advertising.
| Provider | Purpose | Child Data? |
|---|---|---|
| Supabase | Database & authentication | Yes (all data) |
| Anthropic (Claude) | AI tutoring & homework assistance | Chat content only |
| OpenRouter | AI model routing (ZDR enabled) | Chat content only |
| ElevenLabs | Text-to-speech & voice cloning | Parent voice only |
| Vercel | Hosting & deployment | Logs only |
| Sentry | Error monitoring (PII-scrubbed) | Anonymized only |
Chat content sent to AI providers is processed without the child's real name (anonymized per COPPA data minimization requirements). AI providers operate under Zero Data Retention where available.
Access
View all data held about your child
Correction
Update inaccurate information
Erasure
Delete all data for any child profile
Portability
Export your child's data as JSON
Revoke Consent
Withdraw consent for optional data uses
Stop Processing
Deactivate a child profile
Exercise any right from Settings → Data & Privacy or by contacting us at privacy@plother.app. GDPR requests are fulfilled within 30 days. LGPD (Brazil) within 15 days.
| Data Type | Retention Period |
|---|---|
| Chat messages | 12 months from creation |
| Homework images | 90 days from upload |
| Voice uploads | 24 hours (processing only) |
| Consent records | 7 years (legal requirement) |
| Safety logs | 24 months |
| All child data | Deleted immediately on parent request |
Data is encrypted in transit (TLS 1.3) and at rest (AES-256) via Supabase. We maintain a Written Information Security Program (WISP) as required by COPPA 2025. Access to child data requires multi-factor re-authentication (elevated session). We conduct regular security reviews and respond to vulnerabilities within 48 hours.
Plother uses artificial intelligence to provide personalized tutoring. In compliance with Quebec Law 25, GDPR Article 22, and EU AI Act transparency requirements, we disclose the following automated decisions:
Adaptive Difficulty
The AI adjusts lesson difficulty (easier, standard, or challenging) based on the child's recent performance and curriculum progress. Parents can override this from the child's learning settings.
Content Personalization
The AI selects topics and examples based on the child's grade level, interests, and prior conversations. This uses session context stored locally—no profiling for advertising or external purposes.
Safety Moderation
Messages are automatically screened for unsafe content before processing. Flagged content is reported to parents. This cannot be disabled as it protects child safety.
Screen Time Enforcement
If a parent sets a daily time limit, the system automatically blocks access when the limit is reached. Only parents can adjust these limits.
No automated decision has legal or similarly significant effects on your child. All decisions are supervisory (assisting learning) and can be overridden by parents. For questions about automated processing, contact privacy@plother.app.
Data is hosted in the United States (Supabase). For users in the EU/EEA, data transfers are covered by Standard Contractual Clauses (SCCs) included in our Data Processing Agreement with Supabase. For Brazilian users, transfers comply with LGPD Article 33 safeguards.
For privacy inquiries, consent management, or data deletion requests:
Email: privacy@plother.app
Response time: Within 2 business days for general inquiries; 30 days for formal data subject requests (15 days for Brazil/LGPD)
COPPA Compliance: Verified under FTC COPPA Rule (16 CFR Part 312)