Children's Privacy Policy
Effective June 8, 2026 · Version 2026-06-08
Butler Academy is an online learning service directed to children, including children under 13. This policy explains, for parents and legal guardians, what personal information we collect from a child, how we use it, who we share it with, how long we keep it, and the rights you have. It is written to meet the U.S. Children's Online Privacy Protection Act (COPPA). It applies to Butler Academy's main site and to the white-label course sites we operate.
We do not knowingly collect more personal information from a child than is reasonably necessary to provide the learning service, and we never condition a child's participation on disclosing more than is necessary.
Information we collect from your child
We collect only what is needed to run the learning service:
- Account and identity — the child's name (or display name) and date of birth. We ask for the date of birth only to determine the child's age; we do not keep it. We store only the birth year and a general age range (for example, under 13 or 13 and older) and discard the full date of birth.
- Learning activity — the child's answers, quiz and test responses, essay and project submissions, mastery and progress records, tutor-chat messages, and detected misconceptions.
- Uploaded work — photographs or files of the child's work that are submitted for grading.
- Parent/guardian contact — for an under-13 child, the email address of the parent or guardian who provides consent.
- Technical data — a session login identifier and the persistent identifiers described below, used to keep the child signed in and to operate the service.
Persistent identifiers, cookies, and audio
- Persistent identifiers — we use a session cookie/token and an internal account identifier to authenticate the child and maintain the session. We use these only to support the internal operation of the service (keeping the child logged in, delivering lessons, and tracking progress); we do not use them for behavioral advertising and we do not allow third-party advertising networks to collect identifiers through the service.
- Audio — lessons can be read aloud. The narration audio is generated from the lesson text (not from the child's voice) and cached to serve the lesson faster. We do not collect or record the child's voice, and the service has no feature that captures audio from the child's microphone.
How we use the information
- To deliver lessons, assessments, tutoring, and grading, and to adapt the difficulty to the child's mastery.
- To show the child's progress to the child and to their linked supervisor (parent/guardian or teacher).
- To authenticate the child and keep the service secure and working.
- To contact the parent/guardian about consent and the child's account.
- We do NOT sell the child's personal information, and we do NOT use it for behavioral advertising or to build advertising profiles.
How long we keep it
We keep a child's personal information only as long as reasonably necessary to provide the learning service, and never indefinitely. For each kind of information we collect, we tell you below why we collect it, why we need to keep it, and the specific point at which we delete it. We use an activity-based clock — we do not keep a child's learning data for a fixed number of years regardless of whether the account is still used.
- Learning data and content — the child's answers, quizzes, tests, essays (including auto-saved drafts of in-progress work), projects, mastery and progress records, tutor-chat messages, detected misconceptions, uploaded work, and scheduled assignments. Purpose: to deliver and adapt the lessons and show progress. Business need to retain: a returning learner's history and in-progress work must be available so the service can pick up where they left off. Deletion timeframe: we hard-delete this data 12 months after the account becomes inactive, and immediately when a parent/guardian withdraws consent or the account is deleted.
- Operational and transient data — in-app and email/SMS notification records and the technical logs of requests to our AI providers. Purpose: to deliver and audit notifications and to monitor cost and quality. Business need to retain: only short-term operational need. Deletion timeframe: provider-request logs are deleted after 90 days and notification records after 180 days — automatically, on a fixed schedule.
- Parental-consent and consent-audit records — the record that a parent consented (or withdrew consent) and the audit trail of those events. Purpose and business need to retain: to prove we obtained verifiable parental consent and honored withdrawal, which we may need to demonstrate to regulators. Deletion timeframe: we delete these records 3 years after the account is closed.
- When a parent/guardian withdraws consent or asks us to delete the child's information, we delete the child's learning data and content from our active systems and instruct our service providers to do the same, except where we must retain the limited consent-audit records above to meet a legal obligation.
- Our service providers retain data only briefly: OpenAI keeps abuse-monitoring logs no more than 30 days (and excludes content where we have enabled zero-data-retention), Google's Gemini retains data for abuse monitoring up to 55 days, and Resend deletes customer data within 90 days of account termination. None of them use a child's data to train their models.
Your rights as a parent or guardian
- Consent — for a child under 13 we obtain your verifiable consent before collecting the child's personal information, and we give you direct notice of what we collect at that time.
- Review — you may ask us to review the personal information we have collected from your child.
- Delete — you may ask us to delete your child's personal information.
- Refuse / withdraw — you may refuse to allow further collection or use of your child's information, and you may withdraw your consent at any time. We will then stop collecting the information and delete what we have, which may mean the child can no longer use the service.
- To exercise any of these rights, contact us using the details below.
How to contact us
You can reach Butler Academy's privacy contact, who is responsible for children's privacy and information security, at privacy@butleracademy.com. We will respond to verified parental requests to review, delete, or stop collecting a child's personal information.
Changes to this policy
If we make a material change to what we collect, how we use it, or who receives it, we will update this policy, give it a new version, and obtain fresh parental consent before the change affects a child whose parent consented under an earlier version.