+ Tobey's Tutor

Privacy Policy

Last Updated: August 23, 2025

Introduction

At Tobey's Tutor, we value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered learning platform designed for neurodivergent learners.

Please read this Privacy Policy carefully. By accessing or using our service, you acknowledge that you have read, understood, and agree to be bound by all the terms outlined in this Privacy Policy.

Information We Collect

Personal Information

  • Contact information (name, email address, phone number)
  • Account credentials (username, password)
  • Billing information (credit card details, billing address)
  • Profile information (age, educational background, learning preferences)

Educational Information (Based on Your Privacy Choice)

During onboarding, you choose how much educational information to share:

Learning Summary Track (Standard)

  • Parent-provided learning summaries and insights
  • Learning preferences and accommodation needs
  • Academic strengths and challenges as described by parents
  • Child's interests and hobbies

Enhanced Personalization Track (Optional)

All information from Learning Summary Track, plus:

  • Report cards and academic records (only with explicit consent)
  • Teacher comments and educational assessments
  • Grade trends and academic performance data

Usage Data

  • Interaction with our platform (lessons completed, time spent, performance metrics)
  • Learning patterns and preferences during tutoring sessions
  • Technical data (IP address, browser type, device information)
  • Cookies and similar tracking technologies

How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide, operate, and maintain our platform
  • Personalize and improve your learning experience based on your chosen privacy level
  • Process transactions and send related information
  • Send administrative information, updates, and marketing communications
  • Respond to inquiries and provide customer support
  • Monitor and analyze usage trends to improve our service
  • Protect our platform from unauthorized access and abuse
  • Comply with legal obligations, including FERPA and GDPR requirements

Safety Monitoring

To ensure child safety, our platform includes automated monitoring that:

  • Detects keywords or phrases suggesting potential harm or distress
  • May trigger immediate notification to parents for safety concerns
  • Maintains privacy by not sharing specific conversation details
  • Is disclosed to children in age-appropriate language during onboarding

This monitoring is solely for safety purposes and parental notifications are sent only when necessary to protect child welfare.

Educational Data Protections

We provide enhanced protections for educational information:

  • FERPA Compliance: Educational records are handled in accordance with the Family Educational Rights and Privacy Act
  • No External AI Training: Your child's educational data and conversations are never used to train external AI models
  • Limited Access: Only authorized tutoring AI systems access educational data for personalization
  • Parent Control: You can modify, export, or delete educational data at any time through your dashboard

Sharing Your Information

We may share your information with:

  • Service providers who assist us in operating our platform (under strict data protection agreements)
  • Legal and regulatory authorities when required by law
  • In connection with a business transfer or acquisition (with notice and continued protection)

We do NOT share:

  • Educational records with third parties without explicit consent
  • Personal information with partners for their marketing purposes
  • Any data with external AI training systems
  • Individual student data for research or analytics purposes

Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: All data is encrypted in transit and at rest
  • Access Controls: Role-based access with strict authentication requirements
  • Regular Audits: Quarterly security assessments and compliance reviews
  • Secure Infrastructure: Industry-standard cloud security with Supabase
  • Row-Level Security: Database policies ensure parents only access their own child's data

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Obtain a copy of your personal and educational information
  • Rectify: Correct inaccurate or incomplete information
  • Delete: Request deletion of your personal and educational information
  • Restrict: Limit processing of your information
  • Portability: Export your data in a common format
  • Withdraw Consent: Change your privacy level or data sharing preferences
  • Educational Records: Request amendment of educational records under FERPA

For EU Residents: You have additional rights under GDPR, including the right to object to processing and lodge complaints with supervisory authorities.

To exercise these rights, please contact us at support@tobeystutor.com.

Data Retention and Deletion

  • Data Deletion Policy: When you cancel your subscription, we will retain your data for 5 days to allow for account reactivation. After this grace period, your data will be permanently deleted within 30 days. During our beta period, deletions are processed manually by our team to ensure data integrity. After beta, this process will be fully automated.
  • Educational Data: Retained only as long as necessary for tutoring services, deleted upon account closure or at your request
  • Usage Data: Aggregated and anonymized for service improvements
  • Account Data: Retained for legitimate business purposes, with deletion available upon request

Children's Privacy

Our platform is designed for children under 13 with parental consent and control:

  • Parental Consent: Required for all data collection from children
  • Parental Access: Parents can review, modify, or delete their child's information
  • Limited Collection: We collect only information necessary for educational services
  • No Behavioral Advertising: We do not use children's data for advertising purposes

International Transfers

If you are located outside the United States, please note that we may transfer your information to and process it in the United States. We implement appropriate safeguards to protect your information in accordance with applicable privacy laws.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending email notification for significant changes
  • Requiring re-consent for material changes to data collection practices

You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:

Email: support@tobeystutor.com

Subject Line: Privacy Policy Inquiry

For GDPR-related requests, please use subject line "GDPR Request"
For FERPA-related requests, please use subject line "Educational Records Request"