Privacy Policy
Effective: April 22, 2026 · Last updated: April 2026
ParentProof is operated by ParentProof.org, a non-profit. We do not sell data, show ads, or have a paid tier. This policy explains what we collect, why, and for how long.
What we collect
| Email address | Account creation and magic-link delivery | 3 years after last login |
| Session token (hashed) | Keep you signed in (15 min TTL with refresh) | 30 days |
| Content ratings you submit | Populate the community rating for an entity | Indefinitely (public) |
| Scan history | Show your classification history in /dashboard/history | 90 days |
| VPC audit records | COPPA Safe Harbor compliance | 7 years (required by law) |
| Audit events | Security log for your account actions | 90 days |
| IP address (hashed) | Rate limiting and abuse prevention | 30 days |
What we do not collect
- We do not collect data from children. ParentProof is parents-only.
- We do not track your activity across other websites.
- We do not use advertising cookies or third-party tracking pixels.
- We do not sell, rent, or share your personal data with third parties for marketing.
Cookies
We use one first-party session cookie (pp_session) that is HTTP-only, Secure, and SameSite=Lax. It contains a signed JWT with your parent account ID. No third-party cookies are set.
Third-party services
| Google Cloud Run / GCP | Application hosting | GCP Terms of Service |
| Resend | Transactional email (magic links) | Resend Privacy Policy |
| FrameBright AEGIS | Content classification engine | FrameBright Privacy Policy |
We do not use Google Analytics, Meta Pixel, HubSpot, Intercom, or any marketing analytics service.
Your rights (DSR — Data Subject Requests)
You have the right to access, correct, export, or delete your personal data. Submit a DSR by emailing privacy@parentproof.com or using the data export/delete tools in your account settings. We respond within 30 days.
Exception: VPC audit records are retained for 7 years as required by the FTC COPPA Rule (16 CFR Part 312) and cannot be deleted on request.
COPPA
ParentProof complies with the Children's Online Privacy Protection Act (COPPA) as amended effective April 22, 2026. We do not knowingly collect personal information from anyone under 13. If you believe a child's data has been collected, contact privacy@parentproof.com and we will delete it within 72 hours.
Contact
Privacy questions: privacy@parentproof.com
ParentProof.org, c/o Goodventures