Numbat Math Privacy Policy

Last updated: 2026-05-12. Version: 1.1.

1. Who we are

Numbat Math is an iOS app for personalized daily math practice, designed for kids in grades 3–5. The parent is the legal account holder. A child cannot create an account on their own — the parent signs up, adds a child profile, and remains the operator of the account.

Numbat Math is operated by Yousef and Sanad LLC d/b/a Numbat Math, a limited liability company registered in Texas. Our contact details:

Yousef and Sanad LLC, d/b/a Numbat Math
3025 Jacob Drive, Wylie, TX 75098
Email: support@numbatmath.com

Throughout this policy, "we," "us," and "our" refer to Yousef and Sanad LLC. If you have any privacy questions, write to support@numbatmath.com.

2. Jurisdiction

Numbat Math is offered to users in the United States only. We do not knowingly accept signups from outside the U.S. If you are a non-U.S. user, please do not use the service.

3. What we collect

From the parent (at signup)

Data	Why we have it
Email address	Used for login, password reset, and the weekly progress email.
Hashed password	Stored by our authentication provider (Supabase). We never see the plaintext password.
Subscription status and SKU (Summer Pass, Monthly, or Annual)	Used to gate access to the app. Payment is handled by Apple; we never see your card details.

About each child the parent adds

Data	Why we have it
First name	Displayed to the child inside the app ("Hi Maya!"). It is not sent to any third party, including our AI tutor.
Grade level (3, 4, or 5)	Used to choose appropriate questions and to tell the AI tutor what reading level to use in explanations.
Avatar choice (optional)	Cosmetic, picked from a built-in set. No photos are uploaded.

While the child practices

Data	Why we have it
Questions attempted, answer given, correct or not, time spent	Powers the adaptive difficulty engine, progress tracking, and the weekly parent recap.
Whether an explanation was requested for a wrong answer, and at what hint level	Used to display "asked the tutor for help N times" in the parent dashboard.
Per-topic accuracy, XP, streak days, badges earned	The kid-facing gamification surface and the parent recap.

What we do not collect

Location, contacts, photos, microphone audio, or camera input.
Browsing history or use of other apps.
The IDFA or any other identifier used for cross-app advertising. Per Apple's App Tracking Transparency framework, we do not track you across apps or websites owned by other companies.

Crash and diagnostic data

Crash and hang reports captured by Apple's MetricKit framework are stored only in a local cache on the device. They do not leave the device. We have no remote crash-reporting integration (no Crashlytics, no Sentry).

4. How we use it

Inside the app

Serving questions, scoring answers, tracking progress, updating streaks, badges, and XP.
Choosing the next question via an adaptive-difficulty engine that runs entirely on the device. No data leaves the device for this step.

Calling our AI tutor (Anthropic's Claude)

When a child gets a question wrong and asks for an explanation, our backend calls Anthropic's Claude API on the child's behalf. The only fields sent to Anthropic are:

The child's grade (3, 4, or 5).
The text of the math question.
The four multiple-choice options.
The correct answer.
The answer the child picked.
The pre-tagged misconception label and description that match the wrong answer (e.g. forgot_to_carry: Student added each column without carrying).
The hint level requested (1, 2, or 3).

We do not send to Anthropic:

The child's first name or any name.
The parent's email, name, or any contact information.
The child's birthday, address, location, device identifier, or IP address (Anthropic sees only our backend's IP).
Any other practice history beyond the single question being explained.

The system prompt we send to Anthropic explicitly forbids the AI from using a name. The Anthropic API key is held only on our backend; the iOS app never sees it.

Sending the weekly progress email

Each Monday at 00:00 UTC, our backend generates a recap of the past 7 days for every active parent and sends it via Resend. The email contains: each child's first name, their grade, total minutes practiced, sessions completed, questions correct, accuracy percentage, XP earned, streak length, and per-topic accuracy. The email goes only to the parent's email address.

Every weekly email contains an unsubscribe link in the footer. Clicking it stops all future weekly emails for that parent.

Subscriptions

We use the App Store's record of your subscription status to gate access to the app. We never see your payment method.

5. How we share it

We use the following third-party service providers ("subprocessors"). Each is contractually limited to processing data only as instructed by us.

Subprocessor	What it sees	Location
Supabase (database + authentication)	Everything described in Section 3. All access is gated by row-level security so a given parent's data is unreadable to any other parent.	United States
Anthropic (Claude API, for wrong-answer explanations)	Only the fields listed in Section 4. No names, no contact info.	United States
Resend (email delivery)	The parent's email address, and the rendered weekly recap email which includes each child's first name and practice statistics. Sent at most once per week.	United States
Apple (subscription management via the App Store)	Subscription status and product identifier only.	Per Apple's policies.

We do not sell personal information. We do not use personal information for advertising. We do not share it with any other third party except as required by law (e.g., a valid subpoena).

6. Children's privacy and COPPA

Numbat Math is a parent-managed service for children. Per the Children's Online Privacy Protection Act (COPPA):

A child cannot sign up directly. Account creation requires an email address, a password, and a credit-card-backed purchase via the App Store — all of which presume an adult account holder.
The parent provides the child's first name and grade. No additional personal information is collected from the child directly. The child interacts only with the practice screens.
No persistent identifier for behavioral advertising is created or shared.
The category in the App Store is "Education", not "Designed for Kids," which would invoke a different (stricter) set of Apple platform rules. The parent-managed model is the design point.

Parental rights

The parent, at any time, may:

Review the data we have collected about their child. The in-app parent dashboard shows the most useful summary; for a full export, email support@numbatmath.com.
Correct or update the child's first name, grade, or avatar inside the app.
Delete all data tied to the account in one tap, via Settings → Delete account in the app. The deletion is immediate and permanent. Specifically, when you delete your account, the following are removed from our database:
- Your parent record (email, hashed password, subscription history).
- Every child profile (name, grade, avatar) belonging to your account.
- Every practice session, every question attempt, every answer given.
- All gamification state: XP events, streaks, badges, per-topic skill data.
- Every weekly report we have generated for your account.
Anthropic's API receives only the per-question fields listed in Section 4 and does not store them long-term per their stated retention policy. Resend's logs of weekly email deliveries are retained for a short window per Resend's policy and then purged. Apple's record of your subscription is governed by Apple's own policy, which we cannot delete on your behalf — cancel the subscription via Apple's subscription management to stop further charges.
Stop receiving the weekly progress email by clicking "Unsubscribe" at the bottom of any weekly email. The next scheduled send will skip you automatically.
Refuse further collection by deleting the app from the child's device, or by canceling the subscription. Once a subscription is canceled and lapses, data is retained for 90 days and then deleted (see Section 8).

If you believe we have collected information from a child without proper parental consent, please contact us at support@numbatmath.com and we will delete it promptly.

7. Security

All data in transit between the app and our backend is encrypted with TLS.
Database access is gated by row-level security (RLS): a parent can read and write only rows belonging to their account and their children.
The Anthropic API key and the email-sending API key live only on our backend (in Supabase Edge Function secrets). They are never embedded in the iOS app.
We do not store plaintext passwords; authentication is handled by our auth provider.

No system is perfectly secure. If we become aware of a breach affecting your data, we will notify you by email within 72 hours of confirmation.

8. Data retention

Active accounts: data is retained for as long as the account is active.
Cancelled or lapsed accounts: 90 days after the subscription ends, the parent and all associated child records, sessions, attempts, and reports are deleted. The parent may request earlier deletion at any time.
Weekly report payloads in the parent_reports table are kept for 12 months for trend display, then deleted.
Diagnostic data captured by Apple's MetricKit on the device follows Apple's own retention rules — typically rotated within a few weeks.

9. California privacy rights (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act / California Privacy Rights Act:

Right to know what personal information we have collected, how we use it, and with whom we share it. This policy describes that; for a full export, email support@numbatmath.com.
Right to delete your personal information. See Section 6.
Right to correct inaccurate personal information. See Section 6.
Right to opt out of "sale" or "sharing" of personal information. We do not sell or share personal information for cross-context behavioral advertising.
Right not to be discriminated against for exercising these rights.

For California-specific requests, email support@numbatmath.com with the subject line "California Privacy Request."

10. Changes to this policy

If we materially change what we collect or how we use it, we will email all active parent accounts at least 14 days before the change takes effect, and update the "Last updated" date at the top of this page.

Minor edits (typos, clarifying wording) may be made without notice.

11. Contact

Questions, requests, deletion, anything else: support@numbatmath.com.