1 Aug 2025
1 Aug 2025
Privacy Policy
Privacy Policy
1. Who We Are
LearnCraft Inc. (“LearnCraft,” “we,” “our”) is a Delaware corporation headquartered at 75 Fifth Ave, Suite 500, New York, NY 10003, USA.
We process data on servers located in the United States and the European Union.
2. Information We Collect
We collect the following categories of information:
Account Data – such as name, email, password hash, and grade level. Provided directly by the user.
Content Data – such as notes, scanned images, audio recordings, YouTube links, transcripts, and AI-generated study aids. Created or uploaded by the user or generated within the app.
Device and Usage Data – such as device type, operating system version, IP address, and crash logs. Automatically collected.
Payment Data – tokenized purchase information via the App Store or Google Play. We never see full card numbers. This data is handled by third-party payment processors.
We limit our collection to what is reasonably necessary under COPPA.
3. How We Use Information
We use your information for the following purposes:
To deliver and personalize the service, including generating summaries, quizzes, flashcards, and adaptive study plans.
To manage your account and secure the service, including login authentication and fraud detection.
To analyze de-identified usage data for improving features and performance.
To fulfill legal requirements, including responses to lawful requests and enabling rights under FERPA.
4. Legal Bases (for GDPR Users)
We rely on the following legal bases when processing personal data for users in the EU or UK:
Contract necessity – to provide our services.
Legitimate interests – to improve learning outcomes, without overriding user rights.
Consent – for optional marketing and where required for parental consent (for users aged 13 to 15).
5. Sharing and Disclosure
We never sell your personal data. We may share your information only with:
Service providers (such as cloud hosting, payments, and analytics) that are bound by confidentiality obligations and Standard Contractual Clauses when required.
Schools and teachers under written agreements as “school officials” under FERPA.
Legal authorities when we are compelled to comply or when needed to protect user safety.
A buyer or successor in the event of a merger, acquisition, or similar corporate transaction. You will be notified in advance and given options.
6. International Transfers
For EEA/UK users, personal data may be transferred to the U.S. under:
The EU-U.S. Data Privacy Framework, or
Standard Contractual Clauses (SCCs) with additional safeguards.
All data transfers are encrypted using TLS 1.3 in transit and AES-256 at rest.
7. Student and Children’s Privacy
We comply with multiple laws and platform guidelines to protect students and children:
Under FERPA, we act as a “school official,” honor access and amendment rights, and destroy data in line with U.S. Department of Education best practices.
Under COPPA, users under 13 cannot sign up directly. Schools must obtain verifiable parental consent. We minimize data collection and do not use behavioral advertising.
Under Google Play Families, we use only certified advertising SDKs (when ads are present) and neutral age screens.
Under the Apple Kids Category, we implement parental gates and ensure age-appropriate experiences.
We actively monitor updates from the FTC and state-level child safety rules to remain compliant.
8. Your Rights
Depending on your region, you may have the following rights:
Globally: access, correction, deletion, data portability, and processing restrictions.
California (CCPA/CPRA): know what data is collected, request deletion or correction, opt out of the sale or sharing of personal information, and limit use of sensitive personal data.
EU/UK (GDPR): access, rectify, erase, restrict or object to processing, data portability, and the right to lodge a complaint with a data protection authority.
Under FERPA: students and parents can inspect, review, or request amendments to education records.
You can make a request in the app or by emailing privacy@learncraft.ai. We typically respond within 30 days (or 45 days under CCPA).
9. Security Measures
We implement the following security measures to protect your data:
Encryption using TLS 1.3 for data in transit and AES-256 for data at rest.
Mobile app security in accordance with OWASP MASVS v2.1.0, including secure storage, jailbreak detection, and code hardening.
Regular testing through annual penetration tests and quarterly vulnerability scans.
10. Data Retention and Destruction
We retain your content as long as your account is active. If your account is inactive for 24 months, we will notify you and delete your data 30 days later.
Backups are securely and cryptographically erased using U.S. Department of Education best practices.
11. Cookies and Tracking
We only use first-party cookies that are essential for authentication and load balancing.
We do not use third-party advertising or tracking cookies, in compliance with Google Play Families and Apple Kids policies.
12. Third-Party Integrations
Our app integrates with the following third parties:
YouTube API Services – if you watch or transcribe videos, your usage is subject to YouTube’s Terms of Service.
Cloud Providers – we use AWS and Google Cloud (U.S./EU regions) to store and process data, all encrypted and subject to SCCs or the Data Privacy Framework where applicable.
13. Changes to This Policy
If we make material changes to this policy, we will notify users 15 days before the changes take effect through an in-app banner and by email.
14. Contact Us
If you have any questions or requests, you can contact us at:
Email: privacy@learncraft.ai
Mailing Address: LearnCraft Inc., 75 Fifth Ave, Suite 500, New York, NY 10003, USA
1. Who We Are
LearnCraft Inc. (“LearnCraft,” “we,” “our”) is a Delaware corporation headquartered at 75 Fifth Ave, Suite 500, New York, NY 10003, USA.
We process data on servers located in the United States and the European Union.
2. Information We Collect
We collect the following categories of information:
Account Data – such as name, email, password hash, and grade level. Provided directly by the user.
Content Data – such as notes, scanned images, audio recordings, YouTube links, transcripts, and AI-generated study aids. Created or uploaded by the user or generated within the app.
Device and Usage Data – such as device type, operating system version, IP address, and crash logs. Automatically collected.
Payment Data – tokenized purchase information via the App Store or Google Play. We never see full card numbers. This data is handled by third-party payment processors.
We limit our collection to what is reasonably necessary under COPPA.
3. How We Use Information
We use your information for the following purposes:
To deliver and personalize the service, including generating summaries, quizzes, flashcards, and adaptive study plans.
To manage your account and secure the service, including login authentication and fraud detection.
To analyze de-identified usage data for improving features and performance.
To fulfill legal requirements, including responses to lawful requests and enabling rights under FERPA.
4. Legal Bases (for GDPR Users)
We rely on the following legal bases when processing personal data for users in the EU or UK:
Contract necessity – to provide our services.
Legitimate interests – to improve learning outcomes, without overriding user rights.
Consent – for optional marketing and where required for parental consent (for users aged 13 to 15).
5. Sharing and Disclosure
We never sell your personal data. We may share your information only with:
Service providers (such as cloud hosting, payments, and analytics) that are bound by confidentiality obligations and Standard Contractual Clauses when required.
Schools and teachers under written agreements as “school officials” under FERPA.
Legal authorities when we are compelled to comply or when needed to protect user safety.
A buyer or successor in the event of a merger, acquisition, or similar corporate transaction. You will be notified in advance and given options.
6. International Transfers
For EEA/UK users, personal data may be transferred to the U.S. under:
The EU-U.S. Data Privacy Framework, or
Standard Contractual Clauses (SCCs) with additional safeguards.
All data transfers are encrypted using TLS 1.3 in transit and AES-256 at rest.
7. Student and Children’s Privacy
We comply with multiple laws and platform guidelines to protect students and children:
Under FERPA, we act as a “school official,” honor access and amendment rights, and destroy data in line with U.S. Department of Education best practices.
Under COPPA, users under 13 cannot sign up directly. Schools must obtain verifiable parental consent. We minimize data collection and do not use behavioral advertising.
Under Google Play Families, we use only certified advertising SDKs (when ads are present) and neutral age screens.
Under the Apple Kids Category, we implement parental gates and ensure age-appropriate experiences.
We actively monitor updates from the FTC and state-level child safety rules to remain compliant.
8. Your Rights
Depending on your region, you may have the following rights:
Globally: access, correction, deletion, data portability, and processing restrictions.
California (CCPA/CPRA): know what data is collected, request deletion or correction, opt out of the sale or sharing of personal information, and limit use of sensitive personal data.
EU/UK (GDPR): access, rectify, erase, restrict or object to processing, data portability, and the right to lodge a complaint with a data protection authority.
Under FERPA: students and parents can inspect, review, or request amendments to education records.
You can make a request in the app or by emailing privacy@learncraft.ai. We typically respond within 30 days (or 45 days under CCPA).
9. Security Measures
We implement the following security measures to protect your data:
Encryption using TLS 1.3 for data in transit and AES-256 for data at rest.
Mobile app security in accordance with OWASP MASVS v2.1.0, including secure storage, jailbreak detection, and code hardening.
Regular testing through annual penetration tests and quarterly vulnerability scans.
10. Data Retention and Destruction
We retain your content as long as your account is active. If your account is inactive for 24 months, we will notify you and delete your data 30 days later.
Backups are securely and cryptographically erased using U.S. Department of Education best practices.
11. Cookies and Tracking
We only use first-party cookies that are essential for authentication and load balancing.
We do not use third-party advertising or tracking cookies, in compliance with Google Play Families and Apple Kids policies.
12. Third-Party Integrations
Our app integrates with the following third parties:
YouTube API Services – if you watch or transcribe videos, your usage is subject to YouTube’s Terms of Service.
Cloud Providers – we use AWS and Google Cloud (U.S./EU regions) to store and process data, all encrypted and subject to SCCs or the Data Privacy Framework where applicable.
13. Changes to This Policy
If we make material changes to this policy, we will notify users 15 days before the changes take effect through an in-app banner and by email.
14. Contact Us
If you have any questions or requests, you can contact us at:
Email: privacy@learncraft.ai
Mailing Address: LearnCraft Inc., 75 Fifth Ave, Suite 500, New York, NY 10003, USA
2025 - Copyright
2025 - Copyright
30 N Gould St, Sheridan, WY 82801, USA
30 N Gould St, Sheridan, WY 82801, USA
hello@learncraftai.com
hello@learncraftai.com
Features
About us
FAQ
Contact Us
Download App
LearnCraft
Features
About us
FAQ
Contact Us
Download App
LearnCraft
LearnCraft
LearnCraft