Your family's data is yours.

Last updated: June 1, 2026 · Plain English. No surprises.

The short version

The Digital Childhood ("TDC", "we", "us") is a calm parenting app for people raising kids in a digital world. We collect the minimum data we need to make the app work, we never sell it, we never run ads, and we treat children's data with extra care. If you ever want your data deleted, email us and we'll delete it.

Who runs TDC

TDC is operated by The Digital Childhood, LLC, founded by Chelsea Redeker. You can reach us at hello@thedigitalchildhood.com.

What we collect

Account info: when you sign in with Google or email, we receive your name and email address through our authentication provider (Supabase). We use this to create your account and let you sign back in.
Family info you add: the names, ages, and stages you enter for your kids on the My Family screen. These stay attached to your account and are used only to personalize the app for you.
Content you save: scripts, articles, activities, pacts, notes, and wins you save are stored on your device and in your account so they're there next time you sign in.
Anonymous usage analytics: we use Plausible Analytics (privacy-respecting, cookieless) to count things like "how many parents opened Learn It this week." No personal identifiers, no third-party trackers.
Crash / error reports: if the app errors, we may log the error and your session ID to Sentry to fix it. No content from your family is sent.
Push notifications (optional): if you opt in, we store a device token so we can send the notifications you signed up for. You can turn this off at any time.
Payment info (when paid plans launch): Stripe processes all payments. We never see your card number. We see your subscription status (active / canceled) and the email tied to your subscription.

What we do not collect

We do not run advertisements and we do not share data with advertisers.
We do not sell, rent, or trade your data to anyone.
We do not track you across other websites or apps.
We do not use third-party trackers, fingerprinting, or behavioral profiling.
We do not access your contacts, microphone, location, or camera unless you explicitly use a feature that needs it (and we don't have any of those features right now).

Children’s data: our COPPA stance

TDC is built for parents, not for children. Our minimum age to create an account is 18. We do not knowingly collect personal information directly from children under 13.

When you add a kid to your family on the My Family screen, you enter their first name, age, and stage. We treat this as parent-provided context, not as a child's account. We store it on your account, use it to personalize what you see, and never share it.

If you want any kid information deleted, email hello@thedigitalchildhood.com and we will remove it within 7 days.

Where your data lives

Supabase (Postgres database, hosted in the United States): your account, family, and saved content.
Stripe: payment processing only, when paid plans launch.
Render: the server that runs the app.
Plausible: anonymous usage analytics.
Sentry: error reports (no family content, just technical errors).
Your device's localStorage: recent saves, drafts, and your TDC streak count live on your device.

Each of these providers has their own privacy commitments. We picked them because they are privacy-respecting by default.

Subprocessors (the third parties that touch your data)

Per GDPR Article 28, here is the complete list of subprocessors that may process your personal data on our behalf, what each one does, and where they store data:

Supabase Inc. (United States): primary database (Postgres) + authentication. Stores your account, family info, and saved content. Supabase Privacy.
Stripe, Inc. (United States): payment processing when paid plans launch. Stripe never returns your card number to us; we see only your subscription status. Stripe Privacy.
Render Services, Inc. (United States): application hosting. Runs the server that runs the app. Render Privacy.
Plausible Insights OÜ (Estonia / EU): cookieless, privacy-respecting analytics. No personal identifiers shared. Plausible Privacy.
Functional Software, Inc. (Sentry.io) (United States): error reports only. No family content is sent: only stack traces and your session ID for the failed request. Sentry Privacy.
Resend.com (United States): transactional email + monthly digest delivery. Receives your email + the digest content. Resend Privacy.
Anthropic, PBC (United States): Ask TDC LLM queries. Your question text is sent for completion; Anthropic does not train on API content by default. Anthropic Privacy.
Google LLC (United States): Gemini TTS for the Listen feature + Google Sign-In for authentication. Google Privacy.

If you are a business customer or DPO who needs a signed Data Processing Agreement (DPA), email hello@thedigitalchildhood.com and we will sign one within 5 business days.

How long we keep your data

As long as you have an account, plus 30 days after deletion in case you change your mind. After that, your account data is permanently deleted from our database. Backups are rotated within 90 days and overwritten automatically.

Data security

Your data is encrypted in transit (TLS 1.2+ on every request) and at rest (Supabase encrypts the database, Stripe encrypts payment data, both at industry-standard AES-256). We use row-level security in Supabase so one user's data is never readable by another user's account. Access to production systems is restricted to a small number of authorized administrators and requires multi-factor authentication.

If there's ever a data breach

If we discover a personal data breach that creates a real risk to your information, we will notify affected users by email within 72 hours of discovery, post a notice in the app, and report to regulators where required by law (GDPR Article 33, applicable US state breach laws).

California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to: (a) know what personal information we collect and how we use it (this entire policy), (b) request a copy of your personal information (Settings → Export My Data), (c) request deletion of your personal information (Settings → Delete Account), (d) correct inaccurate information (edit it directly in the app), and (e) opt out of the "sale" or "sharing" of personal information for cross-context behavioral advertising.

We do not sell or share your personal information. We do not run ads. We have no "Do Not Sell or Share" link to display because there is nothing to opt out of.

European Privacy Rights (GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the right to: access, rectification, erasure, restriction of processing, data portability, and to object to processing. You also have the right to lodge a complaint with your supervisory authority. Our lawful basis for processing is your consent (when you create an account) and our legitimate interest in operating the app you signed up for. For cross-border transfers from the EU to the United States (where our infrastructure is hosted), we rely on the EU-US Data Privacy Framework where applicable and Standard Contractual Clauses as a fallback.

Account closure on inactivity

If you have not signed in for 24 months, we will email you a heads-up and, if you do not respond within 30 days, delete your account and the data attached to it. We will never auto-delete the account of an active paying subscriber.

Your rights

See your data: Settings → Export My Data. You'll get a JSON file of everything we have.
Correct your data: edit your name, kids, or any saved content directly in the app.
Delete your data: Settings → Delete Account. Or email us.
Opt out of analytics: Plausible is cookieless and you can block it with any standard tracker blocker. We won't fight you.
Opt out of push notifications: turn them off in Settings or in your browser settings.

Cookies

We use one essential cookie that keeps you signed in. We do not use marketing cookies, advertising cookies, or third-party tracking cookies.

If we change this policy

If we make a material change, we will email you and post a banner in the app at least 7 days before the change takes effect. The "last updated" date at the top of this page always reflects the current version.

How to reach us

Email hello@thedigitalchildhood.com. We're a small operation, but we read every email.

This policy is written in plain language and represents our actual practices. If anything here is unclear, email us and we'll explain it.