Privacy Policy

This Privacy Policy applies to Generation STEM websites, dashboards, course players, AI mentoring features, billing flows, support interactions, and related services. For children under 13, our COPPA Policyprovides additional details about parental consent and children's privacy.

• Provide courses, dashboards, progress tracking, achievements, certificates, and account access.
• Operate Nova AI mentoring, code validation, activity feedback, and learning personalization.
• Process payments, manage subscriptions, and send transactional emails.
• Secure the platform, prevent abuse, diagnose bugs, and maintain audit logs for sensitive actions.
• Improve curriculum, product quality, onboarding, and support using aggregated or de-identified patterns where practical.
• Measure public marketing performance and paid campaigns without using private student learning, checkout, or account-auth routes for ad targeting.

Generation STEM is parent-controlled. Parents create accounts, manage student profiles, and provide consent for student use. We do not knowingly allow a child under 13 to create their own parent account.

We do not sell children's personal information. We do not use student learning data for behavioral advertising. We do not intentionally collect student email addresses, phone numbers, home addresses, school names, photographs, or precise location information as part of the student profile.

To provide Nova AI help, code execution, validation, audio narration, and course workspace features, we may process activity text, explanation text, code, outputs, course context, and student questions through service providers. We design these flows to use the information needed for learning and feedback, not for advertising.

Families should avoid entering secrets, passwords, API keys, addresses, or sensitive personal information into code editors, terminals, Nova chats, or activity prompts.

We use trusted providers to operate the service. They process information on our behalf for limited business purposes.

• Stripe for parent payments and subscription billing.
• Email providers for transactional messages such as password reset, verification, receipts, and course milestones.
• AI service providers used to operate Nova and provide educational guidance.
• AWS or storage providers for generated activity audio and related media.
• Hostinger/VPS infrastructure and database hosting used to run the application.
• Google Analytics and X/Twitter ads for public marketing-page measurement and advertising. These are not intended for private student learning, checkout, or account-auth routes.

Parents may request to:

• Review family account and student profile information.
• Correct inaccurate information.
• Delete a student profile or household account.
• Withdraw consent for further collection of a child's information, which may limit service access.
• Request a copy of learning records where reasonably available.
• Opt out of marketing emails while still receiving transactional account messages.

To make a privacy request, email privacy@generationstem.org.

We use access controls, HTTPS/TLS, password hashing, scoped sessions, audit logs for sensitive admin actions, database protections, provider controls, and operational monitoring to protect information. No online service can guarantee perfect security, but we treat family trust as a core product requirement.

We keep information while an account is active, while needed to provide the service, or as required for security, legal, tax, billing, dispute, or backup purposes. When an account is deleted, we aim to delete or de-identify personal information within 30 days, except where retention is legally required or technically necessary for short-term backups.

We may update this policy as the product, providers, or laws change. If a material change affects how we collect, use, or share children's information, we will provide parent notice and obtain consent where required.

Privacy questions: privacy@generationstem.org. Support questions: support@generationstem.org.