Back to Home

    Privacy Policy

    Effective date: February 26, 2026

    1. Introduction

    ParentLevel ("we", "us", or "our") is a gamified personal-development platform that helps parents build intentional habits and stronger family bonds. This Privacy Policy explains what personal information we collect, why we collect it, how we use and protect it, and what rights you have over your data.

    By creating an account or using ParentLevel, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, you must not use the Service.

    This policy applies to all users worldwide. We are committed to protecting your personal data and complying with applicable privacy laws in your jurisdiction.

    2. Information We Collect

    We collect only the information necessary to provide you with a meaningful experience:

    • Account information: Your name and email address, provided when you create an account.
    • Children's profiles: First names and birth dates of your children, which you provide voluntarily so we can suggest age-appropriate challenges. This data is linked exclusively to your account.
    • Activity data: Challenges you complete, XP earned, achievements unlocked, streaks, emotional check-in responses, and other in-app interactions.
    • Social connections: Information about your partner or friend links within the app (user identifiers and relationship status), used to enable co-parenting and friend challenge features.
    • Usage analytics: Anonymized data about how you navigate and use the app (pages visited, features used, session duration, device type), collected only with your consent.
    • Payment information: If you subscribe to a paid plan, payment processing is handled entirely by our payment provider. We do not store your credit card number or full payment details.

    We do not collect sensitive personal data such as racial or ethnic origin, religious beliefs, clinical health records, or biometric data. Emotional check-in responses reflect self-reported parenting mood and are not collected or used as clinical health or mental health data.

    3. Legal Basis for Processing

    We process your personal data on the following legal grounds:

    • Contract performance: Processing necessary to create and maintain your account and deliver the Service you signed up for.
    • Legitimate interests: Specific activities include: improving app features based on usage patterns, monitoring for security threats, and detecting fraudulent account activity. We have assessed that these interests do not override your privacy rights. A summary of our assessment is available on request.
    • Consent: Analytics and non-essential cookies, processed only after you have given explicit consent. You may withdraw consent at any time without affecting the lawfulness of prior processing.
    • Legal obligation: Complying with applicable laws, such as financial record-keeping requirements.

    4. How We Use Your Information

    We use your data exclusively to:

    • Create and manage your account and authenticate your identity;
    • Personalize challenges, progress tracking, and recommendations based on your children's ages and developmental stages;
    • Enable social features — partner challenges, friend connections, and community leaderboards;
    • Process subscription payments and manage your billing;
    • Send transactional communications (e.g., account confirmations, billing receipts, security alerts);
    • Analyze aggregated, anonymized usage patterns to improve the app;
    • Detect and prevent fraudulent activity, abuse, or violations of our Terms of Service; and
    • Comply with applicable legal obligations.

    We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects on you.

    5. How We Protect Your Data

    We take security seriously and implement industry-standard technical and organizational measures to protect your information:

    • Encryption in transit: All data exchanged between your device and our servers is encrypted using TLS (HTTPS).
    • Encryption at rest: Stored data is encrypted at rest using AES-256 or equivalent standards.
    • Access controls: Access to personal data is strictly limited to authorized personnel who need it to operate and improve the Service.
    • Authentication security: Account authentication is managed by a certified identity provider. We do not store your login password directly.
    • Infrastructure security: Our cloud infrastructure is hosted in certified data centers with physical security controls, redundancy, and regular security audits.

    No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a breach affecting your rights, we will notify you as required by applicable law.

    6. Children's Data Protection

    ParentLevel is a platform for adults — parents, guardians, and caregivers. While the app is not directed at children and children may not create accounts, parents may enter limited information about their children (first name and birth date) to personalize parenting challenges. We take children's privacy seriously.

    • We do not knowingly allow children under 13 (or the applicable minimum age in your jurisdiction) to create accounts.
    • We collect limited information about children — specifically first names and birth dates — only as provided by their parent or guardian for the purpose of personalizing parenting challenges.
    • This information is never used for advertising, sold to third parties, or shared beyond what is strictly necessary to provide the Service.
    • Parents may request access to, correction of, or deletion of their children's data at any time by contacting us.

    If we become aware that we have inadvertently collected personal information from a child without verifiable parental consent, we will delete it promptly.

    7. Sharing Your Information

    We do not sell, rent, or trade your personal data. We may share your information only in the following limited circumstances:

    • Service providers: Trusted third-party companies that help us operate the Service (e.g., cloud hosting, payment processing, analytics). These providers are contractually required to handle your data only on our behalf and in accordance with this policy.
    • Other users: Certain social features display limited profile information (name and level) to users you have connected with. Community leaderboards may display your name and rank to other app users. You control which friend and partner connections you establish, and you may opt out of leaderboard visibility in your account settings.
    • Legal requirements: When required by law, court order, or governmental authority, or to protect the rights, property, or safety of ParentLevel, our users, or the public.
    • Business transfers: If ParentLevel is involved in a merger, acquisition, or sale of assets, your data may be transferred. We will notify you at least 30 days before your data becomes subject to a materially different privacy policy. If the new owner's privacy practices materially differ from ours, you will have the right to request deletion of your data before the transfer takes effect.

    8. Cookies & Analytics

    We use two categories of cookies and similar technologies:

    • Essential: Required for authentication, session management, and core app functionality. These cannot be disabled without breaking the Service.
    • Analytics (optional): Used to understand how users interact with the app and to identify areas for improvement. Analytics data is anonymized and aggregated. We collect this only with your explicit consent.

    When you first access the app, you will be asked for your consent to analytics. You may change your preference at any time through your browser settings or by contacting us. Declining analytics cookies does not affect your access to any part of the Service.

    9. International Data Transfers

    ParentLevel is operated from Brazil. If you access the Service from outside Brazil, your data may be transferred to and processed in Brazil or other countries where our service providers operate.

    Where your data is transferred internationally, we rely on appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission and equivalent mechanisms under the LGPD. Our main service providers include Supabase (database), Clerk (authentication), Stripe (payments), Vercel (hosting), PostHog (analytics), and Sentry (error monitoring), each of which maintains their own data processing commitments.

    10. Data Retention

    We retain your personal data only for as long as necessary to fulfill the purposes described in this policy:

    • Active accounts: Data is retained for the duration of your account.
    • Deleted accounts: When you delete your account, we will erase all personal data within 30 days, except where we are legally required to retain it (e.g., financial records for tax purposes, which may be retained for up to 5 years).
    • Aggregated analytics: Anonymized, aggregated data that cannot reasonably identify any individual may be retained for research and product improvement purposes. We periodically review our anonymization practices to ensure continued compliance with applicable standards.

    11. Your Rights

    Depending on your location, you may have the following rights regarding your personal data:

    • Access: Request a copy of the personal data we hold about you.
    • Rectification: Correct inaccurate or incomplete data.
    • Erasure ("right to be forgotten"): Request deletion of your personal data, subject to legal retention obligations.
    • Portability: Receive your data in a structured, machine-readable format for transfer to another service.
    • Restriction: Request that we restrict processing of your data in certain circumstances.
    • Objection: Object to processing based on legitimate interests.
    • Withdraw consent: Withdraw consent to analytics at any time, without affecting the lawfulness of prior processing.

    To exercise any of these rights, contact us at parentlevel@gmail.com. We will respond within 15 days for LGPD requests and within 30 days for GDPR requests (extendable by two further months for complex cases). We may ask you to verify your identity before fulfilling the request.

    If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection authority (e.g., the ANPD in Brazil, or a supervisory authority in your EU member state).

    12. Changes to This Policy

    We may update this Privacy Policy from time to time. For material changes, we will notify you through the app or by email at least 14 days before the changes take effect. Where required by applicable law — in particular for changes affecting the legal basis or purposes of data processing — we will seek your explicit agreement before the change takes effect. If you do not agree to a material change, you may delete your account before it takes effect.

    We encourage you to review this policy periodically. Prior versions will be made available upon request.

    13. Contact Us

    For any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact our privacy team:

    Email: parentlevel@gmail.com

    We will respond to formal data rights requests within the timeframes specified in Section 11. For general privacy inquiries, we aim to respond within 15 business days.