PRINCIPLE
🔒

Privacy Policy

We believe in transparency about how we protect your data

Last updated: November 17, 2025 | Effective date: November 17, 2025

Principle Labs Inc. ("we", "us") provides a civics-education platform for K-12 learners and general users. This policy explains our practices in plain English, covering all our features including AI assistance, multiplayer games, and learning pods.

Principle is a new platform, so while we don't have extensive usage data yet, this policy outlines how we handle data and what we plan to measure as we grow. We are committed to protecting your privacy and giving you control over your personal information.

We are FERPA and COPPA compliant and have signed the Student Data Privacy Consortium (SDPC) National Data Privacy Agreement v2.0.

What Information We Collect

Account Information

  • Email address (for account creation and communication)
  • Name (if you choose to provide it)
  • Profile preferences (theme, notification settings, accessibility options)
  • Educational status (for educational access verification)
  • Language preferences and accessibility settings

Educational Records (FERPA Protected)

FERPA Compliance: We act as a School Official with a legitimate educational interest when handling student data. Educational records are isolated in our school schema with enhanced protections.

  • Student names, grades, and school identification numbers
  • Course enrollments and teacher assignments
  • Quiz scores and educational progress tracking
  • Learning pod memberships and classroom integrations
  • Parent/guardian contact information (when applicable)
  • LMS integration data: When you connect Google Classroom or other learning management systems, we receive only the information necessary to sync your class rosters and assignments. We do not access other information in your LMS account.

Educational Institution Accounts: Schools and districts that use Principle under institutional agreements are governed by separate Data Processing Agreements (DPAs) that include FERPA compliance commitments, enhanced data security requirements, institutional data access controls, and audit rights for district administrators.

Learning Data

  • Quiz scores, performance metrics, and progress tracking
  • Questions answered, time spent, and learning patterns
  • Skill assessments and knowledge gap analysis
  • Custom deck preferences and AI-generated content interactions
  • Gamification data (progress tracking, achievements, learning streaks)
  • Learning objectives and personalized recommendations

Social & Multiplayer Data

  • Multiplayer game participation and performance
  • Learning pod memberships and interactions
  • Chat messages and communications in multiplayer features (moderated for safety)
  • Social features usage (sharing achievements, inviting friends)
  • Collaborative learning activities and group progress
  • User-generated content in multiplayer features (moderated to protect minors)

AI Interaction Data (Optional Features)

Privacy First: All AI interactions are anonymized before processing. We never share your personal information with AI providers. AI features are opt-in only and can be disabled at any time.

  • Conversations with AI learning assistants (anonymized and encrypted)
  • Anonymized learning preferences for AI personalization
  • Content generation requests (no personal identifiers included)
  • AI-powered accessibility features (text-to-speech, translations)
  • Note: Voice data processed for text-to-speech is handled as biometric data with enhanced protections

Technical Information

  • Device and browser information
  • IP address and general location (for security and regional content)
  • Usage patterns and app performance data
  • Error logs and crash reports (anonymized)
  • Feature usage analytics and A/B testing data

Planned Analytics & Metrics (New Platform)

Transparency First: As a new platform, we're building systems to measure our effectiveness. Here's what we plan to track to improve civic education quality.

  • Content engagement patterns (which topics generate learning vs. clicks away)
  • Educational effectiveness metrics (knowledge retention and skill development)
  • Community feedback quality (user reports, content bookmarking, sharing patterns)
  • Accessibility usage data (text-to-speech, translation features, device compatibility)
  • Platform performance metrics (load times, error rates, feature adoption)
  • Source credibility tracking (how our content verification systems perform)

Payment & Subscription Data

  • Subscription status and billing history (processed by Stripe)
  • Donation records for access verification
  • Educational access verification documents
  • Gift credit transactions and redemptions

How We Use Your Information

Core Educational Features

  • Personalize your experience: Track your progress, recommend relevant content, and adapt difficulty levels
  • Gamification: Track progress, achievements, and maintain learning streaks
  • Skill assessment: Identify knowledge gaps and suggest targeted learning paths
  • Progress analytics: Provide detailed insights into your learning journey

AI-Powered Features (Optional)

  • AI learning assistance: Provide personalized learning help and answer civic questions
  • Content generation: Create custom quiz questions and learning materials based on your needs
  • Accessibility: Power text-to-speech and language translation features
  • Smart recommendations: Suggest relevant topics and learning objectives based on anonymized patterns
  • Automated decisions: You have the right to opt out of AI-powered recommendations and request human review of learning assessments. Contact privacy@principlecivics.com to exercise this right.

Social & Collaborative Features

  • Multiplayer games: Match you with appropriate opponents and track game performance
  • Learning pods: Enable collaborative learning and group progress tracking
  • Safety & moderation: Monitor interactions to prevent harassment and maintain a positive environment
  • Community features: Enable sharing achievements and connecting with other learners

Platform Improvement & Communication

  • Improve our service: Analyze usage patterns to enhance features and fix issues
  • Build quality metrics: As a new platform, establish baseline measurements for educational effectiveness
  • Community feedback integration: Use user reports and educator feedback to refine our content standards
  • Communicate with you: Send important updates, respond to support requests
  • Security: Detect and prevent fraud, abuse, and security threats
  • Legal compliance: Meet legal obligations and enforce our terms of service

Third-Party Service Providers

We work with trusted service providers to deliver our educational platform. These providers are contractually obligated to protect your data and use it only for the services they provide to us. Click any provider to see more details.

For Educational Institutions

Complete transparency: A detailed list of all sub-processors with specific vendor names, locations, and compliance certifications is available upon request to comply with your data processing agreements. Contact legal@principlecivics.com for institutional documentation.

Data Sharing & Protection

What We Share

We never sell your personal data. Period. Your trust is more valuable than any payment.

  • Learning pod members: Only the progress and achievements you choose to share within your learning pods
  • Multiplayer participants: Only your game performance and chosen display name during multiplayer sessions
  • Public achievements: Only achievements you explicitly choose to share publicly
  • Aggregated analytics: Anonymized, non-identifying usage statistics for research and improvement
  • Legal requirements: Information when required by law or to protect rights and safety

What We Don't Share

  • Personal information: Your email, name, or any identifying information
  • Private learning data: Your individual quiz scores, learning patterns, or progress details
  • AI conversations: Your private interactions with AI learning assistants
  • Payment information: Any financial or billing details
  • Private communications: Messages or content not explicitly shared by you

Your Rights & Controls

Privacy Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Update: Correct any inaccurate information in your account settings
  • Delete: Request deletion of your account and all associated data
  • Export: Download your learning data, progress, and achievements
  • Opt-out: Disable AI features, analytics, or specific data collection at any time
  • Portability: Transfer your data to another service
  • Restrict processing: Limit how we use your information
  • Object: Object to certain types of processing

Granular Controls

  • AI features: Enable/disable AI interactions and content generation
  • Social features: Control visibility in multiplayer games and learning pods
  • Analytics: Opt out of usage analytics and performance tracking
  • Communications: Manage email preferences and notification settings
  • Data sharing: Control what information is shared in collaborative features
  • Accessibility: Enable/disable text-to-speech and translation features

Account Management

  • Profile settings: Control what information is visible to other users
  • Learning pod privacy: Manage who can see your progress and invite you to pods
  • Multiplayer settings: Control matchmaking preferences and communication options
  • Data retention: Set preferences for how long we keep your inactive data

Children's Privacy (COPPA Compliance)

Age Requirement: Principle is designed for users 13 and older. Users under 18 need parental consent.

Age Verification

We use age-gating at account creation to verify users meet our age requirement. For educational accounts, school verification serves as age verification under the school official exception.

Protections for Minors

  • Parental consent: Required for all users under 18
  • Limited data collection: We collect minimal data from minors and never use it for advertising
  • Enhanced protections: Additional privacy safeguards for users under 18
  • Educational focus: All features for minors are strictly educational
  • Moderated interactions: Enhanced moderation for any social features involving minors, including user-generated content in multiplayer features
  • Parental access: Parents can request access to their child's data and account deletion
  • No behavioral advertising: We never target ads to children or use their data for advertising purposes
  • No third-party advertising: We do not share children's data with third parties for advertising purposes and require separate opt-in consent for any advertising features (currently we have none)
  • Biometric data: Voice data and any facial recognition features (if enabled) are treated as biometric data with enhanced privacy protections and separate consent requirements

California K-12 Students

California law (KOPIPA) provides additional protections for K-12 students. We never sell student data, use it for advertising, or create profiles for non-educational purposes. Parents and students have enhanced rights under California law. Contact legal@principlecivics.com for California-specific privacy information.

Data Retention

  • Active accounts: Data is retained while your account is active
  • Educational contracts: Educational records deleted within 30 days of contract termination (FERPA requirement)
  • Individual accounts: Personal data deleted within 30 days of account deletion request
  • Inactive accounts: Data may be deleted after 3 years of inactivity (with prior notice)
  • Legal requirements: Some data may be retained longer for legal compliance
  • Anonymized analytics: Anonymized usage data may be retained indefinitely for research and platform improvement
  • New platform data: As we establish baseline metrics, anonymized engagement patterns help us understand what civic education approaches work best
  • AI improvement data: For educational features, anonymized aggregated patterns (not individual records) may inform platform improvements in compliance with FERPA restrictions. For consumer AI features, anonymized interactions may improve AI performance with explicit user consent.
  • Backup retention: Encrypted backups are retained for 90 days for disaster recovery
  • Educational backups: Rolling 7-day backups align with database backup policy

International Data Transfers

Principle operates globally. Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information regardless of where it's processed.

  • Data location: Primary servers are located in the United States
  • Legal basis: We use standard contractual clauses for international transfers
  • Security: All transfers are encrypted and secured
  • Your rights: You maintain all privacy rights regardless of data location

Cookies & Tracking Technologies

Essential Cookies

  • Authentication: Keep you logged in securely
  • Preferences: Remember your theme and language settings
  • Security: Protect against cross-site request forgery
  • Session management: Maintain your session during use

Analytics Cookies (Optional)

  • Usage patterns: Understand how features are used
  • Performance: Measure page load times and errors
  • A/B testing: Test new features and improvements
  • Opt-out available: You can disable analytics in settings

Security Measures

We implement industry-standard security measures to protect your information:

  • Encryption: All data is encrypted in transit and at rest using industry-standard protocols
  • Access controls: Strict employee access controls and regular security audits
  • Data minimization: We collect only what's necessary for our service
  • Regular backups: Secure, encrypted backups to prevent data loss
  • Incident response: Established procedures for handling any security incidents
  • Anonymization: Personal identifiers are removed from analytics and AI processing
  • Secure development: Security review of all code and features
  • Vulnerability management: Regular security scans and updates
  • Two-factor authentication: Available for enhanced account security
  • SOC 2 Type II compliance: Our infrastructure providers maintain industry-standard security certifications

Data Breach Notification

In the unlikely event of a data breach that affects your personal information:

  • Rapid notification: We will notify affected users within 24 hours of discovering a breach affecting personal information
  • Educational institutions: Immediate notification to district administrators, CISOs, and IT security teams as required by state educational data breach laws (often stricter than general privacy laws)
  • Full incident report: Comprehensive report provided within 72 hours with complete details
  • Detailed information: We'll explain what happened, what data was affected, and steps taken
  • Remediation: We'll provide guidance on protecting yourself
  • Support: Dedicated phone hotline and support for affected users
  • Transparency: Public disclosure when appropriate
  • Legal compliance: All notifications will meet FERPA and state educational data breach notification laws

Contact Us About Privacy

Questions about this privacy policy or your data? We're here to help:

  • Privacy inquiries: privacy@principlecivics.com
  • Data Protection Officer: legal@principlecivics.com
  • Educational compliance: support@principlecivics.com
  • Security concerns: legal@principlecivics.com
  • Legal matters: legal@principlecivics.com
  • Data requests: Submit requests for data access, correction, or deletion through your account
  • Response time: We respond to privacy requests within 30 days (educational institutions within 15 days)
  • FERPA requests: Educational data requests processed within FERPA-required timeframes

Changes to This Policy

When we update this privacy policy:

  • We'll notify you via email and in-app notification
  • Changes take effect 30 days after notification
  • We'll highlight significant changes clearly
  • Previous versions are available upon request
  • Continued use means you accept the updated policy

Our Privacy Promise: We collect only what's necessary to provide you with a great learning experience. We never sell your data, we use strong privacy protections for all AI features, and you have complete control over your information. Your trust is our most valuable asset.