Privacy Policy
Akros Academics, Inc.
Effective Date: April 25, 2026 Last Updated: April 25, 2026
A note from us
Akros Academics, Inc. ("Akros," "we," "us," or "our") makes a learning product for kids. That means we take privacy seriously — not because a lawyer told us to, but because the families who use Akros are trusting us with information about their children, and that trust is the most important thing we have.
This Privacy Policy explains, in plain language, what information we collect, why we collect it, what we do with it, and what choices you have. We've written it so a parent can read it without a law degree. If anything is unclear, email us at privacy@akrosacademics.com and we will explain it.
This policy applies to akrosacademics.com, our mobile applications, and any other product or service that links to this policy (collectively, the "Service").
1. The short version
If you only have two minutes, here is what you need to know:
- Parents create accounts. Children do not. Children never log in directly. The parent is the account holder and the legal user of the Service. The parent provides consent on behalf of their child.
- We collect what we need to run the product. Your name, email, billing information, your child's first name and grade level, and the math work your child completes. That's the core of it.
- We do not sell your data. Ever. We do not run advertising, we do not share data with marketers or data brokers, and we do not allow third parties to track your child across the internet through our Service.
- We use a small number of trusted vendors (for email, payments, AI grading, hosting, and authentication) who help us operate the Service. They are bound by contract to handle data only on our behalf.
- You can delete your account and your child's data at any time. Email privacy@akrosacademics.com or use the in-app account deletion option, and we will delete everything within 30 days.
The rest of this document explains all of this in more detail, plus your specific rights under COPPA, CCPA, and GDPR.
2. Who this policy applies to
This policy applies to:
- Parents and legal guardians who create an Akros account ("Account Holders").
- Children whose information is added to an Akros account by their parent ("Students").
- Visitors to akrosacademics.com who do not create an account.
It does not apply to third-party websites or services that we link to. Those have their own privacy policies, and we encourage you to read them.
3. Information we collect
We collect three categories of information: information you give us, information about how you use the Service, and information automatically collected by your device.
3.1 Information you give us
When a parent creates an account, we collect:
- Account information: Your name, email address, password (stored as a one-way hash — we never see your actual password), and authentication credentials managed through our identity provider.
- Billing information: Your name, billing address, and payment method. Payment card details are collected and stored by our payment processor (see Section 6) and never touch our servers.
- Student profiles: For each child you add to your account, we collect the child's first name (or a nickname you choose), grade level, and any learning preferences you set up.
- Communications: If you email us, fill out a form, or contact our support team, we keep a record of that communication so we can help you.
3.2 Information about your child's learning
This is the heart of what Akros does, so it deserves its own section.
For each Student on your account, we collect:
- Math work submitted: Photos of completed math worksheets that you upload through the app or web portal.
- Answers and grading results: The answers extracted from those photos and whether they were correct.
- Learning history: Which concepts your child has practiced, which they have mastered, and which they are still working on.
- Lesson interactions: Which lessons your child has completed and when.
We collect this information for one purpose: to make the next lesson better than the last. The whole product is built on adapting to where your child actually is, not where a generic textbook assumes they are. We do not use this information for advertising, we do not share it with researchers or third parties, and we do not analyze it to build psychological profiles of children.
3.3 Information automatically collected
When you use the Service, we automatically collect:
- Device information: Browser type, operating system, device type, screen size, and similar technical information needed to render the Service correctly.
- Usage information: Pages visited, features used, time spent, and similar information about how you interact with the Service.
- IP address: Your IP address, which we use for security, fraud prevention, and to estimate your general location (country and region — not your street address).
- Cookies and similar technologies: We use a small number of essential cookies to keep you logged in and to remember your preferences. We do not use advertising cookies or third-party tracking cookies. See Section 9 for details.
We do not collect: precise GPS location, contacts, photos other than the ones you upload, microphone or camera access outside of explicit photo upload, biometric data, or behavioral advertising profiles.
4. How we use information
We use the information we collect to:
- Operate the Service: Create and manage your account, deliver daily lesson PDFs, grade submitted work, generate next-day lessons adapted to your child's progress, send you emails about your child's learning, and provide customer support.
- Process payments: Charge your subscription, send receipts, handle refunds, and prevent fraud.
- Improve the Service: Understand which features are working, fix bugs, and develop new features. When we use data for product improvement, we work with aggregated and de-identified information whenever possible.
- Communicate with you: Send you transactional emails (lesson delivery, billing, support replies), service announcements, and — if you opt in — occasional product updates. You can unsubscribe from non-essential emails at any time. We will never send marketing emails to children.
- Keep the Service safe: Detect and prevent fraud, abuse, security incidents, and violations of our Terms of Service.
- Comply with the law: Respond to lawful requests from courts and law enforcement, defend our legal rights, and meet regulatory obligations.
We do not use student learning data to train general-purpose AI models. We do use AI models (operated by us and our AI sub-processor — see Section 6) to grade handwritten work and generate personalized lessons, but those operations happen on your behalf, for your child, and the data is not retained by the AI provider for model training. We have a contractual commitment from our AI sub-processor that prohibits the use of customer data for model training.
5. The legal basis for processing (GDPR)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we want you to know the legal basis on which we process your personal data:
- Performance of a contract: Most of our processing is necessary to deliver the Service you signed up for. We need your account information to create your account, your billing information to charge you, and your child's learning data to deliver personalized lessons.
- Legitimate interests: We process some information based on our legitimate interests in operating, improving, and securing the Service, provided those interests are not overridden by your rights and freedoms. Examples: fraud prevention, debugging, and aggregate product analytics.
- Consent: For non-essential communications and any optional features, we ask for your explicit consent and you can withdraw it at any time.
- Legal obligation: Some processing is required to comply with applicable law.
Akros is a US-based company and does not currently market to users in the EEA, UK, or Switzerland. If you are located in one of those regions and have signed up anyway, your data will be transferred to and processed in the United States. We rely on appropriate safeguards (such as Standard Contractual Clauses with our sub-processors) to protect your data during these transfers.
6. How we share information
We do not sell your information. We do not rent it. We do not share it with advertisers, marketers, or data brokers. The only parties we share information with are:
6.1 Service providers (sub-processors)
We work with a small number of trusted vendors who help us operate the Service. These sub-processors are bound by contract to use data only on our behalf, only for the purposes we direct, and to maintain appropriate security and confidentiality. They do not have the right to use your data for their own purposes.
We use sub-processors in the following categories:
| Category | What they do | Provider |
|---|---|---|
| Application servers (compute) | Run the application servers that power the Service | Render |
| Web frontend delivery | Serve the akrosacademics.com web frontend | Vercel |
| Database | Store account, learning, and billing records | Neon |
| File storage | Store lesson PDFs and uploaded photos | Google Cloud Storage |
| Authentication | Manage login, password security, and account access | Clerk |
| Payment processing | Securely process subscription payments | Stripe |
| Email delivery | Send transactional and lesson emails | SendGrid |
| AI grading and lesson generation | Run the AI models that grade work and generate lessons | Anthropic |
| Error monitoring | Detect and diagnose technical issues | Sentry |
| Product analytics | Understand aggregate product usage | (To be added post-launch) |
This list reflects our current sub-processors. We may add or change sub-processors over time. When we make a material change, we will update this policy and the list above. For an always-current list, email privacy@akrosacademics.com.
6.2 Legal and safety
We may share information when we believe in good faith that doing so is necessary to:
- Comply with a valid legal request, court order, or applicable law.
- Enforce our Terms of Service.
- Protect the safety, rights, or property of Akros, our users, or the public.
- Detect, prevent, or address fraud, security, or technical issues.
When we receive a legal request, we review it carefully and push back on requests that we believe are overbroad or unlawful. Where legally permitted, we will notify the affected user before disclosing information.
6.3 Business transfers
If Akros is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred to the successor entity. If that happens, we will notify you and the successor will be bound by this Privacy Policy (or will provide notice and an opportunity to opt out before any new policy applies).
6.4 With your consent
We will share information for any other purpose only with your explicit consent.
7. Children's privacy and COPPA
Akros is designed for use by families with children, and we are committed to complying with the Children's Online Privacy Protection Act ("COPPA").
7.1 How we structure children's privacy
The Akros Service is designed so that children never directly create accounts or interact with our systems on their own. Only parents and legal guardians may create Akros accounts. By creating an Akros account and adding a child to it, you affirm that you are the child's parent or legal guardian and you provide consent, on behalf of your child, for Akros to collect and use the information described in this policy for the purpose of delivering personalized math instruction to your child.
This consent flow — where the parent is the account holder and the legal user, and the child's information is collected through the parent's account — is one of the consent mechanisms permitted under COPPA when the parent provides direct, affirmative consent during a transactional account creation flow.
7.2 Information we collect about children
The information we collect about a child is limited to:
- The child's first name (or nickname).
- The child's grade level.
- Photos of math worksheets the child has completed.
- The answers and grading results extracted from those worksheets.
- The child's learning history within the Service.
We do not collect: the child's last name, date of birth, home address, phone number, email address, social security number, biometric data, geolocation data, photos of the child's face or body, audio or video recordings of the child, or any persistent identifier used to track the child across other websites or services.
7.3 What we do with children's information
We use children's information only to deliver and improve the Akros Service for that child. Specifically, to grade work, to generate personalized next-day lessons, to track learning progress, and to display that progress to the parent.
We do not: - Use children's information for advertising or marketing. - Allow third-party advertising networks to collect children's information through the Service. - Use children's information to build behavioral profiles. - Sell, rent, or trade children's information. - Use children's information to train general-purpose AI models. - Disclose children's information to any third party except our sub-processors (Section 6.1) and as required by law (Section 6.2).
7.4 Parental rights under COPPA
As the parent or legal guardian of a child whose information we have collected, you have the right to:
- Review the personal information we have collected from your child.
- Request deletion of your child's personal information.
- Refuse to permit further collection or use of your child's personal information.
- Withdraw consent at any time, which will result in deletion of your child's information and termination of your account.
To exercise any of these rights, email privacy@akrosacademics.com from the email address on your account, or use the account management options inside the Service. We will respond within 30 days. We do not require any payment or condition any of these rights on your child's continued participation in the Service.
7.5 Direct notice to parents
This Privacy Policy serves as our direct notice to parents under COPPA. By creating an Akros account and adding a child to it, you are providing verifiable parental consent, in the manner permitted by 16 C.F.R. § 312.5(b)(2), through a transactional account creation flow that requires you to:
- Affirm that you are the parent or legal guardian.
- Read and accept this Privacy Policy and our Terms of Service.
- Provide payment information through our payment processor (which independently confirms your identity as an adult).
8. Your rights and choices
Regardless of where you live, you have rights regarding your personal information. The specific rights depend on your jurisdiction, but Akros honors the following choices for all users:
8.1 Access and portability
You can request a copy of the personal information we hold about you and your child. We will provide it in a commonly used, machine-readable format within 30 days.
8.2 Correction
You can update most account information directly inside the Service. For information you cannot update yourself, email privacy@akrosacademics.com.
8.3 Deletion
You can delete your account and all associated data at any time, either through the in-app account deletion option or by emailing privacy@akrosacademics.com. Once we receive a deletion request, we will delete your data within 30 days. Some information may be retained in backups for a short additional period before being permanently overwritten, and we may retain information that we are legally required to keep (such as billing records for tax purposes).
8.4 Opt-out of communications
You can unsubscribe from non-essential emails at any time using the unsubscribe link in any email or by emailing us. We will continue to send transactional emails (lesson delivery, billing, support replies) for as long as you have an active account, because those emails are part of the Service you are paying for.
8.5 California residents (CCPA / CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:
- Right to know: What categories of personal information we collect, the sources of that information, the purposes for which we use it, and the categories of third parties we share it with. This Privacy Policy provides that information.
- Right to delete: As described in Section 8.3.
- Right to correct: As described in Section 8.2.
- Right to opt out of sale or sharing: Akros does not sell or share personal information as those terms are defined under the CCPA. There is nothing for you to opt out of.
- Right to limit use of sensitive personal information: Akros does not use sensitive personal information for purposes that would trigger this right.
- Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA rights.
To exercise these rights, email privacy@akrosacademics.com. We will verify your request by confirming your identity through the email address on your account.
8.6 EEA, UK, and Swiss residents (GDPR)
If you are in the European Economic Area, the United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation:
- Right of access to your personal data.
- Right to rectification of inaccurate data.
- Right to erasure ("right to be forgotten").
- Right to restrict processing in certain circumstances.
- Right to data portability.
- Right to object to processing based on legitimate interests.
- Right to withdraw consent at any time, where processing is based on consent.
- Right to lodge a complaint with your local data protection authority.
To exercise these rights, email privacy@akrosacademics.com. We do not currently have an EU representative because we do not actively market to EU users; if Akros begins offering services in the EU, we will appoint a representative as required by Article 27 of the GDPR.
9. Cookies and tracking technologies
Akros uses a small number of cookies and similar technologies, all of which fall into one of two categories:
- Strictly necessary cookies: Required for the Service to function. These keep you logged in, remember your preferences, and protect against cross-site request forgery. You cannot disable these and use the Service.
- Functional cookies: Help us remember your settings and preferences across sessions to give you a better experience.
We do not use: - Advertising cookies. - Third-party tracking cookies. - Cross-site behavioral tracking pixels. - Any tracking technology designed to follow children across the internet.
Most browsers let you control cookies through their settings. Disabling strictly necessary cookies will prevent the Service from working correctly.
10. How we protect information
We use industry-standard technical and organizational measures to protect the information we collect, including:
- Encryption in transit: All traffic between your device and our servers is encrypted using TLS.
- Encryption at rest: Sensitive information stored in our databases is encrypted at rest.
- Access controls: Access to production systems is limited to authorized personnel and protected by multi-factor authentication.
- Vendor security: Our sub-processors are selected in part for their security practices and are bound by contract to maintain appropriate safeguards.
- Regular security review: We monitor for security incidents and review our security practices regularly.
No security system is perfect. If we ever experience a security incident that affects your personal information, we will notify you and any required regulators promptly, in accordance with applicable law.
11. How long we keep information
We keep personal information only as long as we need it for the purposes described in this policy:
- Account information: While your account is active, plus 30 days after deletion.
- Student learning data: While the student is on an active account, plus 30 days after deletion.
- Billing records: As required by tax and accounting law (typically 7 years).
- Communications: For as long as needed to provide support and resolve issues, then deleted on a rolling basis.
- Backups: Backups containing deleted data are overwritten on a regular cycle, typically within 30 days of the original deletion.
If you delete your account, we delete your active data within 30 days. Backup deletion happens on its normal cycle. Billing records are retained for the period required by law.
12. International data transfers
Akros is based in the United States, and our servers are located in the United States. If you are using the Service from outside the United States, your information will be transferred to, stored in, and processed in the United States.
For users in the EEA, UK, and Switzerland, we rely on Standard Contractual Clauses approved by the European Commission as the lawful basis for international transfers, where applicable.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we make a material change, we will:
- Update the "Last Updated" date at the top of this policy.
- Notify Account Holders by email at the address on file.
- For changes that materially expand how we use existing information, request your renewed consent before the change takes effect.
For non-material changes (clarifications, formatting, updates to sub-processor names within the same category), we will update the policy without individual notice but will always show the updated date.
14. Contact us
If you have questions, concerns, or requests related to this Privacy Policy or how we handle your information, please contact us:
By email: privacy@akrosacademics.com
By mail: Akros Academics, Inc. Attn: Privacy 131 Continental Dr, Suite 305 Newark, DE 19713 United States
We will respond to all privacy inquiries within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.
This Privacy Policy is provided in English. If we provide translations into other languages, the English version will control in case of any conflict.