Skip to content
L
LearnAI
← Back to LearnAI
Privacy

Privacy policy

Effective 22 May 2026 · plain language, no dark patterns

The short version. LearnAI is guest-first by design. You can use the entire product without an account, without an email, and without a card. When you do sign in, we collect the minimum needed to sync your progress across devices. We do not run ads, we do not sell data, and we do not train AI models on your child's answers.

1. What we collect

1.1 Guest mode (no sign-in)

Your progress, XP, streaks, parent settings, and project drafts live in your browser's localStorage and a cookie on the device you're using. We do not see them. Closing the tab keeps them. Clearing your browser data deletes them.

1.2 Signed-in mode

If you sign in (Google, email magic link, or email + password), we store on our server:

  • your email address
  • your name (only if you provide it)
  • your learner stage (Kids / Explorer / Builder / Scholar / Professional / Senior)
  • your lesson progress, XP, streaks, and completed projects
  • session tokens so you stay signed in

That's it. We do not store device fingerprints, advertising identifiers, or third-party tracking cookies.

1.3 AI-tutor interactions

When you ask the AI tutor a question, your prompt is forwarded to the AI provider currently configured for your instance (by default the bundled OllaBridge bridge running on Hugging Face Spaces, or any provider an administrator has added — OpenAI, Anthropic, xAI Grok, or self-hosted Ollama). The provider's own privacy policy applies to what they do with your prompt after we send it. We do not keep a server-side copy of individual chat turns beyond the live session.

2. Children's privacy (COPPA & equivalents)

The Little Learner world (ages 3–6) and Explorer world (ages 7–11) are governed by stricter rules:

  • A child profile is created and managed by a parent or guardian in the /parent dashboard. The child never enters an email address.
  • Parent-controlled allow-lists determine which subjects the child can see.
  • We do not collect the child's name beyond a first-name nickname, and that name lives locally unless the parent signs in to sync across devices.
  • Child sessions are not used to train any AI model.

3. What we do not do

  • We do not sell or share learner data with advertisers.
  • We do not run third-party trackers, pixels, or analytics scripts that profile users.
  • We do not train models on the content of your sessions.
  • We do not require an email address or phone number to start learning.

4. Wikipedia-sourced content

The WikiTest feature reuses Wikipedia article text under CC BY-SA 4.0 with attribution preserved on every generated test. We send aUser-Agent header identifying LearnAI so Wikipedia can rate-limit us politely.

5. Cookies

We use a small number of strictly-necessary cookies:

  • learnai_progress_v1 — your guest-mode progress state. Local to your device.
  • next-auth.session-token — only set when you sign in. Lets you stay signed in across page loads.
  • guestMode — a flag remembering that you chose to continue without an account.

We do not set advertising or analytics cookies.

6. Your rights

You can:

  • Use everything as a guest — nothing leaves your device.
  • Export your data — the parent dashboard has a one-click JSON export.
  • Delete your account — email us at privacy@learnai.example and we will delete every record we hold within 30 days.
  • Inspect the source — every line of how we handle data is public at github.com/ruslanmv/learnai.

7. Sub-processors

The hosted LearnAI service runs on:

  • Vercel — application hosting + CDN.
  • Neon (or a comparable Postgres host) — encrypted user database.
  • Hugging Face Spaces — the bundled OllaBridge AI inference bridge.
  • Google — only if you choose "Continue with Google" for sign-in.
  • Resend (or equivalent SMTP) — only for transactional sign-in emails when you choose magic-link authentication.

Self-hosters can run LearnAI against a different set of providers (or no provider beyond a local Ollama install) — see DEPLOYMENT-FREE-TIER.md.

8. Changes to this policy

We'll post a new effective date at the top of this page and announce material changes in the changelog. We will never silently weaken these protections.

9. Contact

Privacy questions, deletion requests, or COPPA escalations: privacy@learnai.example. For security reports, see SECURITY.md.

© 2026 LearnAI · Apache 2.0 source · CC BY-SA 4.0 content
PrivacyTermsHelpGitHub ↗