← Back to EmotiSense Kids

Privacy Policy

Effective Date: March 24, 2026 · Version 2.0

🛡️ COPPA Compliant 🏳️ CCPA Ready 🇧🇷 LGPD Compliant

1. Introduction

EmotiSense Kids ("the App") is an educational application developed and operated by SMR Tech ("SMR", "we", "us", or "our"). The App is designed to help children with special needs understand emotions, develop communication skills, and build healthy routines through interactive, AI-assisted activities.

We are deeply committed to protecting the privacy of children and their families. This Privacy Policy describes what information we collect, how we use it, how we protect it, and the rights available to you as a parent or legal guardian.

Data Controller: SMR Tech
Privacy Contact: cristaury2912@hotmail.com
App URL: https://emotisense-kids.web.app

2. Children's Privacy & COPPA Compliance

EmotiSense Kids is directed to children under the age of 13. We comply fully with the Children's Online Privacy Protection Act (COPPA), enforced by the U.S. Federal Trade Commission (FTC).

Our COPPA Commitment: We do not collect, use, or disclose personal information from children under 13 without first obtaining verifiable parental consent. A parent or legal guardian must create the account and provide consent before a child can use the App.

2.1 Verifiable Parental Consent

2.2 What We Do NOT Do

2.3 Parental Rights Under COPPA

As a parent or legal guardian, you have the right to:

  1. Review all personal information collected about your child.
  2. Request deletion of your child's personal information at any time.
  3. Refuse further collection by deleting the account or contacting us.
  4. Revoke consent at any time by emailing cristaury2912@hotmail.com.

We will respond to all parental requests within 48 hours.

3. Information We Collect

Data Category Details Purpose
Parent Account Email address, display name Authentication, communication
Child Profile First name only, age range Personalize experience
Parental PIN 4-digit PIN (hashed locally) Protect parental settings
Usage Data Session duration, screens visited, activities completed Progress tracking for parents
Emotion Logs Emotion labels (e.g., "happy", "sad") with timestamps Emotional wellness reports
Achievement Data Coins earned, milestones reached, routine completions Motivational rewards system

3.1 Information We NEVER Collect

4. AI Privacy & Moon Mirror Technology

EmotiSense Kids includes a feature called "Moon Mirror" that uses artificial intelligence to detect facial expressions and help children identify their emotions in real time.

Critical Privacy Safeguard: Moon Mirror processes all images entirely on the child's device (on-device inference). No photos, video frames, or biometric data are ever uploaded to our servers, stored in any database, or seen by human eyes — not by SMR Tech staff, not by any third party, not by anyone.

How Moon Mirror Works:

  1. The device camera captures a live video feed displayed only on-screen.
  2. A lightweight AI model (TinyFaceDetector + FaceExpressionNet) runs locally in the device's browser/WebView.
  3. The AI outputs an emotion label (e.g., "happy", "sad", "surprised") as plain text.
  4. Only the text label is saved to the child's emotion log — never the image.
  5. When the camera is closed, all video data is immediately discarded from memory.

Technical guarantee: The AI models are loaded from local files bundled with the App. They do not require an internet connection, and no network requests are made during emotion detection. Parents can verify this in the App's network activity.

5. Data Storage, Localization & Security

5.1 Where Your Data is Stored

Storage Layer Location Details
Local Storage Child's device Settings, session data, offline cache. Data remains entirely on the device.
Cloud Storage Google Cloud — São Paulo, Brazil
(Region: southamerica-east1)
Firebase Authentication, Firestore database, and Cloud Functions. All data encrypted at rest (AES-256) and in transit (TLS 1.3).
Data Localization: Although our primary user base is in the United States, we have chosen to host all cloud data on Google Cloud servers located in São Paulo, Brazil (southamerica-east1). These servers comply with both U.S. and Brazilian data protection standards and use enterprise-grade encryption for data at rest and in transit.

5.2 Security Measures

5.3 Guest Mode

The "Explore Without an Account" (Guest Mode) stores all data exclusively on the local device. No information is transmitted to any server while in Guest Mode. If the parent later creates an account, they are given the option to migrate local data to the cloud.

6. Payment Processing & Stripe

EmotiSense Kids offers optional premium features through in-app purchases. All payment transactions are processed securely by Stripe, Inc., a PCI-DSS Level 1 certified payment processor.

Important: SMR Tech does not store, process, or have access to your credit card numbers, debit card numbers, bank account details, or any other financial payment data. All financial information is handled exclusively by Stripe's secure infrastructure.

How Payments Work:

What SMR Stores for Billing:

You may manage or cancel your subscription at any time through the App's Parent Dashboard or by contacting us at cristaury2912@hotmail.com.

7. Data Sharing & Third-Party Services

We do not sell, rent, or trade personal information. The only third-party services that interact with user data are:

Service Provider Purpose Data Shared
Authentication Firebase Auth (Google) Secure login Parent email & password (hashed)
Database Cloud Firestore (Google) Data storage Child profiles, progress data
Payments Stripe, Inc. Transaction processing Payment info (direct to Stripe)

All third-party providers are contractually bound to protect user data and are compliant with applicable privacy regulations. We do not share data with any other third parties.

8. Your Rights Under CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) grant you additional rights:

To exercise your CCPA rights, email cristaury2912@hotmail.com with the subject line "CCPA Request". We will verify your identity and respond within 45 days.

🇧🇷 9. Direitos sob a LGPD (Usuários Brasileiros)

Seção específica para usuários localizados no Brasil, conforme a Lei Geral de Proteção de Dados (Lei nº 13.709/2018).

9.1 Controlador de Dados

SMR Tech atua como Controlador de Dados Pessoais nos termos da LGPD. Para qualquer solicitação, entre em contato com nosso Encarregado de Proteção de Dados (DPO) pelo e-mail: cristaury2912@hotmail.com.

9.2 Base Legal para Tratamento

9.3 Seus Direitos (Art. 18 da LGPD)

Como titular de dados ou responsável legal, você tem direito a:

  1. Confirmação da existência de tratamento de dados pessoais.
  2. Acesso aos dados pessoais coletados sobre seu filho.
  3. Correção de dados incompletos, inexatos ou desatualizados.
  4. Anonimização, bloqueio ou eliminação de dados desnecessários ou tratados em desconformidade.
  5. Portabilidade dos dados a outro fornecedor (em formato estruturado).
  6. Eliminação dos dados pessoais tratados com base no consentimento.
  7. Informação sobre entidades públicas e privadas com as quais compartilhamos dados.
  8. Revogação do consentimento a qualquer momento.
Dados Pessoais Sensíveis: Os registros emocionais e de desenvolvimento gerados pelo uso da App podem constituir Dados Pessoais Sensíveis conforme definido pela LGPD. Estes dados são armazenados com criptografia AES-256 em servidores localizados em São Paulo, Brasil (southamerica-east1), e são acessíveis exclusivamente pelo responsável legal através do Painel de Pais protegido por PIN.

9.4 Como Exercer Seus Direitos

Envie sua solicitação para cristaury2912@hotmail.com com o assunto "Solicitação LGPD". Responderemos em até 15 dias úteis, conforme estipulado pela legislação.

10. Device Permissions

Permission Used For Data Sent to Server?
Camera Moon Mirror emotion detection (real-time, on-device AI) No — processed locally, never uploaded
Microphone Voice assistant interactions No — processed locally, never recorded
Notifications Screen time alerts, break reminders, medical appointment reminders (set by parent) No — notifications are generated locally

All permissions are optional. The App functions fully without granting camera or microphone access — children can select emotions manually instead of using the AI mirror.

11. Cookies & Local Storage Technologies

EmotiSense Kids does not use cookies, tracking pixels, web beacons, or any third-party analytics tools.

We use the browser's localStorage API solely for:

This data never leaves the device unless the parent has created an account, in which case it is synced to the secure cloud database described in Section 5.

12. Data Retention & Deletion

To request complete data deletion, email cristaury2912@hotmail.com with the subject "Delete My Data".

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. When we make material changes:

We will always obtain fresh parental consent if a policy change involves collecting new categories of children's personal information or materially changes how previously collected information is used.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Controller SMR Tech
Privacy Email cristaury2912@hotmail.com
Subject Lines "COPPA Request" — U.S. parental rights
"CCPA Request" — California residents
"Solicitação LGPD" — Brazilian users
"Delete My Data" — Account deletion
Response Time Within 48 hours (COPPA), 45 days (CCPA), 15 business days (LGPD)