Scout
LanguageEnglish (US)Spanish (Mexico)French (Canada)French (France)

Privacy Policy

Effective: 2026-04-24

Scout is a learning companion for kids ages 8–12. This policy explains what we collect, why, how long we keep it, and the rights you and your child have over that data.

This policy is written to satisfy:

  • U.S. Children's Online Privacy Protection Act (COPPA)
  • General Data Protection Regulation (GDPR) and UK GDPR
  • California Consumer Privacy Act (CCPA) and similar state laws

If anything in here is unclear, please email the address at the bottom.

Who we are

Scout is operated by Scout Learning. The data controller for personal data is Scout Learning. (Address and DPO contact will be added before public launch.)

What we collect

About you, the parent:

  • Email address and display name
  • Hashed password (we never see your password in plain text)
  • Account role (parent, teacher, or admin)
  • Records of consents you have given, including timestamp, policy version, and a one-way hash of your IP at the moment of consent
  • Optional marketing opt-in choice

About your child:

  • First name (or nickname) and grade level — what you supply
  • The language Scout speaks to your child in (instruction language) and, optionally, your child's home language — both as you supply them, used so Scout can briefly bridge to the home language when it reduces confusion during English instruction
  • Conversations between your child and Scout (full text)
  • Audio recordings of your child's voice and Scout's spoken responses — only when you have explicitly turned on voice mode via your account settings (separate consent from base data processing). Audio is encrypted at rest in cloud storage and is deleted when you delete the child profile or your account.
  • Per-turn ratings you provide and any notes you write
  • Anything teachers you invite share for the child (lesson plans, curriculum, observations) and any files they attach

Automatically:

  • Token usage per Claude API call (for billing reconciliation only)
  • Approximate IP at signup, hashed (see above)

We do not collect: location data, device identifiers, biometrics, contacts, microphone, camera, or any data from third-party tracking SDKs. There are no third-party trackers on Scout pages.

Why we collect it

| Purpose | Data used | Legal basis (GDPR) | |---|---|---| | Run a tutoring session | Conversation, child name + grade | Consent | | Personalize Scout for your child | Past conversations, teacher input | Consent | | Allow parent oversight (review, ratings, progress reports) | Conversations, ratings | Consent | | Improve our LLM through fine-tuning | Scrubbed conversations (names → [CHILD], emails/phones redacted) | Consent + legitimate interest | | Account security (passwords, sessions) | Email, password hash | Contract performance | | Legal compliance, audit trail | Consent records, deletion logs | Legal obligation |

How long we keep it (data retention)

Default retention windows. Specific implementation lands in the next PR; this is the published policy.

| Data | Retention | |---|---| | Raw conversation transcripts (exchanges) | 2 years from last session | | Voice recordings (when voice mode is on, opt-in) | 2 years from last session, or until you revoke voice consent and delete | | Per-turn audit (exact prompts sent to the LLM) | 2 years | | Scrubbed training examples (no names) | Indefinite, used to improve Scout | | Session metadata (subject, topic, dates) | 2 years | | Notifications | 1 year, read or unread | | Account, child profiles | Until you delete them | | Consent records | 7 years after consent ends (regulator audit) |

You can delete everything tied to your parent account at any time — see "Your rights" below.

Who sees what

The third parties listed below all process Scout user data on our behalf. The canonical, always-current list — including each provider's data-flow scope, region, and Data Processing Addendum status — lives on our Subprocessors page.

  • Parent: full access to their kids' transcripts, ratings, and any teacher input.
  • Teacher: only sessions in subjects you grant them, only their own notes, only their own files. Teachers do not see other teachers' notes or your ratings.
  • Admin (Scout staff): aggregate metrics, training-data export of scrubbed (no-name) conversations. Admins do not browse individual parent or child accounts.
  • Anthropic (our LLM provider): receives the conversation text needed to generate Scout's responses. Conversations are not used by Anthropic to train their models. A Data Processing Addendum with Anthropic is required before any data flows from EU/EEA users; status is tracked publicly on our Subprocessors page.
  • OpenAI (speech-to-text for English voice sessions, when voice mode is on): receives the audio clip and returns the transcript. Audio is not retained for model training under our API agreement.
  • ElevenLabs (text-to-speech for Scout's spoken responses, when voice mode is on): receives the response text and returns synthesized audio.
  • Microsoft Azure Cognitive Services (pronunciation scoring for vocabulary drill turns in Spanish/French/German sessions only): receives the audio clip and returns per-phoneme pronunciation scores against the specific word/phrase Scout is teaching. Used only on drill turns — conversational language turns are transcribed by OpenAI Whisper and never sent to Azure. Azure has explicit COPPA + FERPA compliance posture; data is processed in the US region.

We also keep a per-child vocabulary log for foreign-language sessions (which words have been formally introduced, drill counts, accuracy trajectory). This is internal data used to drive Scout's "don't re-introduce a word the kid already knows" behavior and to populate the parent's progress report. It is deleted with the child record.

For voice-mode sessions we also extract acoustic features from the child's incoming utterances — loudness, pitch, vocal pattern markers that may indicate distress (shouting, whispered, unusually high pitch). This analysis runs on our own server, in our own code, without sending audio to any third party for tonal analysis. The extracted numbers (and derived flags) are stored alongside the existing audio_clips record. Their purpose is safety: Scout's pause_for_grownup tool can fire on tonal signal even when a child's words are neutral. Like all voice-related data this is deleted with the child record (and earlier if voice consent is revoked).

Stronger COPPA verification

For closed beta, we use FTC-approved email-plus verification: checkbox attestation + a verified-email confirmation click. Before public launch we offer a stronger verification path on every account:

  • Government-ID review: parent uploads a photo of a current government-issued ID (driver's license, passport, etc.). A trained Scout reviewer checks the document, marks the consent record verified with method = "government_id". Photos live in encrypted storage and are deleted with the parent's account.
  • Credit-card transaction (planned): a small ($0.50) authorization charge that's immediately voided. The FTC's preferred verification method.
  • Knowledge-based authentication / video-conference (reserved): available on request for specific compliance contexts.

The stronger verification is optional during closed beta. Email-plus is sufficient by FTC guidance for our current scale and absence of third-party PII sharing. Once a parent completes a stronger verification, that method is recorded on every consent record they hold and remains attached for the audit trail.

Cohort comparisons (anonymized aggregates)

The Outcomes page may show your child's standards-coverage percentile within a cohort of other Scout users at the same grade level (e.g., "73rd percentile among grade-4 children"). These comparisons are computed entirely server-side from aggregate counts:

  • No identifying information from any other child's account is ever exposed — the comparison is a single percentile number plus the cohort size.
  • K-anonymity enforced: comparisons are suppressed when fewer than five children are in the cohort, so no aggregate can be reverse- engineered into a small group.
  • The comparison cannot be used to identify, infer, or learn anything specific about any other child.

This is the only place Scout uses cross-account data, and it is strictly aggregate. Your child's individual data is never shared with any other parent or account.

We never sell data. We never share data with advertisers. We never use your child's data to train any model other than Scout itself.

Verifiable parental consent

Under COPPA, "verifiable parental consent" must be more than a checkbox. For our closed beta, we use the FTC-approved email-plus method:

  1. You check a box at signup confirming you are 18 or older and consent to Scout's data practices for your child.
  2. We send a verification link to your email.
  3. You click that link to confirm. Consent is final after a short delay.

Before any public launch we will upgrade to a stronger method (credit-card transaction, government ID, knowledge-based questions, or video confirmation), per COPPA §312.5(b).

You can revoke consent at any time by deleting your account or by emailing us.

Your rights

You always have the right to:

  • Access all data we hold about you and your child — download a JSON export from your Privacy & data page.
  • Correct anything that's wrong — edit child profiles, rename yourself, etc.
  • Delete everything — the Delete account button on your Privacy & data page wipes raw transcripts, per-turn audits, sessions, exchanges, notifications, teacher links, scrubbed training examples derived from your child's sessions, and the account itself. Co-parented children remain if another parent is still active.
  • Object to specific processing — email us; we'll comply unless legally required to keep something.
  • Portability — your data export is in JSON, machine-readable.
  • Lodge a complaint with your local data-protection authority (in the EU/UK), or with the FTC (in the US).

Children's rights

If your child wants to stop using Scout, talk to them about it and delete their profile. Scout will tell a child to seek a trusted adult if they show signs of distress; we don't recommend kids interact with Scout unsupervised in those moments.

Changes to this policy

When we change this policy, the version stamp at the top changes and we re-prompt you to consent at next sign-in. Your old consent record stays in our audit log alongside the new one.

Contact

Questions, deletion requests, or to invoke any right above: email [email protected].

(Real address + DPO contact added before public launch.)

Privacy·Terms·Subprocessors·Home