SNAPPY

Your family's data, protected

Privacy Policy

Snappy is made for children. We built it to teach reading — not to profile, track, or advertise to your child. This policy explains, plainly, what we collect, why, and how you stay in control.

Last updated: 4 July 2026

On this page

  • 1. Who we are
  • 2. Who this covers
  • 3. What we collect
  • 4. Why & our legal bases
  • 5. What we never do
  • 6. Parental consent
  • 7. Children's data
  • 8. Voice recordings
  • 9. Who we share with
  • 10. International transfers
  • 11. How long we keep data
  • 12. Security
  • 13. Your rights
  • 14. Schools
  • 15. Cookies
  • 16. Payments
  • 17. Changes
  • 18. Contact & complaints
  • Regional annexes
Jump to a section
  • 1. Who we are
  • 3. What we collect
  • 5. What we never do
  • 8. Voice recordings
  • 13. Your rights
  • 18. Contact & complaints
  • Regional annexes

The short version

  • We never sell your or your child's data, never show ads, and never track, profile, or target advertising at children.
  • Voice recording is optional and off until a parent turns it on. We treat your child's voice as sensitive and use it only to give reading feedback and improve Snappy's listening — never to identify your child to anyone.
  • You can turn recording off, delete your child or account, and ask us to access or delete your information — and withdraw consent — at any time.
  • Questions or requests? Email hello@snappyreading.com.

This Privacy Policy explains how Synapse Learning Systems (“Snappy”, “we”, “us”) handles personal information across the Snappy family app (at snappyreading.com) and the Snappy for Schools product. Because Snappy is designed for young children, we hold ourselves to the strictest applicable children's-privacy standards worldwide and treat every user under 18 as a child.

1.Who we are

Snappy is operated by Synapse Learning Systems, a sole proprietorship based in New Delhi, India — we are the “data controller” / “Data Fiduciary” responsible for your information. For any privacy question, request, or complaint, email us at hello@snappyreading.com. We handle these ourselves and act as your privacy and grievance contact.

2.Who this policy covers

Snappy has two products with different legal footings:

  • Family app — a parent or guardian creates the account and adds their child. The parent provides consent on the child's behalf.
  • Snappy for Schools — a school or teacher sets up classes and student logins. Here the school directs the processing and holds the relationship with parents (see Section 14).

3.What we collect

Family app

  • Parent account: email address, display name, chosen country, and marketing attribution captured at signup (e.g. which link brought you to us). Sign-in is handled by our authentication provider.
  • Child profile: a display name and avatar you choose, plus learning preferences (such as audio sensitivity and voice-coach settings). We do not ask for a child's date of birth, and children have no email or login of their own.
  • Learning activity: progress, streaks, words practised, and per-attempt pronunciation analytics (which sound was expected, what was heard, quality scores, clarity, region, and the app/model version that graded it). These analytics are numbers and text only — never audio.
  • Voice recordings of your child speaking — only if you turn recording on (see Section 8).
  • Billing: subscription status and identifiers from our payment processor. We do not receive or store your card details (see Section 16).
  • Approximate country, derived from your network's country signal to set the right currency and support regional accuracy. We do not store your IP address in our database.

Snappy for Schools

  • School staff (admins, teachers): name and email.
  • Students: a name and class-based login (class code + name + a password managed by the teacher). Students have no email and no date of birth on file, and their learning activity as above.
  • Sales enquiries: if you use a “contact us” form, the details you submit (name, email, phone, school, role) are emailed to our team so we can reply.

4.Why we collect it, and our legal bases

PurposeData usedLegal basis (GDPR/UK) & consent (DPDP)
Provide the reading exercises & save progressAccount, child profile, learning activityPerformance of contract; parental consent for the child
Real-time pronunciation feedbackThe spoken utterance; per-attempt analyticsExplicit parental consent (voice = sensitive)
Improve & train our speech-recognition modelsVoice recordings (opt-in only)Explicit parental consent
Billing & subscription managementBilling identifiersPerformance of contract
Security, fraud prevention, service reliabilityAccount & technical dataLegitimate interests (balanced for children)
Regional pricing & accuracyApproximate countryLegitimate interests / contract

Where we rely on consent, you may withdraw it at any time without affecting processing already carried out. Voice data is treated as sensitive/biometric and processed only on explicit parental consent.

5.What we never do

  • We never sell or rent your data, your child's data, or any student's data.
  • We never show advertising in Snappy, and we never use children's data for advertising anywhere.
  • We never track children across the web, build advertising or behavioural profiles, or run third-party ad or analytics trackers. Our analytics are first-party and used only to teach reading better.
  • We never use a child's voice to identify them to third parties, and never sell or profit from voice data.

6.Parental consent

For the family app, a parent or guardian creates and controls the account, adds each child, and agrees to this policy before any child data is collected — this is how we obtain verifiable parental consent for children under 18. You can review your child's information, refuse or stop further collection, and delete it, at any time (see Section 13). If we ever materially change how we handle children's data, we will seek fresh parental consent.

7.Children's data — our defaults

  • High privacy by default: voice recording is off until a parent enables it; we collect the minimum needed to teach reading.
  • No behavioural profiling or nudging of children, and no location tracking — we only infer approximate country for currency and accuracy.
  • Plain language: we write for parents and children in clear terms, and keep a short summary at the top of this page.

8.Voice recordings

Snappy listens to your child speak so it can give reading feedback. Whether a recording of that speech is saved is entirely your choice:

  • Off by default, opt-in only. No audio is stored unless a parent (or, for schools, the school) has switched recording on. If consent is missing for any reason, nothing is recorded (“fail-closed”).
  • What is captured: the short clip of your child saying a sound or word. Nothing else.
  • What we use it for: (a) real-time pronunciation feedback, and (b) improving and training Snappy's speech-recognition models so it hears children more fairly and accurately. We treat voice as sensitive / biometric data.
  • How it's stored: recordings are saved under opaque, non-identifying file names (no name, word, or result in the file reference) with strict, least-privilege access.
  • Who processes it: our cloud storage provider (Google Cloud), and — when we train models — AWS (see Section 9 and Section 10). We never sell it and never use it for ads.
  • Your control: turn recording off at any time in Settings to stop new recordings, and ask us to delete existing recordings. Deleting your child or your account also removes the associated recordings.

9.Who we share data with (our processors)

We share personal data only with the service providers that help us run Snappy, under contracts that require them to protect it and use it only on our instructions. We do not sell data or share it with advertisers.

ProviderWhat it helps withWhat it receives
SupabaseDatabase, sign-in, storageAccount, profile, learning & consent data
Google CloudApp hosting (Mumbai) & voice-recording storageApp traffic; opt-in voice recordings
RazorpayPaymentsPayer details & card data (handled by Razorpay, not us)
ResendAccount & billing emailsRecipient email + message content
Google (Gemini)Optional voice-coach audioCurriculum text only — no child data or child audio
CloudflareSecure delivery & country signalApp traffic; approximate country
Amazon Web ServicesSpeech-model training (when run)Opt-in voice recordings + learning labels

10.International data transfers

Snappy's application and database are hosted in India (Google Cloud, Mumbai, and our database provider Supabase). Some processing happens elsewhere — in particular, when we train our speech models, opt-in voice recordings may be processed on AWS in the United States. Where we serve users in the EU, UK, or other regions, cross-border transfers to India and to our service providers rely on recognised safeguards — in particular the Standard Contractual Clauses (and the UK International Data Transfer Agreement) included in our providers' data-processing agreements. Hosting data in India is fully compatible with these rules when such safeguards are in place. You may request details of the safeguards we use.

11.How long we keep data

We keep personal data only as long as needed for the purposes above:

  • Account, profile & learning data: kept while your account is active, and deleted when you delete your account or child, or (for schools) when the school requests deletion.
  • Voice recordings: kept no longer than necessary and, in any case, no longer than 24 months. When you delete a child or account, or withdraw recording consent, the associated recordings are queued for deletion from storage.
  • We do not keep children's personal data indefinitely.

12.How we protect data

  • Encryption in transit (HTTPS/secure WebSockets) for all traffic.
  • Row-level access controls so each family sees only its own data, and least-privilege separation between everyday and administrative access.
  • Opaque, non-identifying storage keys for recordings, and consent checks that fail closed.
  • We maintain internal security practices and will notify you and the relevant authority of a personal-data breach where the law requires.

13.Your rights & how to use them

Depending on where you live, you (and, for a child, the parent) have rights to access, correct, delete, and receive a copy of personal data, to object to or restrict processing, to withdraw consent, to limit the use of sensitive data, and to nominate someone to exercise your rights (India). We do not sell or “share” data for advertising, so there is nothing to opt out of there.

  • In the app: parents can delete a child, toggle voice-recording consent, correct profile details (such as name and country), and manage the voice coach directly in Settings.
  • Voice recordings: recordings are not viewable or editable in the app. You can have them deleted by deleting the child or account, by turning recording off, or by asking us — and you can request a copy by email.
  • By email: for full-account deletion, a copy of your data, or any other request, email hello@snappyreading.com. We may verify that you are the account holder before acting, and we respond within the timelines required by law.
  • School students: requests are directed through the child's school (see Section 14).

14.Snappy for Schools (student data)

When a school uses Snappy, the school controls the student data and Snappy acts on the school's behalf (as a “school official” providing an educational service). For student data we commit that we:

  • use it only for the educational purpose the school authorised;
  • do not serve targeted advertising to students, sell student data, or build profiles for non-educational purposes;
  • delete student data on the school's request; and
  • make a data-processing agreement available to schools.

Student logins are created and managed by teachers (students have no email); parents' access and consent for the school product are handled through the school.

15.Cookies & similar technologies

Snappy uses only what's essential to run — for example, keeping you signed in. We do not use advertising or cross-site tracking cookies, and we do not run third-party ad or analytics trackers.

16.Payments

Subscriptions are processed by Razorpay. Your card details are entered directly with Razorpay and are never received or stored by Snappy. Payment data is not children's data and is never used for profiling.

17.Changes to this policy

We'll update this page when our practices change and revise the “last updated” date. If a change materially affects children's data, we'll seek fresh parental consent before it applies.

18.Contact & complaints

Reach us any time at hello@snappyreading.com — this is also our grievance and complaints contact. You also have the right to complain to a data-protection authority — for example the Data Protection Board of India, your EU supervisory authority, the UK ICO, or the US FTC / your state Attorney General.

Regional annexes

These annexes restate specific disclosures required in particular regions. They add to, and do not replace, the policy above.

United States — COPPA (children under 13)

Snappy is a child-directed service and complies with the Children's Online Privacy Protection Act. We collect from children only the information described above (including, with parental consent, voice recordings, which are personal information under COPPA). We obtain verifiable parental consent before collection, do not condition participation on unnecessary data, and maintain a written data-retention policy (Section 11) with defined deletion — we do not retain indefinitely. Parents may review their child's information, refuse further collection or use, and request deletion by emailing hello@snappyreading.com. We do not disclose children's information to third parties except the service providers in Section 9, and we require written security assurances from them.

EU & UK — GDPR / UK GDPR & the Children's Code

Our legal bases are in Section 4; voice data is special-category data processed on explicit consent. You have the rights of access, rectification, erasure, restriction, portability, and objection, and the right to withdraw consent and to lodge a complaint with a supervisory authority. International transfers rely on Standard Contractual Clauses / the UK IDTA (Section 10). We follow high-privacy-by-default, data-minimisation, and no-profiling principles for children (UK Age Appropriate Design Code). As a small sole proprietor, we have not yet appointed a Data Protection Officer or an Article 27 EU/UK representative; we will do so if and when the scale of our processing requires it, and in the meantime you can reach us directly at hello@snappyreading.com.

California — CCPA / CPRA

We collect the categories of personal information described in Section 3, including sensitive personal information (a child's voice recording). We do not sell or share personal information, and we do not use sensitive information for anything beyond providing and improving the service. Consumers have the rights to know, access, correct, delete, and limit the use of sensitive information. For under-16s we do not sell/share at all. Exercise rights at hello@snappyreading.com.

India — Digital Personal Data Protection Act, 2023

Synapse Learning Systems is the Data Fiduciary. We process a child's (under-18) personal data only with verifiable parental consent, and we do not track, behaviourally monitor, or serve targeted advertising to children, nor undertake processing likely to harm a child. You may access, correct, erase, and nominate, and withdraw consent. We act as our own grievance contact (Section 1) and will address complaints; you may also approach the Data Protection Board of India. On request, we will make this notice available in your preferred Indian language.

Schools — FERPA & SOPIPA (US)

For the school product we operate under the school-official exception: the school controls the education records, we use them only for the authorised educational purpose, we do not re-disclose them except to the processors in Section 9, and we delete them on the school's request. We do not use student data for targeted advertising, do not sell it, and do not build non-educational profiles. A data-processing agreement is available to schools.

Canada, Australia & Brazil

Canada (PIPEDA): we obtain meaningful, parental consent for children and honour access rights. Australia: we act in the child's best interests, require parental consent for younger children, obtain consent for any targeted advertising (which we do not do to children), and delete on request. Brazil (LGPD): we process children's data in their best interest with specific parental consent and clear, accessible information. In every case, contact hello@snappyreading.com to exercise your rights.

© 2026 Synapse Learning Systems · Snappy ← Back to snappyreading.com