🧠 AIKA Privacy Policy

Last updated: 4 June 2026 · Private beta · Republic of Ireland

AIKA AI Academy ("AIKA", "we", "us") is an AI-literacy academy designed for children aged 8–14, used under parental supervision. This policy explains what we collect, why, how we protect it, and the rights you and your child have. We have written it to comply with the EU/Irish GDPR and the US COPPA (Children's Online Privacy Protection Act).

1. Who is responsible for your data (Data Controller)

AIKA AI Academy is the data controller. For any privacy question or request, contact: hello@aika.social (Ireland).

2. What we collect

Child's first name / chosen username — to personalise lessons.
Child's age group (8–10, 11–13, 14+) — entered by the parent.
Parent's name and (optional) email — provided by the parent at sign-up / invite.
Lesson progress — lessons completed, neurons earned, streaks, session timestamps.
Journal / notes the child chooses to write inside AIKA.
Conversation content between the child and the AIKA tutor (used only to teach your child).

3. What we deliberately do NOT collect

No full legal names beyond the chosen first name / username.
No home address, school, or precise location data.
No device fingerprinting or persistent advertising identifiers.
No behavioural advertising, ad tracking, or third-party marketing trackers.
No selling or sharing of personal data with advertisers — ever.

4. Lawful basis (GDPR Article 6 & 8)

In Ireland, processing a child's personal data online requires parental consent for children under 16. Access to AIKA is invitation-only: invite codes are issued directly to a parent/guardian, and at sign-up the parent confirms they consent to their child using AIKA. That parental consent is our lawful basis for processing. Where a parent provides an email, we also rely on legitimate interest to send account/progress updates, which you can opt out of at any time.

👶 COPPA Notice — Children under 13

AIKA does not knowingly collect personal information from children under 13 without verifiable parental consent. Access to AIKA is by invitation only, and invite codes are sent directly to parents/guardians. If you believe a child under 13 has registered without parental consent, please contact hello@aika.social immediately and we will delete the account and all associated data.

5. Children's data belongs to the child & parent

All progress, notes, neurons, and conversation history belong to the child and their parent/guardian. Parents may, at any time, ask us to view, export, correct, or permanently delete all of their child's data by emailing hello@aika.social.

6. How long we keep data (Retention)

We keep a child's data for as long as the account is active. When you request deletion, we remove the data within 30 days. Routine encrypted backups may retain a copy for a short rotation period, after which they are overwritten.

7. Where your data is stored & who processes it (Third parties)

Service	Purpose	Data involved
AIKA server (EU-based, Ireland region)	Hosts the platform & all accounts	All account & progress data
OpenRouter (AI gateway)	Routes the chat request to the AI model that generates the tutor's replies	The child's chat messages are passed through to the model to produce a reply. Not used for advertising or model training.
DeepSeek (AI model provider, via OpenRouter)	The underlying large-language model that writes the tutor's replies	Receives the child's chat message text to generate a response. Not retained for advertising; not used to train models on a child's data.
HuggingFace (private backup repo)	Encrypted off-site backup of platform data	Private repository only. Child private journal/memory data is excluded from backup.

All processors are bound to use the data only to provide their service to AIKA, never for advertising or resale.

8. Cookies

AIKA uses a single session cookie (aika_session) to keep a user logged in. It is HttpOnly, SameSite=Lax, and (in production) Secure. We use no tracking, analytics, or advertising cookies. Because the only cookie is strictly necessary for login, no separate cookie-tracking consent is required; we still show a brief notice for transparency.

8a. AI transparency

AIKA's tutor is an artificial-intelligence system, not a human. Children and parents are told this clearly in the interface. The AI is used only to teach and converse with your child about AI literacy. We do not use the AI to make any automated decision that produces legal or similarly significant effects about your child (GDPR Article 22). Parents can view the full conversation history at any time in the Parent dashboard.

9. Your rights (GDPR)

You and your child have the right to: access the data we hold, rectify it, request erasure ("right to be forgotten"), request portability (an export), and object to / restrict processing. To exercise any right, email hello@aika.social. You also have the right to lodge a complaint with the Irish Data Protection Commission (dataprotection.ie).

10. Security

Passwords are stored hashed (bcrypt). Account files are access-restricted on the server. Session cookies are HttpOnly and signed. Off-site backups are private and encrypted.

11. Changes to this policy

If we make material changes we will update the "Last updated" date above and, where appropriate, notify parents by email.

12. Contact

Questions about your data or this policy? Email hello@aika.social.