Privacy Policy

Last updated: May 4, 2026

COPPA Compliance (Children's Online Privacy Protection Act)

Piepie is fully compliant with the Children's Online Privacy Protection Act (COPPA), administered by the U.S. Federal Trade Commission (FTC). We are specifically designed for children under 13 and take special precautions to protect their privacy.

We do not collect personal information from children without verifiable parental consent. Parents create accounts and set up child profiles, providing explicit consent. We do not collect children's email addresses, full names, or persistent identifiers beyond what is necessary for service delivery.

Children's data is used solely to provide the Piepie service, including age-appropriate AI chat, safety filtering, parental controls, safety notifications, and support. We never sell children's data or use children's data for advertising. Parents may delete their account in the app or request deletion by contacting privacy@piepie.ai.

GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). We process data under the legal bases of: (1) contract performance for subscription services; (2) legitimate interests for safety monitoring; (3) parental consent for children's data processing.

EEA residents have the right to access, rectify, erase, restrict, and port their data. To exercise these rights, contact dpo@piepie.ai.

FERPA Compliance

For educational use, Piepie supports FERPA-ready school data handling, with workflows designed to help schools and educators handle student data carefully and responsibly.

Data We Collect

Parents: Email address, name, profile picture or sign-in identifier from Google Sign-In or Sign in with Apple, subscription status, purchase identifiers, support messages, and account settings.

Children: First name only, age or birth date for content calibration, optional gender for pronoun use, parent-selected safety settings, conversation messages, AI responses, safety event logs, usage counts, and invite-code state.

We do not collect children's email addresses, precise location, contacts, advertising identifiers, or biometric identifiers. Microphone access in the mobile app is used for dictation; chat text is sent to Piepie after transcription.

Data Retention

Conversation history is retained for 90 days by default unless a parent deletes the account earlier. Safety notifications may be retained for up to 1 year for audit and child-safety purposes. Parent account data is retained while the account is active. Store transaction records may be retained as required for accounting, fraud prevention, tax, and legal compliance.

Security

All data is encrypted in transit and at rest. We use strong technical and organizational safeguards, regular security reviews, and controls that support data sovereignty requirements.

Contact Us

Privacy questions or data requests? Email privacy@piepie.ai. Support requests can be sent from the support page or to support@piepie.ai.