We take children's data seriously. Here's exactly what we do and don't collect.
This page is for parents, school administrators, and pediatricians who want plain-language answers about how Sage Haven handles family data. No legal jargon — just the facts.
What parental consent means in Sage Haven
Parent creates the account
Only a verified adult can create a Sage Haven account and add child profiles. Children never create their own accounts or provide their own data to us.
Explicit consent at setup
During account creation, parents review and accept our data practices on behalf of their children. You know exactly what you're agreeing to before any child data is collected.
Right to review and delete
Parents can request a full data export or complete deletion of all family data at any time by contacting us at [email protected].
No child-directed advertising
We do not run ads of any kind on Sage Haven. We do not build advertising profiles on children. We do not sell children's data to any third party.
What we collect and why
| Data type | Collected? | Purpose | Shared with? |
|---|---|---|---|
| Parent name & email | Yes | Account management, support communications | No third parties |
| Child's first name | Yes (parent-entered) | Personalizing child profile display | No third parties |
| Child's age/birthday | Age only (parent-entered) | Setting age-appropriate defaults | No third parties |
| Screen time aggregate totals | Yes | Generating weekly/daily reports for parents | No third parties |
| App category usage | Yes (category only, not app names) | Reports, content filter enforcement | No third parties |
| Individual browsing history | No | — | — |
| Message content | No | — | — |
| Location data | Only with Family Plus, parent-enabled | Location check-in feature only | No third parties |
| Payment information | Yes (handled by Stripe) | Subscription billing | Stripe (payment processor) |
The tools we use and why
We use a minimal set of carefully chosen third-party services. None of them receive children's personal data.
Stripe (Payment Processing)
Handles subscription billing. Stripe receives parent billing information only — never child data. Stripe is PCI DSS compliant.
AWS (Cloud Infrastructure)
Our servers run on Amazon Web Services in US-West-2 (Oregon). Data is encrypted in transit and at rest.
SendGrid (Transactional Email)
Sends weekly digest emails and account notifications. Receives parent email addresses only. No marketing lists, no data resale.
Plausible Analytics (Website)
Privacy-focused, GDPR-compliant analytics for sagehavenforkids.org only. No cookies, no personal data collection, no cross-site tracking.
How parental consent works in practice
Parent creates account
Email verification required. We confirm you are an adult account holder before any child data is accepted.
Consent disclosure presented
Before adding your first child profile, we present a plain-language summary of what we collect about children and why.
Parent accepts on behalf of child
A clear "I am this child's parent or legal guardian and I consent to this data collection" checkbox. Not buried in terms of service.
Questions about our safety practices?
We respond to all privacy and safety inquiries personally — usually within one business day.