Skip to main content
📐Briveli
Log InGet Started Free
🔒COPPA Compliant

Privacy Policy

Last updated: March 15, 2026

Plain-English Summary

  • Parents are the account holders. Children never create accounts.
  • We collect only a child's first name and grade level, nothing more.
  • No ads, no tracking pixels, no data sold to third parties. Ever.
  • You can delete your account and all data at any time.

1. Who We Are

Briveli is an adaptive math practice platform for elementary school students in grades 3 through 5. The service is operated by Briveli ("we," "us," or "our"). Our contact email is privacy@briveli.com.

2. COPPA Compliance

The Children's Online Privacy Protection Act (COPPA) applies to online services directed at children under 13. We've designed Briveli from the ground up to comply with COPPA:

  • Parent accounts only. Only parents or legal guardians may create accounts. Children do not have usernames, passwords, or email addresses in our system.
  • Minimal child data. For each child profile, we store only the child's first name and grade level. We do not collect a child's last name, email address, home address, phone number, photo, or any other personally identifiable information.
  • No child-directed advertising. We do not display advertising to children and we do not use child data for any marketing purpose.
  • Parental controls. Parents can view, edit, or delete any child profile and its associated data from the dashboard at any time.

3. Information We Collect

From parents (account holders)

  • Email address (for account login and service communications)
  • Payment information (processed by Stripe; we never see raw card numbers)
  • Subscription status and billing history

From child profiles

  • First name (entered by the parent)
  • Grade level (3, 4, or 5, entered by the parent)
  • Practice data: answers submitted, time taken per problem, skill mastery estimates
  • Session history: date, number of problems, accuracy rate

Automatically collected

  • IP address and browser type (for security and fraud prevention; not linked to child profiles)
  • Session tokens stored in browser cookies (for keeping you logged in)

4. How We Use Your Data

We use the information we collect to:

  • Provide and improve the Briveli service
  • Run the adaptive learning engine (BKT) to personalize practice sessions
  • Show parents progress reports and insights about their child's learning
  • Process payments and manage subscriptions
  • Send parents transactional emails (receipts, password resets)
  • Detect and prevent fraud or abuse

We do not use your data to serve targeted advertising, build advertising profiles, or sell data to third parties.

5. Data Sharing

We share data only with the following categories of service providers:

  • Supabase (database and authentication): stores all account and practice data. Data is stored in the US. Supabase is SOC 2 Type II certified.
  • Stripe (payments): processes credit card transactions. Stripe is PCI DSS Level 1 compliant. We never receive or store raw card numbers.
  • Vercel (hosting): serves the application. Vercel processes request logs that may include IP addresses.
  • Anthropic Claude API (optional AI word problems): when the AI word problem feature is enabled, problem generation prompts are sent to Anthropic. Prompts contain no student PII. You can turn this feature off in settings.

We may disclose information if required by law or to protect the safety of users.

6. Data Retention

We retain your account data for as long as your account is active. Practice data for child profiles is retained to power the adaptive engine and progress history.

When you delete a child profile, all associated practice data is permanently deleted within 30 days. When you delete your parent account, all data (parent and child) is permanently deleted within 30 days.

7. Your Rights

You have the right to:

  • Access the data we hold about you and your child profiles
  • Correct inaccurate data (e.g., update a child's grade level)
  • Delete a child profile or your entire account from the dashboard
  • Export your data by emailing privacy@briveli.com
  • Opt out of AI word problem generation in account settings

California residents have additional rights under CCPA. Please contact us at the email above to exercise any of these rights.

8. Security

We use industry-standard security measures: all data is encrypted in transit (TLS 1.3) and at rest. Our database uses Row-Level Security policies so that each parent can only access their own family's data, even in the event of an application bug. Passwords are never stored; authentication is handled by Supabase Auth using bcrypt hashing.

No security system is perfect. If you believe you've discovered a security issue, please email security@briveli.com.

9. Cookies

We use a single session cookie to keep you logged in. We do not use third-party tracking cookies, advertising cookies, or analytics cookies. If you block all cookies, you won't be able to stay logged in.

10. Changes to This Policy

If we make material changes to this policy, we'll notify you by email at least 30 days before the changes take effect. Continued use of Briveli after that date constitutes acceptance of the updated policy.

11. Contact Us

Questions, concerns, or data requests? Email us at privacy@briveli.com. We respond to all privacy inquiries within 5 business days.