PricingLog In
Start Free Trial

14-day free trial - No credit card required

Privacy Policy

Last Updated: January 18, 2026 | Effective Date: January 18, 2026

We built Alura to protect children, and that starts with protecting their data. We believe your family's conversations are private, and our business model is simple: You pay us for a service, and we keep your data secure. We do not sell your data, and we do not monetize your child's attention.

This Privacy Policy explains exactly what we collect, where it goes, and how we keep it safe.

1. Information We Collect

1.1 Parent Account Information

  • Name and email address
  • Password (encrypted)
  • Payment information (processed securely by Stripe; we do not store your credit card details)
  • Account preferences and settings

1.2 Child Profile Information

  • Child's first name or nickname (last name not required)
  • Age (to verify 13+ requirement)
  • Login credentials (for child login)
  • Conversation history with Alura AI
  • Topics of interest and usage patterns

1.3 Automatically Collected Information

  • Device information (browser type, operating system)
  • IP address
  • Usage data (pages visited, features used, session duration)
  • Cookies and similar tracking technologies

1.4 Flagged Event Data

When our systems trigger a specific safety alert (a "Flagged Event"), we automatically preserve a snapshot of that interaction, including the message content, the specific safety category triggered, and timestamps.

Note: If an interaction does not trigger our AI safety filters, this specific "Flagged Event" log is not created, though the conversation history remains accessible in the dashboard.

2. How We Use Your Information

2.1 Primary Uses

  • Provide the Service: Enable AI conversations and parental monitoring features
  • Safety Monitoring: Detect potentially concerning content and generate alerts
  • Account Management: Process payments, manage subscriptions, provide support
  • Communication: Send alerts, notifications, and service updates
  • Improvement: Analyze usage patterns to improve our services

2.2 AI Processing & Third-Party Retention

Your child's conversations are processed by our AI partner, Anthropic (Claude), to provide intelligent responses.

  • Processing: Text is sent to Anthropic's API for analysis and response generation.
  • No Training: Alura does NOT use your child's conversations to train our own AI models. Anthropic's commercial terms state they do not use API data to train their models.
  • External Retention: You acknowledge that third-party AI providers (like Anthropic) may retain data for a limited period (typically 30 days) for their own internal Trust & Safety abuse monitoring, even if deleted from Alura's systems. This is a requirement of the AI provider for safety purposes.

2.3 Legal Compliance

We may use and disclose information as required by law, including:

  • Responding to subpoenas or court orders
  • Reporting suspected child exploitation to NCMEC (mandatory under 18 U.S.C. 2258A)
  • Cooperating with law enforcement investigations
  • Protecting the rights, safety, or property of Alura, users, or the public

3. Data Retention

We believe in "Data Minimization." We do not hold data longer than necessary.

Retention Periods

  • Conversation History: Retained until deleted by the parent or upon account closure.
  • Crisis Alerts and Safety Logs: Retained for 3 years to support potential legal or safety inquiries, after which they are permanently deleted.
  • NCMEC/Law Enforcement Reports: Retained indefinitely as required by federal law.
  • Account Data: Deleted 60 days after account closure/termination to allow for accidental cancellation recovery.
  • Audit Logs: Retained for 1 year.

Deletion Requests: When you request deletion, data is removed from our active databases immediately but may persist in encrypted backup archives for up to 30 days.

4. Data Sharing and Third Parties

4.1 Service Providers

We share data with trusted service providers who assist in operating our platform:

  • Anthropic: AI conversation processing (Claude API)
  • Supabase: Database and authentication services
  • Stripe: Payment processing
  • Resend: Email delivery services
  • Vercel: Application hosting

4.2 Legal Disclosures

We may disclose information:

  • To comply with legal obligations
  • To respond to lawful requests from government authorities
  • To NCMEC when we detect apparent child exploitation (legally required)
  • To protect the vital interests of any person

4.3 What We Do NOT Do (Our Promise)

  • We do NOT sell your personal information.
  • We do NOT share data with advertisers.
  • We do NOT use your data for targeted advertising.
  • We do NOT monetize your child's data in any way.

5. Children's Privacy (Strictly 13+)

5.1 Age Restriction

Alura is strictly designed for use by children ages 13-18. We do not knowingly collect personal information from children under 13.

"Purge" Policy

If we discover that a user is under the age of 13, we will immediately delete their account and all associated data. If you believe we might have any information from a child under 13, please contact us immediately at privacy@alura.cloud.

5.2 Parental Consent & Control

By creating a child profile, you (the parent) certify that you have the legal authority to consent to the collection and processing of the child's data.

Parents maintain full control and can at any time:

  • Review their child's conversation history.
  • Delete specific conversations or the entire history.
  • Modify their child's profile.
  • Delete their child's account entirely.

6. Your Privacy Rights

Regardless of your location, Alura extends these rights to all users:

  • Access: You can view your child's conversation history directly through the Alura Dashboard.
  • Data Export:
    • Flagged Events: You may instantly download PDF reports of Flagged Events (Alerts) directly from the Dashboard.
    • Full History: To request a full export of all conversation logs, please contact privacy@alura.cloud. Please allow up to 72 hours for processing.
  • Data Availability & Backup: While Alura retains conversation history while your account is active, we are not a permanent digital archive or evidence vault. We strongly recommend that you immediately download/print PDF reports of any Flagged Events that you intend to use for legal, medical, or disciplinary purposes. We are not liable for the loss of historical data.
  • Correction: You can update profile information via the Settings page.
  • Deletion: You can request full account deletion via the Settings page.

Emergency Disclaimer: Alura is not an electronic health record. In the event of a medical emergency, do not rely on our Data Export features to provide immediate history to medical professionals. Use your own observation and the live dashboard view.

7. Data Security

We implement defense-in-depth security measures:

  • Encryption: Data is encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Access Control: Strict role-based access; only essential engineers can access production data.
  • Vulnerability Scanning: Regular automated security audits.

Security Disclaimer: While we use enterprise-grade security (via Supabase & Vercel), no internet transmission is 100% secure. You acknowledge that you provide personal information at your own risk.

8. Content Filtering Data

Alura provides content filtering and parental control features. This section explains the data collected and retained in connection with these features.

8.1 Filtering Settings Data

We collect and store your content filtering preferences, including:

  • Selected filtering profile (Restrictive, Standard, Educational, Custom)
  • Per-category action settings (Allow, Flag, Block)
  • Research Mode session history and configurations
  • Category unlock history and reasons provided

8.2 Parental Consent Audit Log

Important: When you modify content filtering settings, unlock content categories, enable Research Mode, or disable filtering, we create a detailed audit log entry for legal compliance and dispute resolution purposes.

Each audit log entry includes:

  • Timestamp of the action
  • IP address and device information
  • Type of change made (unlock, profile change, filtering disabled, etc.)
  • Previous and new settings values
  • Acknowledgments checked (when applicable)
  • Reason provided (when applicable)

8.3 Content Filtering Audit Log Retention

3-Year Retention: Content filtering audit logs are retained for a minimum of three (3) years from the date of the action. This extended retention period is necessary for legal compliance, potential custody disputes, and protection of both parents and Alura in the event of claims related to content access.

Audit logs cannot be deleted upon request during the retention period due to their legal compliance purpose. After the retention period, logs are automatically purged.

8.4 Filter Event Data

When content filtering detects a match, we log:

  • The content category detected
  • The action taken (allowed, flagged for review, blocked)
  • Timestamp of the event
  • Whether the content was in a Research Mode session

Note: We do NOT log the specific keywords or phrases that triggered detection, only the category. The full conversation context remains available in your dashboard conversation history.

8.5 Data Export for Filtering

You may request an export of your content filtering data, including:

  • Current filtering settings
  • Audit log entries (your consent history)
  • Filter event history
  • Research Mode session records

Export requests can be made through the Settings page or by contacting privacy@alura.cloud.

9. Cookies & Analytics

We use a minimal set of cookies to operate and improve our platform.

9.1 Types of Cookies We Use

  • Essential Cookies: Required for you to log in, stay authenticated, and use core features. These cannot be disabled.
  • Analytics Cookies (First-Party): We use tools (such as Google Analytics or PostHog) to measure site traffic and usage trends. These help us identify bugs and improve the user experience.
    • Privacy Configuration: We configure these tools to "anonymize" IP addresses where possible and have disabled "Data Sharing" settings that would allow third parties to use your data for their own advertising purposes.

9.2 What We Do NOT Use

We do NOT use third-party Advertising Cookies or Cross-Site Trackers that follow you to other websites to retarget you with ads.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements.

  • Material Changes: If we make significant changes (e.g., how we use your child's data), we will notify you via email and provide an opportunity to review the changes before they take effect.
  • Continued Use: Your continued use of Alura after such notice constitutes your acceptance of the updated policy.

11. Contact Us

For privacy concerns, data deletion requests, or questions:

Alura LLC
Email: privacy@alura.cloud
Website: https://alura.cloud

Related Documents