← Back to Home

Skoul Privacy Policy

Last Updated: November 7, 2025

---

Introduction

Welcome to Skoul, an educational app designed specifically for children aged 6-12. This privacy policy explains how we collect, use, store, and protect your child's information.

Your child's privacy and safety are our top priorities. Skoul is designed to comply with:

• Children's Online Privacy Protection Act (COPPA) in the United States
• General Data Protection Regulation (GDPR) in France and the European Union
• Best practices for children's privacy and data protection

We believe in transparency and minimal data collection. This policy will help you understand:

• What information we collect and why
• How we use and protect that information
• Your rights and how to exercise them
• How to contact us with questions or concerns

By using Skoul, you agree to the practices described in this privacy policy.

---

Data Controller

The data controller responsible for your personal information is:

HIGHTHEM
SIREN: 848274338
France

For all privacy-related inquiries, please contact us at:
Email: privacy@skoul.fr

---

Information We Collect

Skoul collects minimal personal information necessary to provide a personalized learning experience:

Profile Information

• First name: Used to personalize the app experience and greet the child
• Age (6-12 years): Used to provide age-appropriate educational content
• Grade/Class: Used to align exercises with the child's educational level
• Country: Used to determine applicable privacy laws and educational standards
• Avatar photo (optional): Used for profile personalization, stored locally only

Practice Data (Stored Locally Only)

• Exercise completion records
• Accuracy scores and performance metrics
• Time spent on activities
• Difficulty progression
• Session history

Technical Information

• Device type (iPad, iPhone) for UI optimization
• App version for support and debugging
• Settings preferences (sound, notifications)

Information We Do NOT Collect

• Email addresses
• Phone numbers
• Precise location data
• Payment information (Skoul is free)
• Social media profiles
• Biometric data
• Contacts or photos (except avatar, with permission)
• Browsing history outside the app

All data collection is transparent and limited to what is necessary for the app to function.

---

How We Use Your Information

We use the collected information solely to provide and improve the Skoul educational experience:

Personalization (LOCAL ONLY)

• Display the child's name in greetings and progress screens
• Show the selected avatar throughout the app
• Customize difficulty levels based on age and grade
• All personalization data stored locally on device

Educational Content Generation

• WHAT IS SENT: Age, grade level, country code, difficulty preference, subject, and question count are sent to our backend API or Firebase AI (Gemini) for exercise generation
• WHAT IS NOT SENT: Child's name, avatar, and practice history remain on your device and are NEVER transmitted
• Apple Intelligence (on supported devices) processes everything on-device with no data transmission
• Generated exercises are received and stored locally only

Progress Tracking (LOCAL ONLY)

• Record session completion, scores, and time spent
• Calculate accuracy and improvement trends
• Adapt difficulty based on performance
• All progress data stored locally on device

App Functionality

• Save user preferences (sound settings, notification preferences)
• Determine applicable privacy requirements based on country
• Optimize UI based on device type

Purposes We Do NOT Use Data For

• Selling or sharing with third parties for marketing
• Creating user profiles for advertising
• Tracking across other apps or websites
• Social media integration
• Third-party analytics beyond AdMob advertising

---

Data Storage

Skoul prioritizes your privacy by storing all personal information and practice data locally on your device:

Local Storage

• All profile information is stored only on your iOS device using SwiftData
• Practice session data, scores, and progress are stored locally
• Avatar photos are stored locally as compressed JPEG files
• No user data is transmitted to or stored on external servers
• No cloud synchronization or backup of personal data
• No user accounts or login system

Data Encryption

• All locally stored data is protected by iOS device encryption (AES-256)
• Data is encrypted at rest when your device is locked
• If you have a device passcode or biometric lock, your data is further protected

What This Means

• Your child's information stays on your device
• Uninstalling the app permanently removes all data
• We cannot recover data if you delete the app or lose your device
• Each device is independent; data does not sync across devices

Data Isolation

• Skoul's data container is isolated from other apps
• Only Skoul can access its stored data
• iOS sandboxing protects against unauthorized access

---

Third-Party Services

Skoul uses select third-party services to provide educational functionality and support app development. We carefully vet all third parties for privacy and security practices.

IMPORTANT: All user data is stored LOCALLY on your device. The only data sent to external services for exercise generation is: age, grade level, country, and difficulty preferences. NO nominative data (name, avatar, practice history) is ever transmitted.

Backend API (Primary Exercise Generation)

• Purpose: Generate mathematics, spelling, and reading exercises using our secure backend service
• Data Shared: Age, grade level, country code, exercise difficulty, subject, and question count
• Data NOT Shared: Child's name, avatar, or practice history
• Privacy: Secure HTTPS with certificate pinning and API key authentication
• Location: France (HIGHTHEM servers)
• Note: Generated exercises are received and stored locally on your device only

Google Firebase AI - Gemini (Secondary Exercise Generation)

• Purpose: Backup AI service for generating exercises when backend is unavailable
• Data Shared: Age, grade level, country code, language, exercise difficulty, subject, and question count
• Data NOT Shared: Child's name, avatar, or practice history
• Privacy Policy: https://firebase.google.com/support/privacy
• Location: United States (Google Cloud servers)
• Note: Only used as fallback; generated exercises stored locally only
• Gemini API Terms: https://ai.google.dev/gemini-api/terms

Apple Intelligence (Tertiary On-Device AI)

• Purpose: On-device text recognition and exercise generation when available
• Data Shared: None (all processing occurs on-device)
• Privacy: Complete on-device processing; no data leaves your device
• Availability: Supported devices only (iPhone 15 Pro, iPad with M1 or later)

Google AdMob (Advertising)

• Purpose: Display age-appropriate advertisements to support free app availability
• Data Collected: Device identifiers, ad interaction, limited usage data
• Data NOT Shared: Child's name, age, practice data, or any personal information
• Privacy Policy: https://policies.google.com/privacy
• Location: United States
• Control: You can limit ad tracking in iOS Settings > Privacy > Tracking
• Note: We do not show behavioral advertising to children; ads are contextual only

No Other Third Parties

• We do not use analytics services
• We do not use crash reporting services that collect personal data
• We do not integrate social media platforms
• We do not sell or share data with data brokers

Parental Controls

You can manage some third-party data collection through iOS settings, though this may affect app functionality.

---

International Data Transfers

Data Storage Location: All personal information and practice data is stored locally on your device and never leaves your device except as described below.

Third-Party Service Transfers

HIGHTHEM Backend API (France - Primary):

• When generating educational exercises, we send exercise generation parameters to our backend
• Information sent: Age, grade level, country code, difficulty, subject, question count
• Information NOT sent: Child's name, avatar, or practice history
• Our servers are located in France and comply with GDPR
• Exercise content generated is received and stored locally only

Google Firebase AI - Gemini (United States - Secondary Fallback):

• Used only when backend is unavailable
• Information sent: Age, grade level, country code, language, difficulty, subject, question count
• Information NOT sent: Child's name, avatar, or practice history
• Google Firebase servers are located in the United States
• Google provides adequate data protection under EU-US Data Privacy Framework
• Privacy Policy: https://firebase.google.com/support/privacy
• Exercise content generated is received and stored locally only

Apple Intelligence (On-Device - No Transfer):

• On-device processing only (no data transfer)
• Used for text recognition and exercise generation
• All processing occurs on your device
• Available on supported devices only

Google AdMob (United States):

• Ad serving may involve data transfer to Google servers in the United States
• See Google's privacy policy for details: https://policies.google.com/privacy
• You can limit ad tracking through iOS settings

Legal Basis for Transfers

• Necessary for providing the educational service you requested
• Based on parental consent obtained during onboarding
• Standard contractual clauses with service providers

Your Rights

For EU/French residents, you have the right to object to international transfers. However, this may limit app functionality. Contact us at privacy@skoul.fr for more information.

---

Children's Privacy (COPPA Compliance)

Skoul is designed specifically for children aged 6-12 and complies with the Children's Online Privacy Protection Act (COPPA) in the United States and the General Data Protection Regulation (GDPR) in France and the European Union.

We obtain parental consent during onboarding before collecting any personal information from children under the applicable age thresholds (13 in the US, 15 in France).

We collect only the minimum information necessary to provide the educational service:

• First name (for personalization)
• Age (to provide age-appropriate content)
• Grade level (for educational alignment)
• Country (for compliance requirements)
• Optional avatar photo (stored locally)

We DO NOT:

• Collect email addresses, phone numbers, or precise location data
• Share children's personal information with third parties for marketing purposes
• Use children's information for behavioral advertising
• Allow children to publicly share personal information

Parents have the right to:

• Review the information we have collected
• Request deletion of their child's information
• Refuse to allow further collection of information

For privacy-related questions or to exercise these rights, contact us at privacy@skoul.fr.

---

Your Rights (GDPR Compliance)

Under the General Data Protection Regulation (GDPR) and applicable privacy laws, you have the following rights regarding your child's personal information:

Right of Access

• You can request a copy of all personal information we have stored
• Since all data is stored locally on your device, you already have direct access
• You can view profile information in Settings > Profile
• Contact us at privacy@skoul.fr for assistance

Right to Rectification

• You can correct inaccurate or incomplete information
• Edit profile information directly in Settings > Profile > Edit Profile
• Changes are applied immediately and stored locally

Right to Erasure ("Right to be Forgotten")

• You can request deletion of all personal information
• Delete practice data: Settings > Learning Data > Clear All Practice Data
• Delete all data: Uninstall the app from your device
• Since data is local-only, uninstallation permanently removes all information

Right to Data Portability

• You have the right to receive your data in a structured, commonly used format
• Since there is no cloud storage, data is already portable on your device
• You can export or backup data through iOS device backup mechanisms
• Contact us for assistance with data export formats

Right to Object

• You can object to certain data processing activities
• You can disable optional features (avatar, notifications)
• You can limit ad tracking through iOS settings
• Note: Some objections may limit core app functionality

Right to Restrict Processing

• You can request we temporarily restrict certain data processing
• Contact us at privacy@skoul.fr to discuss specific restrictions

Right to Lodge a Complaint

• French residents: Commission Nationale de l'Informatique et des Libertés (CNIL) - https://www.cnil.fr
• EU residents: Your national data protection authority
• US residents: Federal Trade Commission - https://www.ftc.gov

Exercising Your Rights

To exercise any of these rights, contact us at privacy@skoul.fr. We will respond within 30 days. Some rights can be exercised directly within the app settings.

---

Data Deletion

You have complete control over your child's data and can delete it at any time:

Delete Practice Data

Go to Settings > Learning Data > Clear All Practice Data

• This removes all session history, scores, and progress tracking
• Profile information (name, age, grade) is preserved
• This action cannot be undone
• Requires parental gate verification

Delete Profile & All Data

• Uninstalling the app removes all locally stored data
• Since we do not maintain user accounts or cloud storage, no data remains on our servers
• Reinstalling the app creates a fresh start with no previous data

Data Deletion Timeline

• Practice data deletion: Immediate
• Profile deletion (uninstall): Immediate
• No data retention period as all data is local

Third-Party Data

• For data held by Google AdMob, refer to Google's privacy controls
• We do not have access to or control over Google's data collection

For assistance with data deletion or questions about what data is stored, contact us at privacy@skoul.fr.

---

Security Measures

We implement appropriate technical and organizational measures to protect your child's information:

Technical Security Measures

Encryption:

• All data stored on device is encrypted at rest using iOS AES-256 encryption
• Data in transit to third-party services uses TLS 1.3+ encryption
• Avatar photos are stored as encrypted JPEG files

Access Controls:

• Parental gate required for sensitive actions (deleting data, editing profile)
• iOS sandboxing isolates app data from other apps
• No remote access to user data by HIGHTHEM employees

Data Minimization:

• We collect only essential information
• Practice data stays on device (not transmitted)
• No user accounts mean no password vulnerabilities

Third-Party Security:

• Backend API communications are encrypted and authenticated
• AdMob uses Google's enterprise-grade security infrastructure
• We regularly review third-party security practices

Organizational Measures

• Privacy-by-design approach in all development
• Regular security reviews of code and infrastructure
• Prompt security updates through App Store releases
• Incident response procedures for any security concerns

Limitations

While we implement strong security measures, no system is 100% secure. You can enhance security by:

• Using a strong device passcode or biometric lock
• Keeping iOS updated to the latest version
• Only downloading Skoul from the official App Store
• Supervising your child's device usage

Reporting Security Issues

If you discover a security vulnerability, please report it immediately to privacy@skoul.fr. We take all security reports seriously and will respond promptly.

---

Policy Updates

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

• The "Last Updated" date at the top of this policy will change
• For material changes affecting children's privacy, we will notify you through the app
• Material changes may require renewed parental consent
• You can always access the current policy from Settings > Privacy Policy

What Constitutes a Material Change

• New types of personal information collected
• Changes to how we use or share information
• Changes to data retention practices
• New third-party services that access data
• Changes to children's privacy protections

Your Options

• Review the updated policy when notified
• Contact us with questions at privacy@skoul.fr
• If you disagree with changes, you may stop using the app and delete all data

Minor Changes

Clarifications, grammatical corrections, or formatting changes that don't affect your rights will not trigger notifications.

Version History

• Current Version: 1.2
• Last Updated: November 7, 2025
• First Published: October 29, 2025

---

Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Email: privacy@skoul.fr

Data Controller:
HIGHTHEM
SIREN: 848274338
France

We will respond to all legitimate privacy-related inquiries within 30 days.

For residents of France, you also have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL), the French data protection authority.

---

Summary

Key Points:

• ✅ All user data stored locally on your device
• ✅ Only non-nominative data (age, grade, country, difficulty) sent for exercise generation
• ✅ No name, avatar, or practice history ever transmitted
• ✅ No user accounts or cloud storage
• ✅ COPPA and GDPR compliant
• ✅ Uninstalling the app permanently deletes all data
• ✅ Parent controls for data deletion and privacy settings

---

This privacy policy is effective as of November 7, 2025