💬 Plain English first: Read2Play does not sell your data. We run no ads. We collect only what is needed to make the app work and to keep your child safe. Children’s data is protected under COPPA.
Table of contents
1. Overview
Read2Play (“we”, “our”, “us”) is an educational reading application operated by Softplay Philly. This Privacy Policy explains how we collect, use, and protect information when you use Read2Play on iOS, Android, Amazon, or the web.
By using Read2Play, you agree to the practices described in this policy. If you do not agree, please do not use the app. We may update this policy from time to time; we will notify you of material changes by email or in-app notice.
- We do not sell personal information to third parties.
- We do not display advertisements.
- We do not use personal data for profiling or targeted advertising.
- We do not collect more information than is necessary to operate the app.
2. Children’s privacy (COPPA)
Read2Play is directed to children under 13. We comply fully with the Children’s Online Privacy Protection Act (COPPA) and the Children’s Online Privacy Protection Rule (16 C.F.R. Part 312).
Before a child uses the app, a parent or legal guardian must create an account and provide verifiable parental consent. We collect information from children only to the extent necessary to enable their participation in the reading activities.
What we collect from children
- A display name or first name (used to personalise the reading screen)
- Age or grade level (to set the initial reading level)
- Reading session audio (processed in real time; raw audio is never stored — see Section 4)
- Reading session results (accuracy, duration, words read)
Parental rights under COPPA
- Review the personal information we have collected from your child
- Request deletion of your child’s information
- Refuse to allow further collection or use of your child’s information
To exercise any of these rights, email us at team@readtoplay.org. We will respond within 5 business days.
3. Information we collect
Parent account information
- Email address — used for account access, transactional emails, and launch notifications
- Display name — used to personalise the parent dashboard
- Subscription status — used to determine which features are available
Child profile information
- First name or nickname — shown on the child’s reading screen
- Age or grade — used to set initial reading level
- Reading level — updated automatically by our AI based on session performance
- Reward settings — set by the parent; stored on device and synced to account
Reading session data
- Session timestamp, duration, and book/story read
- Accuracy score — the percentage of words read correctly
- Words flagged — specific words the child struggled with, stored for coaching tips
- Level progression events — when and why the reading level was adjusted
Technical data
- Device type and operating system version (for compatibility)
- App version
- Crash reports (anonymised, no personal data included)
4. Audio and speech data
Read2Play listens to your child’s voice as they read aloud. This is core to how the app works. Here is exactly how we handle audio:
🎤 Raw audio is never stored on our servers. It is processed in real time and discarded immediately after scoring.
- During a session: Audio is captured by the device microphone and sent in short chunks to OpenAI’s Whisper API for transcription.
- Processing: Whisper converts speech to text. The text is compared against the book the child is reading to determine which words were said correctly.
- Retention: Raw audio chunks are not stored by us. We use the Whisper API in a way that does not retain audio beyond the immediate request.
- What we store: Only the resulting accuracy score and any flagged words — not the audio or full transcript.
We do not use voice recordings to build profiles, train models, or for any purpose other than scoring the reading session in progress.
5. How we use information
- To operate the app: Account login, child profile management, reading session scoring, entertainment lock
- To personalise reading: Adjust the child’s reading level, recommend books, generate AI stories at the right difficulty
- To provide the parent dashboard: Display session history, accuracy trends, level progression, and coaching tips
- To send transactional emails: Account creation, password reset, subscription receipts, and launch notifications
- To improve the app: Aggregated, anonymised usage analytics to understand which features are used and identify bugs
- To comply with law: Retain records as required by applicable law, respond to legal requests
We do not use your information for advertising, behavioural profiling, or sale to data brokers.
6. Third-party services
We use the following third-party services to operate Read2Play. Each is bound by their own privacy policies and, where applicable, our data processing agreements.
| Service | Purpose | Data shared |
|---|---|---|
| Firebase (Google) | Database, authentication, cloud storage | Account data, session results, child profiles |
| OpenAI Whisper API | Real-time speech-to-text during reading sessions | Short audio chunks (not stored after transcription) |
| Anthropic Claude API | AI story generation, coaching tips | Child’s reading level, story preferences (no raw audio) |
| Project Gutenberg | Public domain book content | None (read-only public content) |
| Formspree | Waitlist and contact form submissions | Email address, selected plan tier |
| Netlify | Web hosting | Standard web server logs (IP, browser) |
| Apple / Google / Amazon | App distribution and in-app purchase processing | Subscription status (managed by platform) |
We do not allow these third parties to use your data for their own marketing or advertising purposes.
7. Data sharing
We do not sell, rent, or trade your personal information to any third party. We share data only in the following limited circumstances:
- Service providers: As described in Section 6, solely to operate the app
- Legal compliance: If required by law, court order, or government authority
- Business transfer: If Read2Play is acquired or merged, data may transfer to the new entity under the same privacy commitments
- Safety: If we believe disclosure is necessary to protect the safety of any person
8. Data retention
| Data type | Retention period | Reason |
|---|---|---|
| Parent account data | Until account deletion + 30 days | Account operation |
| Child profile data | Until parent deletes profile or account | Continuity of reading history |
| Reading session results | 24 months rolling | Parent dashboard trends |
| Raw audio | Not stored (discarded after transcription) | Privacy by design |
| Waitlist email | Until launch + 6 months, or on unsubscribe | Launch notification |
| Crash / error logs | 90 days | Bug resolution |
To request earlier deletion, email team@readtoplay.org. We will confirm and complete deletion within 30 days.
9. Your rights
COPPA (United States — children under 13)
Parents may review, correct, or delete their child’s information at any time. Contact us at team@readtoplay.org with the subject line “COPPA Request”.
CCPA (California residents)
- Right to know what personal information we collect and how it is used
- Right to delete personal information
- Right to opt out of sale of personal information (we do not sell data)
- Right to non-discrimination for exercising your rights
GDPR (EEA and UK residents)
- Right of access — obtain a copy of your data
- Right to rectification — correct inaccurate data
- Right to erasure — request deletion (“right to be forgotten”)
- Right to restrict processing
- Right to data portability
- Right to object to processing
Our legal basis for processing is: contract performance (operating the app), legitimate interest (improving the app), and parental consent (children’s data). To exercise any right, email team@readtoplay.org.
10. Security
We take reasonable technical and organisational measures to protect your information:
- All data in transit is encrypted via TLS 1.2+
- Firebase data is encrypted at rest by Google
- Authentication uses industry-standard token-based sessions
- Access to production data is restricted to authorised personnel only
- We review our security practices regularly
No system is 100% secure. If you believe your account has been compromised, contact us immediately at team@readtoplay.org.
11. Contact us
If you have any questions about this Privacy Policy or how we handle your data, please contact us:
- Email: team@readtoplay.org
- Website: readtoplay.org/contact
- Response time: Within 1 business day for general enquiries; within 5 business days for COPPA/GDPR/CCPA requests
This policy was last updated on April 1, 2026.