Privacy Policy

WonderWatch is a learning platform for children aged 5 to 10. Accounts are created and owned by parents. We collect the minimum personal data needed to run the service. We do not sell or share children’s data with advertisers. We do not show third-party advertising inside WonderWatch.

If you only read one section, this is it.

WonderWatch is operated by KonnectingDots Pvt. Ltd. (“WonderWatch”, “we”, “us”). You can reach our team at hello@wonderwatch.ai.

For the purposes of the DPDP Act, WonderWatch acts as a Data Fiduciary. For the purposes of COPPA, WonderWatch is the operator of a website and online service directed in part to children.

From parents when you create an account: name, email address, password (stored hashed), country, and (optionally) phone number.

From child profiles created by a parent: first name, age, preferred language(s), and selected interests. We do not require a child’s email, photograph, date of birth, school, or precise location. If we introduce date of birth in future for stronger age verification we will update this policy first.

Usage data: missions started and completed, badges earned, time spent in a mission, device type, approximate location (country/region) inferred from IP, and basic diagnostic logs needed to keep the service running.

We do not knowingly collect sensitive personal data (health, biometrics, beliefs, sexual orientation) from anyone.

• To deliver the service - personalise missions, save progress, generate the daily parent summary.
• To keep the service safe - detect abuse, prevent unauthorised access, debug crashes.
• To communicate with parents - confirmations, support replies, evening updates, important service notices.
• To improve the product - aggregate, de-identified analytics that help us understand which content works and which does not. We do not use children’s personal data for advertising of any kind.

Children cannot sign up on their own. A parent or legal guardian creates the account, accepts these terms, and creates each child profile. By creating a child profile, you confirm that you are the parent or legal guardian and that you consent, on the child’s behalf, to the limited data processing described in this policy.

Parents can review, edit, or delete their child’s profile and data at any time from Parent Central. You can also email us at hello@wonderwatch.ai with a deletion request - we will action it within 7 working days.

We share personal data only with the limited set of service providers we need to run WonderWatch:

• Hosting and database providers (Supabase, AWS) - to store account and progress data.
• Transactional email provider - to send sign-up confirmations and the evening parent summary.
• AI provider(s) - for narration synthesis and, in future, real-time Nuno conversations. We do not send children’s personal data to these providers for model training.

Each provider is bound by a data-processing agreement that restricts the use of your data to providing the service to us.

We do not sell personal data, share it with advertising networks, or use it to build advertising profiles of children or parents.

All data is encrypted in transit using TLS and at rest using the standard encryption provided by our cloud database. Passwords are stored using a strong one-way hash (bcrypt). Access to production systems is restricted to a small set of named team members and requires two-factor authentication. We log administrative actions for audit purposes.

No system is perfectly secure. If we become aware of a security incident affecting your data we will notify affected users without undue delay, and in line with COPPA / DPDP Act timelines.

We keep account and child-profile data for as long as the account is active. When you delete your account, we permanently remove personal data within 30 days, retaining only the minimum records required for tax, audit, or fraud-prevention purposes.

Under the DPDP Act and COPPA, you have rights over your data. You can:

• Access the personal data we hold about you and your child.
• Correct inaccurate data.
• Delete an account or a child profile at any time.
• Withdraw consent for any optional data processing, and unsubscribe from marketing emails (transactional service emails will continue).
• Lodge a complaint with the Data Protection Board of India (or your local data-protection authority).

To exercise any of these rights, email hello@wonderwatch.ai. We aim to respond within 7 working days.

We use a small number of strictly necessary cookies to keep you signed in and to keep the service secure. We do not use third-party advertising cookies. We do not use tracking pixels inside the child-facing app.

Our servers and processors are located in regions including India, the European Union, and the United States. Where personal data is transferred outside your country of residence, we rely on contractual safeguards equivalent to those required by your local law.

If we make a material change to this policy - especially anything affecting children’s data - we will email parents at the address on file and post a notice in Parent Central before the change takes effect.

If anything in this policy is unclear, or you would like to exercise a right, email us at hello@wonderwatch.ai. Our team reads every message and we aim to reply within one business day.