Privacy Policy
Last updated: May 2, 2026
This Privacy Policy explains how SAL Ventures LLC (“Unlockd,” “we,” “our,” or “us”) collects, uses, and shares information when a parent or legal guardian (“you”) creates an account on getunlockd.ai (the “Service”) and enrolls a child to complete the Unlockd Smartphone Licence program.
A note about children. Unlockd is designed for kids ages 9 to 11, but the only person who creates an account, agrees to these terms, and pays is a parent or legal guardian. Children do not create accounts, do not provide their own contact information, and cannot make purchases. We comply with the U.S. Children’s Online Privacy Protection Act (COPPA) by collecting information about a child only with verifiable parental consent obtained at the time the parent enrolls the child.
1. Information we collect
From parents
- Account information: email address, password (stored as a one-way hash), and a four-digit parent PIN (also hashed).
- Payment information: when you purchase a Smartphone Licence, our payment processor (Stripe) collects and processes your card details. Unlockd never sees or stores your full card number; we receive only a transaction confirmation, the last four digits, and the brand of the card.
- Communications: messages you send us at privacy@getunlockd.io or any other support address.
From the child (entered by the parent)
- The child’s first name (or chosen nickname) and approximate age.
- Progress data the child generates while completing the program: which modules are started or finished, quiz answers, and short text responses to in-module prompts.
- The certificate (Smartphone Licence) generated at completion, which displays the child’s first name.
Automatically
- Standard log information: IP address, browser type, device type, pages viewed, and timestamps. We use this only to operate, secure, and debug the Service.
- Strictly necessary cookies and similar technologies for keeping you signed in and protecting against abuse. We do not use advertising cookies, cross-site advertising trackers, or behavioral profiling for marketing.
- Product analytics and session replay through PostHog, used solely to understand how the Service is used (which screens parents visit, which modules drop off, where the interface is confusing) and to improve it. PostHog records anonymous interaction data (pages visited, clicks, scrolls) and, after a parent signs in, ties activity to the parent account using an internal identifier. We do not use this data for advertising. See “Service providers” below.
2. How we use information
- To create and operate parent and child accounts.
- To deliver the program: showing the right module, saving progress, and issuing the completion certificate.
- To send transactional emails, such as receipts, password resets, parent-PIN resets, module-completion summaries, and the digital Smartphone Licence.
- To process payments through Stripe.
- To prevent fraud and protect the Service and its users.
- To comply with legal obligations.
We do not sell personal information. We do not use children’s information for advertising. We do not engage in profiling or automated decision-making that produces legal or similarly significant effects.
3. How we share information
We share information only with vendors who help us operate the Service, and only as needed for them to perform their function:
- Stripe for payment processing.
- Vercel and Neon for application hosting and database.
- Resend for transactional email delivery.
- PostHog for product analytics and session replay. PostHog receives standard web telemetry (pages visited, clicks, the parent's account identifier once signed in) so we can understand and improve the Service. PostHog acts as our service provider and is contractually prohibited from using this data for its own purposes.
We may also disclose information when required by law, to enforce our Terms, or to protect the rights, property, or safety of Unlockd, our users, or others.
4. Children’s privacy (COPPA)
Unlockd is directed in part to children ages 9 to 11. We comply with COPPA by:
- Requiring a parent or legal guardian to create the account, accept these terms, and provide verifiable parental consent before any information about a child is collected.
- Limiting child information to what is reasonably necessary to deliver the program (first name or nickname, approximate age, and in-program progress).
- Never conditioning a child’s participation on disclosing more than what is reasonably necessary.
- Never selling, renting, or disclosing children’s information for marketing.
Parents may, at any time:
- Review the information we have collected from or about their child.
- Ask us to delete that information.
- Refuse further collection or use of the child’s information.
To make a request, write to privacy@getunlockd.io from the email on file. We will verify the request and respond within a reasonable time.
5. Your privacy rights (U.S.)
Depending on where you live, you may have the right to:
- Know what personal information we have collected and how we use it.
- Request a copy or deletion of your personal information.
- Correct inaccurate personal information.
- Opt out of the sale or sharing of your personal information (we do not sell or share for cross-context behavioral advertising).
- Not be discriminated against for exercising any of these rights.
California residents have these rights under the CCPA/CPRA. Residents of Colorado, Connecticut, Virginia, Utah, Texas, and other states with comprehensive privacy laws have similar rights. To exercise any right, email privacy@getunlockd.io from the address on file.
6. Data retention
We retain account information for as long as the account is active. Progress data and the certificate are retained as long as the child’s profile exists on the parent’s account. You may delete a child profile at any time from the parent dashboard, which deletes the associated progress and certificate. We retain billing records for as long as required by U.S. tax and accounting law.
7. Security
We use industry-standard measures, including TLS in transit, password and PIN hashing, and access controls. No method of transmission or storage is 100% secure, but we work to protect your information using reasonable safeguards.
8. International users
The Service is operated from the United States and is intended for U.S. users. If you access it from outside the U.S., you understand that your information is processed in the U.S. under U.S. law.
9. Changes
If we make material changes, we will update the “Last updated” date and, where appropriate, notify the email on file. Continued use of the Service after a change means you accept the updated policy.
10. Contact
SAL Ventures LLC
Email: privacy@getunlockd.io