Privacy Policy · ParentEdge

This Privacy Policy explains how CSM Inc., a Michigan corporation ("CSM," "we," "us," "our," or "ParentEdge"), collects, uses, shares, and safeguards information when you use parentedge.com and our services (the "Service").

By using the Service, you acknowledge that you have read this Privacy Policy. If you do not agree, do not use the Service.

1. Information We Collect

1.1 Information You Provide

Account information. When you sign up, we collect your email address and a password (stored using industry-standard secure hashing by our authentication provider, Supabase). If you choose to sign in with Google, we receive your email address and basic profile information from Google.
Athlete information. You voluntarily provide information about a minor athlete in your legal care, including their name, age, sport, position, experience level, season status, schedule, goals, personality observations, and any other details you share during onboarding or ongoing use. The Athlete does not create their own account and does not directly interact with the Service.
Conversational input and observations. Messages and observations you submit through the chat interface or voice input, including notes about practices, games, behaviors, and developmental moments.
Generated content. AI-generated outputs (practice plans, coaching notes, summaries, drill recommendations, athlete cards, etc.) produced on your behalf, including PDF copies if you generate them.
Profile assets. Optional uploaded images such as athlete avatars and team logos.
Payment information. When you subscribe, our payment processor (Stripe, Inc.) collects and stores your billing details. We do not see or store your full payment card number. We retain a subscription status flag, customer identifier, and billing period information returned by Stripe.
Consent records. When you sign up or accept updated terms, we record the agreement event, the document versions you accepted, the timestamp, your IP address, and your browser user-agent string, for audit purposes.
Communications. If you contact us by email or other channel, we retain those communications and any information you share in them.

1.2 Information Collected Automatically

Usage data. Basic technical information including IP address, browser type, device type, operating system, referring page, and timestamps. We use this for authentication, security, abuse prevention, and rate-limiting.
Cookies and local storage. We use first-party cookies necessary for authentication (keeping you signed in) and HTML local storage for product-state preferences (such as remembering that you dismissed a notice). We do not use third-party advertising trackers, social media pixels, or cross-site tracking.

1.3 Voice Input

If you use the in-chat voice input feature, your spoken audio is transcribed by your browser's built-in speech recognition service. On Chromium-based browsers (Google Chrome, Microsoft Edge, and others), the audio is transmitted by your browser to Google's speech recognition servers for transcription, before the resulting text returns to your device. We do not receive, store, or process the audio itself — we only receive the resulting text after you submit it as a message. Google's processing of audio is governed by Google's own privacy policy.

1.4 Information We Do Not Collect

We do not currently use any third-party web analytics, advertising platforms, social media trackers, or behavioral profiling tools. We do not collect biometric data, precise location data, or financial information beyond what is described above.

2. How We Use Information

We use the information described above to:

Provide, operate, and maintain the Service, including generating AI outputs personalized to the Athlete based on the information you provide;
Authenticate your account and protect against unauthorized access;
Detect, prevent, and respond to abuse, fraud, and other security incidents;
Apply rate limits and ensure fair usage;
Process subscription payments and manage your billing relationship;
Send you transactional communications, such as password reset emails, account notifications, billing receipts, and security alerts;
Respond to your support requests and other inquiries;
Improve the Service in aggregate, non-identifiable ways (for example, by reviewing anonymized usage patterns);
Comply with legal obligations and enforce our Terms.

We do not sell your personal information. We do not use your content to train AI models. We do not share your information with advertisers, data brokers, or other commercial third parties.

3. Who We Share Information With

We share information only with the following categories of service providers and recipients, each of whom is subject to confidentiality and data-protection obligations:

Recipient	Purpose	What is shared
Supabase, Inc.	Database, authentication, and file storage	Account credentials, athlete profile data, observations, generated outputs, uploaded images and PDFs
Anthropic, PBC	AI inference (Claude API) to generate Outputs	System prompt, athlete profile context, recent observations, conversation history, and your current message. Anthropic does not use customer API data to train its models by default under its commercial terms.
Vercel Inc.	Application hosting and content delivery	Request metadata, logs, IP address, user-agent
Stripe, Inc.	Subscription payment processing	Payment information, billing email, transaction details
Google LLC	(a) Google OAuth single-sign-on if chosen. (b) Browser-side speech recognition for voice input on Chromium browsers.	(a) Google account email, basic profile. (b) Audio you speak via the voice input feature, transmitted by your browser, not by us.
Law enforcement / legal compliance	To comply with valid legal process or to protect rights, property, or safety	Information as required by applicable law

We do not share your information with advertisers, social networks, data brokers, or other third parties beyond what is described above.

4. Children's Privacy

The Service is intended exclusively for use by parents and legal guardians who are at least 18 years of age. We do not knowingly collect personal information directly from children under 13. The Athlete whose information you provide does not create an account, does not log in, and does not directly interact with the Service.

You voluntarily provide information about the minor Athlete in your care. By doing so, you represent that you are the parent or legal guardian and have the legal authority to share that information. The Service is designed for athletes ages 6 and older; we ask that you not use the Service to provide information about children under age 6.

Information about minors is treated with the same care as adult personal information and is not shared, sold, or used for marketing purposes. If you believe a child has directly used the Service without parental authorization, or that we have inadvertently collected information directly from a child, please contact support@parentedge.com and we will promptly delete the information.

5. Your Rights and Choices

Depending on your location, you may have the following rights with respect to your personal information:

Access. Request a copy of the personal information we hold about you.
Correction. Request correction of inaccurate or incomplete information. Most account and profile fields can be edited directly within the Service.
Deletion. Request deletion of your account and associated personal data.
Portability. Request an export of your personal information in a portable, machine-readable format.
Objection or restriction. Object to or request that we restrict certain processing of your information.
Withdraw consent. Withdraw any consent you previously provided, where processing is based on consent.

California (CCPA / CPRA)

California residents have rights including the rights described above, plus the right to know the categories of personal information collected and the categories of third parties with whom we share it, and the right not to be discriminated against for exercising any of these rights. We do not sell or "share" personal information for cross-context behavioral advertising as those terms are defined under California law.

EU / UK / EEA Residents (GDPR / UK-GDPR)

Residents of the European Economic Area, the United Kingdom, or Switzerland have the rights described above. The legal bases on which we process your information are: (a) the performance of our contract with you (providing the Service); (b) compliance with legal obligations; (c) our legitimate interests in operating, securing, and improving the Service; and (d) your consent where applicable. You also have the right to lodge a complaint with a supervisory authority in your country.

How to exercise your rights

To exercise any of these rights, email support@parentedge.com. We will respond to verifiable requests within 30 days (or such longer period as permitted by applicable law). We may need to verify your identity before fulfilling certain requests.

6. Data Retention

We retain your account information, athlete profile data, observations, and generated outputs for as long as your account remains active. Upon account deletion, we will delete or de-identify personal data within 30 days, except where retention is required to comply with legal obligations (for example, financial records for tax purposes), resolve disputes, or enforce our agreements. Aggregated or fully anonymized data may be retained indefinitely.

Consent records (Section 1.1) are retained for the longer of seven years or such period required to maintain a defensible audit trail.

7. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect your information, including encryption in transit (HTTPS), encryption at rest (provided by our infrastructure partners), access controls, audit logging, and database-level row security to ensure that your data is accessible only to you. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security.

If we become aware of a security incident affecting your personal information, we will notify you and applicable regulators as required by law.

8. International Data Transfers

The Service is operated from the United States, and our principal service providers are located in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, which may have data-protection laws different from those of your country. By using the Service, you consent to this transfer and processing.

Where required, we rely on standard contractual clauses or other approved transfer mechanisms with our sub-processors for cross-border transfers of personal information.

9. Publicly Shared Content (Athlete Dossier)

The Service allows you to optionally generate a sharable Athlete Dossier (also referred to as a "player card") and to enable public sharing of that Dossier through a publicly accessible URL. Public sharing is off by default and is only enabled when you explicitly opt in through your account settings.

When you enable public sharing of an Athlete Dossier:

The Dossier becomes accessible to anyone who has the link, without requiring authentication or registration with the Service;
Search engines, crawlers, and other automated services may discover, index, and cache the page; the URL and its contents may be retained by those third parties — including search engines, web archives, and screenshot/preview services — even after you later disable public sharing;
Link-preview features on social platforms (iMessage, Slack, Discord, Facebook, X, LinkedIn, and others) may fetch and display the public share image — which is generated from the Dossier content — when the link is sent or posted;
Information contained in the publicly shared Dossier is no longer protected by the access controls and row-level security described elsewhere in this Policy.

You may disable public sharing at any time through your account settings. Disabling public sharing prevents new visitors from accessing the Dossier through ParentEdge, but does not retrieve copies that may have been saved, indexed, cached, or otherwise captured by third parties during the time the Dossier was public.

By enabling public sharing, you voluntarily and knowingly assume the risk of publicly disclosing information about a minor athlete in your care. Before enabling public sharing, you should review the contents of the Dossier and consider whether you are comfortable with that information being viewable by any member of the public, including individuals you cannot identify. We recommend reviewing the Dossier text before each share and using the toggle only when there is a specific recipient in mind.

We do not actively promote, index, list, or distribute publicly shared Dossiers. Any distribution of the share link or its contents is initiated by you or by the recipients of the link.

10. Third-Party Links and Content

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing any information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will provide notice by email or through the Service before the changes take effect. The "Last Updated" date at the top of this Policy indicates when it was last revised.

12. Contact

Privacy questions, requests, or concerns: support@parentedge.com

CSM Inc.
State of Michigan, United States