Privacy Policy
Last updated: March 16, 2026
Daily Weave is currently available to users in the United States only.
1. Information We Collect
Daily Weave (“we”, “us”, “our”) collects the following information when you use our service:
- Account information: name, email address, and password when you create a parent account.
- Child profiles: child first names, dates of birth, and learning-related data entered by a parent or guardian.
- Child-entered data: children may input interest topics, interest descriptions, portfolio item submissions, and mark lessons, chores, and activities as complete. Portfolio submissions require parent approval before becoming part of the child’s record.
- Usage data: curriculum schedules, activity logs, attendance records, grades, and portfolio items you create within the platform.
- Calendar data: if you connect Google Calendar or Outlook, we access only the calendar you designate for syncing.
- Health records: provider names, appointment dates, and notes you voluntarily enter. This data receives heightened protection (see Section 11).
- Payment information: processed securely by Stripe. We never store credit card numbers. See Section 8 for details.
2. How We Use Your Information
We use your information to:
- Provide and improve the Daily Weave service.
- Generate personalized AI-powered learning recommendations based on interest topics (not personal information).
- Send transactional emails (account verification, password resets, COPPA consent).
- Display your data back to you in dashboards, schedules, and reports.
- Monitor service reliability and prevent abuse.
3. Children’s Privacy (COPPA Compliance)
We comply with the Children’s Online Privacy Protection Act (COPPA) and take the protection of children’s data seriously.
3a. How We Collect Children’s Information
All child profiles are created by a parent or legal guardian. Children do not provide an email address, password, or personal contact information. Children log in using a numeric PIN set by their parent.
3b. Information Collected from Children
Children may directly input the following within the platform:
- Interest topics and descriptions (used to generate AI learning resources)
- Portfolio item suggestions (title, category, description, date — subject to parent approval)
- Lesson, chore, and activity completion status
3c. Verifiable Parental Consent
For children under 13, we use the “Email Plus” method of verifiable parental consent as defined by the FTC. When a parent adds a child under 13, the child’s account remains inactive until the parent confirms consent by clicking a verification link sent to their verified email address. The child cannot log in or use the platform until this consent is confirmed.
3d. Parental Rights Under COPPA
Parents have the right to:
- Review all information collected from or about their child through the parent dashboard.
- Refuse further collection or use of their child’s information.
- Request deletion of their child’s information at any time by removing the child from their account.
- Revoke COPPA consent, which will deactivate the child’s account.
3e. Third-Party Disclosure of Children’s Data
We do not disclose children’s personal information to third parties except as necessary to provide the service (see Section 8). When using AI features, only the interest topic and description text are sent to our AI provider — no child names, dates of birth, or identifying information.
4. AI-Generated Content
Daily Weave uses Anthropic’s Claude AI to generate educational resource recommendations (interest-based learning resources and lesson plan suggestions). When using AI features:
- We send only the interest topic, description, and curriculum metadata to Anthropic. No child names, dates of birth, or personally identifiable information are included in AI requests.
- Children are instructed not to include personal details in their interest descriptions.
- AI-generated content (resource titles, URLs, descriptions) is stored in your account for your convenience.
- We track AI usage (token counts, costs, success/failure) for billing and quality monitoring. These logs are linked to your family account but do not contain the content of AI responses.
- Anthropic’s data retention policies apply to data sent to their API. See Anthropic’s Privacy Policy for details.
Disclaimer: AI-generated educational resources are suggestions only. We do not guarantee the accuracy, completeness, age appropriateness, or educational value of AI-generated content. Parents are responsible for reviewing and approving all resources before use in their homeschool program.
5. Calendar Integration
If you choose to connect Google Calendar or Microsoft Outlook:
- We request access only to the specific calendar you designate for syncing.
- OAuth access tokens and refresh tokens are encrypted at rest using AES-256 encryption in our database.
- We sync only Daily Weave events (lessons, activities, appointments) to your calendar. We do not read or store your existing calendar events.
- You can disconnect calendar sync at any time from your settings page, which revokes our access and deletes stored tokens.
6. Cookies and Tracking
We use a single essential cookie to maintain your login session. This is an encrypted, HTTP-only, SameSite cookie that contains only your session identifier. We do not use tracking cookies, analytics cookies, advertising cookies, or any form of cross-site tracking.
7. Data Sharing
We do not sell your personal information. We share data only with:
| Processor | Data Shared | Purpose |
|---|---|---|
| Anthropic | Interest topics & descriptions (no PII) | AI resource generation |
| Stripe | Parent email, payment details | Subscription billing |
| Resend | Parent email address | Transactional emails |
| Sentry | Anonymous error reports (no PII) | Error monitoring |
| Google / Microsoft | Calendar events (only if you enable sync) | Calendar synchronization |
All sub-processors store data in the United States. Children’s personal information is never shared with Stripe, Resend, or Sentry. Only anonymized interest topics (no PII) are shared with Anthropic for AI features.
8. Data Storage and Security
Your data is stored in a PostgreSQL database hosted in the United States with encryption at rest. All data in transit is protected by TLS 1.2 or higher. Calendar OAuth tokens are encrypted at rest using AES-256 encryption. We use secure, HTTP-only session cookies with SameSite protection. Passwords and children’s PINs are hashed using bcrypt with industry-standard salt rounds.
Payment processing is handled entirely by Stripe, which is PCI DSS Level 1 compliant. We never receive, store, or process credit card numbers.
9. Data Retention
We retain your data for as long as your account is active. If you delete your account, all associated data (including child profiles, curricula, portfolio items, and AI usage logs) will be permanently deleted immediately. This action cannot be undone.
10. Data Breach Notification
In the event of a data breach affecting your personal information, we will notify you via email within 72 hours of discovery, in accordance with applicable state and federal law. If children’s data is affected, we will also notify the FTC as required by COPPA.
11. Health Data
Health-related data you enter (provider names, appointment dates, notes) is stored with the same security protections as all other data. This information is entirely optional and is never shared with third parties. We do not provide medical advice. You may delete health records at any time from your parent dashboard.
12. Third-Party Links
AI-generated resources may include links to third-party websites (including YouTube). We are not responsible for the content, privacy practices, or policies of third-party websites. Parents should review any linked resources before sharing with their children.
13. Your Rights
You have the right to:
- Access all data associated with your account.
- Export your data (attendance records, grades, transcripts, portfolio items).
- Update or correct your information at any time.
- Delete your account and all associated data.
- Withdraw consent for data processing.
- Opt out of AI features (you can use Daily Weave without enabling AI-powered resource generation).
California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale of personal information (we do not sell personal information).
14. Contact Us
For privacy questions, COPPA-related parental requests, or data requests, contact us at:
Email: info@dailyweave.com
Mail: Shipyard Labs LLC, Attn: Privacy, 145 Beachwalk Shore Dr, Ste 102 PMB 1079, St Johns, FL 32259