Designed around the rules for children's products.
Sparky targets kids 6 to 10, so the U.S. Children's Online Privacy Protection Act (COPPA) applies. Here is how we follow each rule, by design.
Does COPPA apply to this site today?
No, not yet. COPPA regulates the collection of personal information from children under 13. Today this site does only one thing: it lets a parent join a free email waitlist. No child uses anything on this site, no child fills in a form, and no data from a child is collected.
The commitments below describe how the future Sparky device — designed for kids 6 to 10 — will be built to comply with COPPA. They are design intent for the product, not yet active obligations. Final implementation will be reviewed by counsel and, where relevant, by an FTC-approved Safe Harbor program before the first device ships.
What COPPA is
COPPA is a U.S. federal law (15 U.S.C. §§ 6501–6506) that regulates how operators of online services collect and use personal information from children under 13. The Federal Trade Commission (FTC) enforces it. The rule sets out six core obligations. Sparky is built to meet each one.
The six commitments (design intent)
How we plan to address each COPPA obligation when the product ships.
1. A clear, complete privacy notice
We publish a plain-English privacy policy that lists the categories of information we collect, how it is used, who it is shared with, and what rights parents have. The notice avoids legalese so parents actually read it.
2. Direct notice to parents before collection
Setup happens through the parent app on an adult's device. Before any data about the child is collected, the parent sees an in-app notice describing exactly what will be collected and why. No silent collection. No buried checkboxes.
3. Verifiable parental consent
We require verifiable parental consent before activating a child profile. Verification uses one of the FTC-approved methods: a small, immediately-refunded credit card charge for identity verification, or a signed consent form returned by email, at the parent's choice. The child cannot self-activate the device.
4. Parental access, review, and deletion rights
- Parents can see everything tied to their child's account through the parent app.
- Parents can export the data in a portable format.
- Parents can delete the account or any individual conversation at any time.
- Parents can revoke consent and the account is fully deleted within 30 days.
5. No conditioning of participation
We never ask for more personal information than is reasonably necessary to use the product. A child can use Sparky after only a first name (or nickname), age range, and language preference. Extra fields are always optional.
6. Security and limited retention
- All data is encrypted in transit and at rest.
- Voice transcripts are retained for a short rolling window (typically 30 days) so parents can review and so we can investigate safety issues. After that they are deleted on a rolling basis.
- Raw audio is not stored beyond the immediate transcription.
- Production access is logged. Only a small team can access child-linked data, and only with a documented reason.
What we will never do
- Sell, rent, or share child data with advertisers or data brokers.
- Use child voice data to train third-party AI models.
- Run behavioral advertising in the product or the parent app.
- Build a profile of the child for marketing purposes, ours or anyone else's.
Safe Harbor program
Before shipping, we plan to apply to an FTC-approved COPPA Safe Harbor program (such as kidSAFE Seal or iKeepSafe). These programs provide independent oversight, regular audits, and a public certification that an outside party has reviewed our practices.
Reporting a concern
If you believe Sparky has collected data from a child without proper consent, or you want to exercise any of the rights above, write to hello@sparky.ai. You can also contact the FTC directly at ftc.gov/coppa.