Privacy Policy
For learnplaybond.com and the Circl by LearnPlayBond mobile app.
Effective: 15 July 2026 · Operated by Anshu Verma (sole proprietor, trading as “LearnPlayBond”)
At a glance
The short version, for tired parents. Each card links to the full detail below. These summaries are a reading aid — the full text of this policy is what governs.
1. Who we are
In short: LearnPlayBond is run by Anshu Verma (sole proprietor, trading as “LearnPlayBond”). Questions? Email [email protected].
LearnPlayBond ("we", "us") is operated by Anshu Verma (sole proprietor, trading as “LearnPlayBond”), based in India. We provide the learnplaybond.com website (including our learning programs and activity tools) and the Circl by LearnPlayBond mobile app ("Circl"), a companion for parents and caregivers. Under India's Digital Personal Data Protection Act, 2023 ("DPDP Act") we are the data fiduciary for the personal data described in this policy. You can reach us about anything in this policy at [email protected].
2. Who and what this policy covers
In short: It covers you (a parent or caregiver, 18+) and the information you share about your family — on the website and in the Circl app. Children are never users of our services.
This policy covers personal data we process when you use learnplaybond.com or the Circl app. Our services are designed for adults — parents, guardians and caregivers. Children do not create accounts, do not sign in, and never interact with our services directly. When you add information about your child or pregnancy, you are the one providing it, and you confirm you are the child's parent or lawful guardian (or have their permission) and consent to its processing on the child's behalf, as the DPDP Act requires. Section 4 explains exactly how we treat that data.
3. What we collect and why
In short: Your account basics, the family details you choose to add, your child's development and health notes that you log, your Coach conversations, payment records (never card numbers), and — only if you opt in — anonymous-style usage analytics.
Your account
You sign in with Google. From that we receive your name and email address (and Google may share a profile picture). In Circl we ask your first name and your role in the family (mother, father or caregiver), and your country of residence and cultural origin so guidance and emergency numbers fit where you live. Website accounts also store a phone number and country/state if you provide them at checkout.
Your family circle
Your family's name, its members and their roles, and invitations you send. An invitation stores the role and (optionally) the first name you typed for the person you are inviting; it is delivered by you through your own messaging apps — we never collect the invitee's phone number or email. Before joining, an invitee sees only your family name and the role you chose for them.
Children, pregnancies, and what you log
If you add a child: their first name, date of birth and sex. If you add a pregnancy: due date or last menstrual period date, and whether it's a multiple pregnancy. You can then log observations — sleep, feeding, mood and behaviour, milestones, illness (symptoms, temperature, medication given), family events, and for pregnancy: symptoms, clinic visits (including weight, blood pressure and similar readings you enter), kick counts and notes. You can also maintain a profile per child or pregnancy (routines, allergies, conditions, medications, and similar). Much of this is health data — we treat all of it as sensitive, we use it only to operate the features you see (your timeline, recaps, growth view, and grounding the Coach), and we never use it for advertising or sell it. See Sections 4 and 5.
Coach conversations
Your messages with the Coach and its replies are stored so you can revisit them, along with a per-reply disclosure record of exactly what context was used. Section 5 covers this in depth, including what does and does not reach the AI provider.
Payments
Purchases are processed by Razorpay. Your card, UPI or bank details go directly to Razorpay — we never see or store them. We keep the order and payment records we need (amount, what you bought, payment status and Razorpay's reference IDs) for accounting and support.
Activity generator (website)
When you generate an activity we collect the child's age, the category, and any free-text preferences you type, and we send them to our AI provider (OpenAI) to create the activity. The text you type is sent as you wrote it — please avoid putting names or personal details in that box.
Support and consent records
If you contact us we keep your message and contact details. When you give or withdraw a consent (onboarding, child data, analytics, Coach feedback), we keep an audit record of that choice — including a technical fingerprint of the request (IP address, or a truncated hash of it for website analytics consent, and browser/device user-agent) — so we can prove your choices were honored.
4. Your child's data
In short: You provide it, you control it, you can delete it. We never advertise to children, never profile them, and our analytics is deliberately built to carry no child details at all.
Children are the people this product ultimately serves — and they are also the people it must protect hardest. Here is exactly where your child's data stands:
- Parent-provided, parent-consented. Every piece of child or pregnancy data in our systems was entered by you or a member of your family circle. During onboarding you give explicit consent to process it, and we record that consent. You may withdraw it at any time (Section 10).
- No child users. Children cannot create accounts or sign in. Our services are directed at adults; our store listings declare an adult (18+) target audience.
- No advertising, no profiling, no tracking of children. We show no ads, we build no advertising or behavioural profiles of your child, and our analytics events are deliberately designed to carry no child data — not names, not ages, not what you logged, not even the kind of observation. This honors the DPDP Act's prohibition on tracking and behavioural monitoring of children.
- Visible only to your circle. Your child's information is accessible to your family circle members and to no other users. Access control is enforced at the database layer, not just in the app.
- Minimised before AI. When the Coach uses your child's context, their name is replaced with a token and their date of birth is reduced to an age in months before anything leaves our systems (Section 5).
5. The AI Coach and your data
In short: The Coach is an AI. Before your question reaches the AI provider, names and identifying details are stripped by code that refuses to send anything that still looks personal. Every reply shows you what was shared. Deleting a conversation erases its contents immediately.
The Coach in Circl is powered by large language models from Anthropic. You are talking to an AI, not a person — the app says so, and so do we here. When you send a message:
- Redaction first, always. Before anything is sent to the AI provider, our systems replace names with neutral tokens (like "[CHILD]"), convert dates of birth into an age in months, and strip emails, phone numbers, long digit sequences and similar identifiers. If anything that looks personal still remains, the request is refused rather than sent. Hospital names, photos and contact details are never included at all.
- Context on a need-to-know basis. The Coach uses only a purpose-picked slice of your data for the question at hand (for a sleep question: sleep routines and recent sleep logs — not your whole profile). Health details like allergies, conditions or medications are included only for health-related questions.
- Per-reply transparency. Every Coach reply carries a "what was used" disclosure you can open — the exact context that was sent, and what was deliberately withheld. We keep those disclosure payloads for 90 days so you can audit recent replies, then erase them.
- Not used to train AI models. Under our AI provider's API terms, your conversations are not used to train their models. The provider may retain API inputs briefly for abuse prevention under its own policies.
- Your conversations, your delete button. Conversation history is stored in your account so you can revisit it. Deleting a conversation erases its message contents and disclosure records immediately — not just hides them — and also removes any copy shared with a human expert.
- Humans only with your say-so. If you ask to escalate to a real person, sharing the conversation transcript with that expert is off by default and happens only if you switch it on — and even then, with names tidied out.
- Safety guardrails. The Coach does not diagnose and does not give medication or supplement dosages. Emergency-sounding messages surface local emergency guidance above the reply. The Coach is not a medical service — see our Terms for the full disclaimer, and always consult your paediatrician or doctor for medical concerns.
6. Analytics and crash reporting
In short: In Circl, analytics is off until you say yes — and never includes what you write or your children's details. On the website, all analytics (Mixpanel and Google Analytics) waits for your consent. Crash reporting runs to keep things working, with personal details kept out.
In the Circl app — opt-in only
Usage analytics (Mixpanel, hosted in the EU) does not run at all unless you opt in — at onboarding or later in Settings — and you can turn it off any time, which also purges queued events on your device. What we track when it's on is a short, fixed list: app opened, which screens are visited (by screen name only), sign-in, consent given, a subject was created, an observation was logged, an invite was sent or accepted. These events deliberately carry no content and no child details — not the observation kind, not names, not text. Events are keyed to a random-looking account identifier; analytics never receives your email or name from the app.
On the website
No analytics runs until you accept the consent banner. Once you accept, product analytics (Mixpanel, hosted in the EU, which also respects your browser's Do-Not-Track setting) and Google Analytics / Google Tag Manager (aggregate site statistics — pages visited, general traffic sources) start; Google sets cookies for this — see Section 13. If you are signed in and have accepted analytics, events are linked to your account id, and your email and name may be set on your analytics profile to help us understand our customers.
Crash and error reporting
We use Sentry to catch crashes and errors so we can fix them. This runs as part of making the service work. In the app it is configured to exclude personal details (no account identity is attached; navigation and technical context only). On the website, error reports may include your account id, email and name if you are signed in, and request details are scrubbed of passwords and tokens before sending.
8. Where your data lives
In short: Your family's data is stored in India (Mumbai). Some service providers process limited data in the EU and the US, as listed above.
Our application database and servers are located in Mumbai, India. Some processing happens abroad: redacted Coach messages (US, Anthropic), activity-generation inputs (US, OpenAI), opt-in analytics (EU), error reports (EU), and transactional email (US). We transfer data outside India only as permitted by the DPDP Act and applicable government notifications, and we list the destinations openly in Section 7 so you always know where your data can travel.
9. How long we keep data, and how deletion works
In short: Coach conversations: erased the moment you delete them. Coach context payloads: 90 days. Your logs and profiles: kept until you remove them or ask us to. Full account deletion: email us and we complete it within 30 days.
What you can delete in the app, today
- Coach conversations — deleting one immediately and permanently erases its message contents and disclosure records, including any expert-shared copy.
- Profile fields — clearing a child/pregnancy profile field removes that value.
- Subjects after an outcome — children and pregnancies with a recorded outcome can be archived and deleted from the Archive screen.
Deleting your account and everything in it
Email [email protected] from your account's email address with the subject "Account deletion request", or use Profile → Privacy & data → Delete account in the Circl app. We will verify it is you, delete your account and your family's data (including children's profiles, observations and Coach history) within 30 days, and confirm when done. Step-by-step instructions live on our dedicated deletion page — the deletion resource we reference from our app-store listings. What survives deletion, and why: payment and tax records we are legally required to keep; consent and governance audit records (kept permanently to prove your choices were honored); and residual copies in encrypted backups that age out on backup rotation.
Retention defaults
- Coach per-reply context payloads: erased after 90 days (aggregate, non-identifying statistics are kept).
- Observations, profiles, family data: kept while your account is active, so your timeline works.
- Consent and governance records: retained permanently as an audit trail of your choices.
- Payment records: retained as required by Indian tax and accounting law.
10. Your rights
In short: Access, correction, erasure, consent withdrawal as easy as consent, a nominee for your account, and a real grievance process — for everyone, with DPDP as our baseline.
Under the DPDP Act (and as our baseline for all users everywhere), you can:
- Access — ask for a summary of the personal data we hold about you and your family and how it is processed.
- Correct — fix anything inaccurate, in the app or by asking us.
- Erase — delete data in-app (Section 9) or request full erasure.
- Withdraw consent — as easily as you gave it: analytics has an in-app toggle; for child-data processing, withdrawing consent means we stop processing and delete on request. Withdrawal doesn't affect the lawfulness of what happened before it.
- Nominate — designate someone to exercise these rights for you if you are unable to; email us to record a nominee.
- Complain — first to our Grievance Officer (Section 11); if unresolved, you may approach India's Data Protection Board.
If you use our services from outside India, we honor the same rights, and you may also have additional rights under your local law (such as the GDPR if you are in the EU/UK) — contact us and we will handle your request under whichever framework protects you most.
11. Grievance redressal (India)
In short: A named human answers privacy complaints: Anshu Verma, [email protected]. Acknowledged within 72 hours, resolved within 30 days.
Our Grievance Officer under the Information Technology Act, 2000 / IT Rules, 2021 and our designated contact for DPDP matters:
We acknowledge complaints within 72 hours and aim to resolve them within 30 days. If you are not satisfied with our resolution, you may escalate to the Data Protection Board of India.
12. How we protect your data
In short: Encryption in transit everywhere, database-level access rules, sign-in tokens in your phone's secure enclave, secrets vaulted, and AI redaction enforced by code — not by promise.
- All traffic is encrypted in transit (TLS/HTTPS).
- Every data request is authorized at the database layer — your family's records are scoped to your family circle by row-level rules, not just app logic.
- On your phone, sign-in tokens live in the iOS Keychain / Android Keystore.
- Server credentials and API keys are kept in a dedicated secrets vault; our internal AI gateway sends no telemetry.
- The Coach's redaction is enforced in code and fails closed: if identifying data can't be removed, the request isn't sent.
- Payment card data never touches our systems (processed by Razorpay, an RBI-regulated payment aggregator).
No internet service can promise perfect security — but if a breach ever affects your data, we will notify you and the authorities as the law requires.
14. Changes to this policy
In short: We date every version and tell you about material changes before they apply.
When we change this policy we will update the effective date above, keep prior versions available on request, and notify you of material changes in the app or by email before they take effect — particularly anything affecting children's data, which will ask for your consent again where required.
15. Contact us
Privacy questions and rights requests: [email protected]
General support: [email protected]
Anshu Verma (sole proprietor, trading as “LearnPlayBond”), India