Smart Safari — Privacy Policy

Last updated: [INSERT DATE WHEN YOU PUBLISH] Operator: [YOUR FULL NAME OR REGISTERED BUSINESS NAME] Contact: fakazi.fuze@gmail.com

1. Plain English Summary

We made Smart Safari for South African kids and their parents. Here's the short version of how privacy works:

All your data stays on your phone or computer. We don't have a server holding your kids' info.
We don't ask children for their email, phone, or last name. Just a first name and a username they pick.
We don't sell anything to anyone. No ads, no tracking pixels, no data brokers.
Parents have full control. Edit profiles, delete data, all from inside the app.
You can wipe everything anytime by clearing your browser data.

The rest of this document is the formal version required by South African law (POPIA — Protection of Personal Information Act, 2013).

2. Who We Are

Smart Safari ("the App") is operated by [INSERT YOUR NAME OR BUSINESS NAME], an individual / sole proprietor based in South Africa.

Responsible Party (POPIA term): [YOUR NAME] Information Officer: [YOUR NAME] — fakazi.fuze@gmail.com

If you have any privacy concerns, questions, or requests, contact us at the email above.

3. What Information We Collect

Smart Safari is designed to collect as little information as legally and technically necessary.

From children (users under 13):

First name only — used to personalise the experience (e.g. "Welcome back, Mholi!")
A username — a unique handle on your device (e.g. "@mholi"), chosen during setup
Grade level — used to deliver age-appropriate content (Grade R through Grade 7)
Avatar choice — an emoji picture they select
Game progress — questions answered, coins earned, level reached, items unlocked
Anonymous performance statistics — average response time, subjects practiced, time spent playing

From parents (optional):

Email address — only if you choose to provide one during setup, for future cloud sync features
A 4-digit PIN — to protect the Parent Center from children

We do NOT collect:

❌ Last names
❌ Phone numbers (parent or child)
❌ Physical addresses
❌ ID numbers
❌ Photos or biometric data
❌ Geographic location data
❌ Device IDs or advertising IDs
❌ Banking or payment information (no payment processing is active)
❌ Browsing history outside the App

4. How We Store Information

All information collected by Smart Safari is stored locally on the user's device in the browser's built-in storage (localStorage). This means:

No data leaves your device. It is not transmitted to our servers, because we do not operate any servers that receive user data.
Data persists between sessions so your child's progress is remembered when they return.
Each device has its own data. Profiles on one phone are invisible to other phones.
If you clear your browser data, all Smart Safari data is permanently deleted.

Future cloud sync (not currently active)

We are building an optional cloud sync feature so parents can access their kids' progress across devices. This feature is not yet active. When it launches:

It will be opt-in only — parents must actively enable it
It will require a parent email and password
Children will never have separate accounts; their profiles will live under the parent's account
Cloud data will be stored with a reputable provider (likely Google Firebase or Supabase) with industry-standard encryption
This privacy policy will be updated to disclose the data transfer at that time, and existing users will be notified

5. Why We Collect This Information

We process the limited information described above for the following purposes:

1. To run the App — show your child their progress, save their game state, restore their session
2. To personalise the experience — adapt difficulty, surface relevant rewards, show their name
3. To protect children — the Parent PIN keeps kids out of parental controls
4. To enable parental oversight — parents can see how their child is doing

We do not process information for:

Marketing or advertising

Profiling

Analytics

Sharing with third parties

6. Children's Privacy (Special Protection Under POPIA Section 35)

Smart Safari is designed primarily for children aged 5–13. We comply with POPIA Section 35 ("Processing of personal information of children") and applicable international standards (COPPA, GDPR-K).

Key protections:

We never collect email addresses, phone numbers, or contact information from children.
Parental consent: Before a parent account is created, an adult must complete a verification step (a multiplication question that an under-10 cannot easily answer in their head). This is a basic-good-faith age gate.
Parent controls: Parents can view, edit, and delete any child profile from the Parent Center at any time.
No third-party content: We do not display advertising, do not include third-party tracking scripts, and do not embed external services that could profile children.
No social features: Children cannot chat with strangers, share content, or be contacted by others through the App. There is no "friends list" or "messaging" feature.

If you are a parent and believe a child has used Smart Safari without your knowledge, contact us at fakazi.fuze@gmail.com and we'll guide you through deleting the data.

7. Sharing of Information

We do not share, sell, rent, or trade your information with anyone.

Because all data is stored locally on your device, there is technically nothing for us to share — we don't have it.

The only exceptions where information might be disclosed:

If required by South African law (e.g. a court order specifically directing us). To date, this has never happened.

In the case of a business transfer, if Smart Safari is ever acquired or transferred, any user data would be transferred under the same privacy protections — but again, we hold no user data on our servers, so there is nothing meaningful to transfer.

8. Cookies and Tracking

Smart Safari does not use cookies.

Smart Safari uses localStorage (a different browser storage mechanism) to save your game progress on your own device. This is functionally similar to a cookie but never sent to any server.

We do not use:

❌ Google Analytics

❌ Facebook Pixel

❌ Any third-party analytics or tracking

❌ Advertising networks

❌ Heat-mapping tools

9. Your Rights Under POPIA

As a data subject under POPIA, you have the right to:

1. Be informed about what data is collected and why (this document)
2. Access the personal information held about you — for Smart Safari, this means opening the app's Parent Center and viewing your profiles
3. Correct inaccurate information — done through the Parent Center → Manage Profiles → Edit
4. Delete your information — done by Parent Center → Manage Profiles → Delete, OR by clearing your browser data
5. Object to processing — discontinue use of the App at any time
6. Lodge a complaint with the Information Regulator if you believe your rights have been violated:
- Information Regulator (South Africa)
- Email: inforeg@justice.gov.za
- Website: https://inforegulator.org.za

10. Data Security

Because data is stored locally on your device, the primary security protection is your device's own security:

Use a passcode/biometric on your phone

Don't share your device with strangers

Don't use Smart Safari on public/shared computers if privacy is a concern

We have implemented these technical measures within Smart Safari:

The parent account is protected by a 4-digit PIN

Children cannot access the Parent Center or add new profiles without the parent PIN

No external connections are made except to load the App itself

We acknowledge that no system is 100% secure. If we ever discover a security breach, we will notify affected users via the in-app interface and via email (if a parent email was provided).

11. International Transfers

Smart Safari does not transfer data internationally because we do not transfer data anywhere — it stays on your device.

The App itself is hosted on Netlify (a global content delivery network), which means the App's code is served from servers around the world. However, no user data flows back to those servers — only the App's code is downloaded by your browser.

12. Retention

We do not retain user data on our servers (because we have none).

Data on your device is retained until:

You delete the profile through the Parent Center

You clear your browser data

You uninstall / stop using the App

There is no automatic data expiration.

13. Changes to This Policy

If we make significant changes to how we handle data (especially when we activate cloud sync), we will:

1. Update the "Last updated" date at the top of this document
2. Show a notice in the App on next launch
3. Email parents who have provided a parent email
4. Require fresh consent for any new data processing

Material changes will not be applied retroactively to existing users without their consent.

14. How to Contact Us

For all privacy-related matters:

Email: fakazi.fuze@gmail.com Subject line: "Privacy: [your question]" Response time: We aim to respond within 7 business days.

For POPIA access/deletion/correction requests, please:

Include the parent name and email you used (if any)

Describe what you want (delete a specific profile, view all data held, etc.)

We may ask for verification that you are the parent of the affected child

15. Plain Closing Statement

We built Smart Safari because our own kids in South Africa needed something better than ad-filled junk apps. We're committed to keeping it that way.

If you ever feel we're falling short of these promises, email us. We'll listen.

This privacy policy is provided in good faith and was last reviewed on [DATE]. It is intended to be POPIA-compliant for a non-commercial / pre-revenue product. If Smart Safari evolves to include payment processing, cloud sync, or any new data collection, this policy will be updated and material changes will be communicated to existing users.