← Back to Hearth

Privacy Policy

Last updated: 26 April 2026

1. Information We Collect

We collect information you provide directly: your name, email address, and account details via Clerk authentication. Within Hearth you create learning log entries, learner profiles, facilitator notes, photos and other media you choose to attach, and pedagogy preferences. We collect basic technical telemetry (request timing, error stack traces) needed to operate the service. We do not collect free-form learner names, entry content, or messages in any analytics event — see §3.

2. How We Use Your Information

Your information is used to provide and improve the Service: displaying your learning logs, generating Australian Curriculum-aligned reports, suggesting relevant content, and powering AI-enriched summaries at write-time. We do not sell your personal information and we do not share it with advertisers or data brokers.

3. Analytics & Error Reporting

We use PostHog (self-hosted) for product analytics and Sentry for error reporting. Our posture for both:

  • No autocapture. We only send a small allowlist of events (e.g. entry created, report exported) — never autocaptured page contents or text inputs.
  • Identifiers are hashed. Your account ID and your family ID are SHA-256 hashed before they leave your browser, so the analytics service never sees the raw identifiers.
  • No learner content in events. Entry text, learner names, photos, and free-form text are never sent to PostHog or Sentry.
  • Family-level aggregation. Two parents on the same household are grouped under one anonymous family identifier so usage funnels reflect the household, not two separate persons.

4. AI Processing

When you save a complete learning log entry, the entry text is sent once to Anthropic's Claude (Haiku model) to generate curriculum alignments and a summary. While drafting an entry, a debounced version may also fire to surface in-Logger reflection prompts. All AI calls happen at write-time; no runtime AI is wired into screens you read. Anthropic's terms forbid training on your content.

5. Data Storage & Hosting

User and transactional data is stored in Neon (serverless PostgreSQL) with encryption at rest. Application code runs on Vercel. Reusable learning content (modules, activities, capability threads) lives in Sanity CMS. Authentication is handled by Clerk. Photo and media evidence you attach to entries is stored in Vercel Blob. We choose Australian or nearby regions where the service provider exposes that option; specific region details are available on request.

6. Data Sharing

We share data only with the service providers necessary to operate Hearth: Clerk (authentication), Neon (database), Vercel (hosting + media), Sanity (content), Anthropic (AI enrichment), Sentry (error reporting), and PostHog (analytics, self-hosted). Each provider is contractually bound to use the data only to provide their service to us.

7. Children's Information

Hearth is used by parents and other authorised facilitators to log children's learning. Children do not create accounts and do not interact with the Service directly. All child-related data — names, photos, learning entries, badge progress — is controlled entirely by the family account holder, who can edit or delete it at any time.

8. Your Rights (Australian Privacy Principles)

Under the Australian Privacy Principles, you have the right to access, correct, or delete your personal information.

  • Export everything. The Settings → Account screen calls /api/account/export to download a JSON archive of your family, learners, entries, planner, library, badges, and settings.
  • Delete everything. The Settings → Account screen calls /api/account/delete after explicit confirmation. This irreversibly removes every family-scoped row across all of our internal tables. Authentication records held by Clerk should be removed separately via the Clerk-provided account-deletion flow.
  • Correct anything. Edit profile data, learner profiles, and entries from within the app at any time.

If a self-service flow doesn't cover your request, email us at hello@hearthlearning.au and we'll respond within 30 days.

9. Retention

Data persists for as long as your account is active. After account deletion, the family cascade described in §8 is immediate. Operational backups (Neon point-in-time recovery) retain a rolling window — typically 7 days on our current plan — and roll off automatically. Stale draft modules you never published are removed after 90 days; expired notifications are dismissed weekly.

10. Cookies

Hearth uses essential cookies for authentication, session management, and theme preference only. We do not use tracking or advertising cookies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email and an in-app notice before they take effect.

12. Contact

Privacy questions, complaints, or requests? Reach us at hello@hearthlearning.au. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.