Capti Global Privacy Policy

Updated May 27 2025

1. Introduction and Key Definitions

This is the Global Privacy Policy (this "Privacy Policy") of Charmtech Labs LLC ("Company," "we," "our" or "us") for use of the Capti application ("App"), capti.com website ("Site"), Products, the servers the Site is stored on including without limitation by use through an API, or the computer files stored on that server (collectively, the "Services"). We want our visitors to learn about our Services, and we help educators, researchers, parents, students, and other authorized users to easily put our Services to work.

In this Privacy Policy we describe the information we may collect about you through our Services (as defined in our Terms of Service), how we use that information, circumstances in which we share it, how we protect it, and the rights and choices you may have with regard to your information. Please read this Privacy Policy carefully before accessing or using our Services. By accessing or using any of our Services, you accept and agree to be bound by this Privacy Policy. If you do not agree to this Privacy Policy, do not access or use our Services.

This Privacy Policy is incorporated into our Terms of Service. Any capitalized terms not defined in this Privacy Policy have the definitions set forth in the Terms of Service.

In the event we add future Services that affect the terms of this Privacy Policy, we will revise accordingly. References to "you" or "your" pertain to all our site visitors, registered users, or our members throughout this Privacy Policy.

2. What is our general approach to your Personal Information?

We do not sell "Personal Information" as that term is commonly defined in applicable privacy laws. We use reasonable efforts to protect information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked with you or your household (your "Personal Information").

We know that when users provide Personal Information to an organization it is an act of trust. That trust is something we take seriously. We work to ensure that the Serviced observes compliance standards for online privacy, security, business practices, honest transactions, and availability. This Privacy Policy explains the steps we take to protect Personal Information shared with us through the Services or when you otherwise interact with us, including how we collect it, who has access to it and what is done with it.

In addition to federal privacy laws like FERPA (the Family Educational Rights and Privacy Act) and COPPA (the Children's Online Privacy Protection Act), we at Capti are aware of and design our systems and controls to abide by the numerous state student privacy laws. These include, for example, the Student Online Personal Information Protection Acts (SOPIPA) in California and Virginia and the Student Online Personal Protection Acts (SOPPA) in Illinois and Michigan.

3. What categories of Personal Information do we collect?

Depending on the nature of your relationship with Capti, the categories of Personal Information we collect and use may include the following (these are examples and may be subject to change):

Identity Data	Information such as your name; address; email address; telephone number; age and/or age range; grade level; account login details, including your username and password, or other account-related information; and information you provide in connection with your application to be an employee or to otherwise collaborate with us.
Contact Data	Identity Data that relates to information about how we can communicate with you, such as email, phone numbers, physical addresses, and information you provide to us when you contact us by email or otherwise communicate with us.
Location Data	Information about your location as determined based on your IP address.
Device/Network Data	Browsing history, search history, and information regarding your interaction with our Services (e.g., IP Address, MAC Address, SSIDs or other device identifiers or persistent identifiers), online user ID, device characteristics (such as browser/OS version), web server logs, application logs, browsing data, first party cookies, third party cookies, web beacons, clear gifs and pixel tags.
Commercial Data	Information about the Services for which you have registered and transactions you enter into with us, and similar information.
Inference Data	Personal Information used to create a profile about you, which may include your preferences, reading or writing levels, abilities, aptitudes, and other data or analytics provided about you or your account by our third-party partners or data aggregators.
Financial Data	Information such as bank account details, payment card information, and information from credit reference agencies, including similar data defined in Cal Civ Code § 1798.80(e), which is collected only to the extent you have subscribed to one of our paid Services.
Audio/Visual Data	Data collected if you submit audio, images, or video recordings to our Services, as well as any other audio or video files you may submit to us, in addition to voice mails, call recordings, and the like. Note, however, that we do NOT use any such data for the specific identification of any individuals.
User Content	Unstructured/free-form data that may include any category of Personal Information, e.g., data that you give us in free text fields such as comment boxes, content that you upload to our Site or Capti App answers you provide when you participate in assessments, sweepstakes, contests, votes and surveys, including any other Personal Information which you may provide through or in connection with our Services.

Sharing Your Personal Information for a Business Purpose

In the preceding twelve (12) months, The Company has disclosed the following categories of Personal Information for a business purpose with related third parties, defined under Information Transfer and Disclosure below:

Category A: Identifiers.
Category B: California customer records Personal Information categories.
Category C: Protected classified characteristics.
Category F: Internet or other similar network activity.
Category H: Sensory data
Category J: Non-public education information
Category K: Inferences drawn from other PI

Opt-Out of Sale in U.S.

The Company does not currently "sell" (as defined by the California Consumer Privacy Act and other U.S. state laws) any Personal Information subject to this Privacy Policy, and we do not exchange Personal Information for any type of financial incentive.

Marketing and Advertising Rights in U.S.

Opt-out of Marketing: All individuals have the right to opt-out of receiving marketing communications from Capti at any time. You may exercise your choices regarding marketing communications by clicking on the "unsubscribe" link in emails we send you, or you can please submit an email to privacy@capti.com.
Direct Marketing: California residents and residents of certain other states may have the right to request a list of Personal Information we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year.
No Marketing to Children. We do not do any marketing to children.

4. What information do we collect automatically about you?

Some information is collected automatically when you use our Services. This information may not on its own reveal your name or contact information, but it may include device and usage information, such as your IP address, browser, device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes, however we also use this information to improve our Services, to determine which features of our Services are most popular with our users, and to otherwise better understand our users' preferences.

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies). "Cookies" are small text files that are placed on your device by a Web server when you access our Services. Please see our Cookie Notice for more details.
Web Beacons. Pages of the Services and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Do Not Track. Please note that our Services do not currently respond to browser-based "do not track" signals. We will respond to any similar signals in the future as may be required by applicable law.

5. What information do we collect when you voluntarily provide it?

We collect Personal Information from and about you when you voluntarily provide it to us, in addition to Personal Information and other data we collect automatically when you visit the Services. Depending on the website you have accessed, or the other ways in which you interact with us, we may collect different types of information as outlined below.

Some of our Services enable you to register to create an account. If you do this, we will collect your name, username or email address, and password you provide. On some Services we may also request additional Personal Information associated with your account (such as your company name, school, or other data). We use this information in connection with your account and your use of our Services. We may also use this information to contact you regarding the Services you are using and other Company Services we believe would be of interest to you.

Any user of our Services wishing to obtain support must provide an email address. Without this information we cannot answer your questions. When submitting a support question to us you must not only provide a valid email address, but also first and last name, US state if applicable, country, role, and your specified request. Some of our Services offer multiple levels of access, some of which may require users to register or purchase a subscription, and others which are available without registration or subscription. Differences between levels of access may require corresponding differences in data collection practices.
If you purchase a subscription to one of our Services, you must provide a valid email address and password. Some Services may additionally require role (educator, parent, researcher), country, US state, and company.
For certain subscriptions, we may also require that you provide billing information to our payment processor Service Providers, AppStore and PayPal. For PayPal, you enter billing information through our Site, but we do not retain such information. We also use Intuit QuickBooks to bill administrators directly for our Services. Note that qualifying educators in partner states can subscribe to some of our Services for free and thus without the need to provide billing information. All registered users may voluntarily submit additional personal information, like their first and last name, into their profile information and select mailing lists to which they wish to subscribe.

We may offer limited time, seasonal, early or limited access, special purpose or demonstration versions of our Services. In such cases we may collect additional information, tied to the registrant's email, role, country, and state. Where applicable, we may permit users to provide student data in order to customize the registered user's use of the offered Services. Some such Services allow registered users to provide:

Student name or nickname
Completed grade level
Classes registered for
Ability level (e.g., in reading, writing, etc.)
School District or state
Demographic information (sex, race, free and reduced lunches, etc.)
Performance measurement results

Paid Subscriptions and Financial Information

If you need to submit a payment to us via credit or debit card, we use Intuit QuickBooks for invoice payment, AppStore for in-App purchases on iOS, and PayPal for any purchases via www.capti.com. Intuit QuickBooks processes credit and debit cards via QuickBooks website; we have no access to card information. AppStore purchases are charged to the card you have on file with Apple; we have no access to card information. However, for PayPal payments, you will enter the card information on our Site—we securely pass it along to PayPal, but we do not retain such information. We encourage you to review the PayPal privacy policy at PayPal Privacy, AppStore Privacy, and Intuit QuickBooks Privacy to learn about how they manage your data.

In any event, when you enter into a paid subscription for one of our Services, sensitive credit card data is exchanged using direct and indirect communication between these payment processors and you. We do not collect, control, see or store any of the card data exchanged with these payment processors.

Service Form Inquiry

Certain pages on some of our Services enable you to submit inquiries or requests to us. These Services collect Personal Information when users complete an inquiry or request for more information using our online form. These forms typically collect the following information: first and last name, phone number, email address, organization name, organization type, areas of interest. We may share this information with our third-party service providers, including storing the information in cloud-based contact management systems, and providing the information to third parties who assist us with our email marketing and other communications.

Handling Audio Recordings

You may be able to submit audio recordings to some of our Services, e.g., audio notes, voiceover, pronunciation analysis, etc. These Services may enable users to record themselves reading a presented passage or to upload an audio file of themselves or others reading. When we collect oral reading samples, data collected may include the reader's grade (if a student), date and time of the recording, and prior ability information used to calculate current oral reading ability. Information we send back as a result of the analysis may also be linked to data or files retained in our system. We may use a Third-Party provider for automated speech recognition (ASR) and/or analysis. Once processed, an informational oral reading ability measure is displayed, the recognized text is stored. We do not process audio data for the purposes of deducing or inferring any special characteristics that are restricted by law or regulation about the reader. We do not use audio content for any purpose other than as described above, and audio content is not used to uniquely identify you.

Children's and Adult Information Collected

We collect personal information directly from children and adults through our Services. We may receive data provided by a parent regarding their child, or by a state, school district or teacher containing information regarding a child or groups of children; however, any group information is aggregated and anonymized. If a student minor is a resident of Colorado, Quebec, UK or the European Union, we will require prior parental consent to process any non-anonymized information and to transfer it to our servers outside their home residency.

If you are logging in through a school district facilitated program, we have assumed that the school district or school has procured consent to process yours or your child's personal information. However, if you are direct subscriber, we need prior parental consent for minors or your consent. If you believe that we have collected yours or the Personal Information directly from a child under the age of 13 (in the U.S.) or 16 (typically the applicable age in European countries) without following the proper consent procedures, please contact us at privacy@capti.com.

Information Collected from Children under Age 13

The Children's Online Privacy Protection Act of 1998 and its rules (collectively, "COPPA") require us to inform parents and legal guardians (as used in this policy, "parents") about our practices for collecting, using, and disclosing Personal Information from children under the age of 13 ("children"). It also requires us to obtain verifiable consent from a child's parent for certain collection, use, and disclosure of the child's Personal Information. Please see our Children's Privacy Policy Supplement for information about the Personal Information that we collect from or about Children under Age 13.

2. Information We Collect Directly

A child must provide us with the following information to register for our Services: email, first and last name, and password. The child does not need to provide the real name, but the email needs to be valid (for individual users) and the email does not need to be valid for an education account. We may request additional information from your child, but this information is optional. We specify whether information is required or optional when we request it.

Certain features of our Services enable registered users to record their voice, such as audio transcription or recording of their own content, or of third-party content such as books. ("Audio Content") Creation and use of the Audio Content results in the temporary collection and recording of a voice audio file. We only use the audio files generated from the Audio Content to assess students' aural reading, as well as to improve assessment capability, and do not make other uses of the audio files. We keep the associated audio files for as long as the education account is active, or we can delete them at any time upon the request of the school.

7. Operators That Collect or Maintain Information from Children

Children can access many parts of the Site and its content and use some of its features without providing us with personal information. However, some content and features are available only to registered users and require us to collect certain information, including personal information, from them. In addition, we use certain technologies, such as cookies, to automatically collect information from our users (including children) when they visit or use the Site.

We only collect as much information about a child as is reasonably necessary for the child to participate in an activity, and we do not condition his or her participation on the disclosure of more personal information than is reasonably necessary.

10. How long do we keep Personal Information?

In general, we keep Personal Information as long as it is reasonably necessary in connection with the purpose for which it was provided, and for which parental consent has been received. For Personal Information collected through our Services for account registration and subscription payment purposes, we will keep such information for as long as a Member maintains registration and or subscription in good standing. Once those registrations or subscriptions lapse or terminate, unless a written agreement between us and a member provides otherwise, we may keep Personal Information for as long as needed only to meet regulatory requirements or business requirements.

We will ensure that all Personal Information that constitutes an "Educational Record" (as defined by the Family Educational Rights and Privacy Act (FERPA)) in our possession and in the possession of any subcontractors, or agents to which we may have transferred Educational Records, are destroyed or transferred to the School/District under the direction of the School/District when the Educational Records are no longer needed for their specified purpose, at the request of the School/District.

Any Educational Records held by us will be made available to the School/District upon request by the School/District.

Any kept Personal Information will remain subject to the restrictions on sharing and use outlined in this Policy for as long as it resides with us.

11. What is the Company's legal basis for processing?

We process your Personal Information in accordance with applicable data protection laws. If you are subject to the GDPR, we process Personal Information in accordance with one of the required legal bases. For example, when you voluntarily provide Personal Information to us, we primarily process it with your consent, or in order to fulfill a contract with you. Information we collect automatically is typically processed in accordance with our legitimate business interests, such as to improve our Services. We may also process certain Personal Information to the extent required by applicable legal requirements.

12. How can you exercise rights in your Personal Information?

At any time, users of our Services can change their Personal Information stored in the profile page. Members can also choose to opt-out of our mailing lists with immediate impact. Members can also close their memberships by following the directions listed for immediate closure of the membership. Closing a membership will not trigger the deletion of Personal Information.

Regardless of whether you are a member, depending on where you live, and subject to our obligations under applicable laws, you may have certain rights and choices regarding your Personal Information. For example, in addition to choices described elsewhere in this Privacy Policy, you may have some or all of the following rights and choices in general:

General Regional Rights

Access Rights: You may have the right to receive certain information, such as the following (these rights, and the applicable types of data and time periods, will vary depending on the laws applicable to the state or country in which you reside):
1. The categories of Personal Information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for collecting your Personal Information; and the categories of third parties with whom we shared Personal Information.
2. Access to and/or a copy of certain Personal Information we hold about you.
3. In some circumstances, you may have the right to obtain certain Personal Information in a portable format.
Erasure: You may have the right to request that we delete certain Personal Information we have about you. We may either decide to delete your Personal Information entirely, or we may anonymize or aggregate your Personal Information such that it no longer reasonably identifies you, and may use it to improve our Services. Certain Personal Information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide our Services to you, we may be required to retain certain information for legal purposes, and there may be other reasons we may need to keep certain Personal Information under various applicable laws. In addition, if you ask us to delete your Personal Information, you may no longer be able to access or use some of our Services.
Correction: You may have the right to request that we correct certain Personal Information we hold about you.
Limitation of Processing: Certain laws may allow you to object to or limit the manner in which we process some of your Personal Information, including the ways in which we use or share it. For example, you may have these rights if the processing was undertaken without your consent in connection with our legitimate business interests (although we may not be required to cease or limit processing in cases where our interests are balanced against your privacy interests).
Regulator Contact: You may have the right to contact or file a complaint with regulators or supervisory authorities about our processing of Personal Information. To do so, please contact your local data protection or consumer protection authority.
Postings by Minors: Users of our Services under the age of 18 in certain jurisdictions have the right to require that we delete any content they have posted on one of our Services.
Other: You may have the right to receive information about the financial incentives that we offer to you, if any. You may also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights.

If you believe that you have specific rights under your jurisdiction and you would like to exercise any of these rights, please submit a support request through our Site or email us at privacy@capti.com. Other than marketing opt-out you will be required to verify your identity before we fulfill your request. In certain jurisdictions, you may be able to designate an authorized agent to make a request on your behalf, subject to certain requirements of your applicable law. We may require that you provide the email address we have on file for you (and verify that you can access that email account) as well as an address, phone number, or other data we have on file, in order to verify your identity. If an agent is submitting the request on your behalf, we reserve the right to validate the agent's authority to act on your behalf, and we may be required to take additional verification measures under applicable law.

Important Information for European Union and United Kingdom Users

If you are a user from the European Union or United Kingdom you should be aware that we are the controller of your Personal Information (Data Controller) under the EU General Data Protection Regulation ("GDPR"), the UK General Data Protection Regulation ("UK GDPR"), and such similar laws promulgated in the various EU countries.

You may have certain additional rights regarding your Personal Information (as defined in the GDPR and UK GDPR, for instance), including the right to:

access your information;
rectify your information if it is incorrect or incomplete;
have your personally identifiable information erased ("right to be forgotten") if certain grounds are met;
withdraw your consent to our processing of your information at any time, if our processing is based on consent;
object to our processing of your information, if our processing is based on legitimate interests;
object to our processing of your information for direct marketing purpose; and
receive your information from us in a structured, commonly used, and machine-readable format, and
the right to transmit your information to another controller without hindrance from us (data portability).

There is no charge for any of these requests. To make a request, please contact us at privacy@capti.com. We try to respond to such requests in a timely manner, but in no event longer than one month.

When we collect your Personal Information, we maintain and store it for as long as we determine reasonably necessary to provide our Services to you, unless you exercise your right to erasure described above, or to comply with applicable legal requirements.

If you are a citizen of the European Union or United Kingdom, when we process your Personal Information, we will only do so in the following situations:

We have a contractual obligation.
You have provided your consent. You are able to remove your consent at any time, and you may do this by contacting us at privacy@capti.com.
We have a legal obligation.
We have a legitimate interest in processing your Personal Information. For example, we may process your Personal Information to send you marketing communications, relevant content, products or events invitations, or to communicate with you about changes to our Services, and to provide, secure, and improve our Services.

You should be aware that Personal Information that you provide to us may be transferred out of the country in which you reside to servers in a country that may not guarantee the same level of protection as the one in which you reside. We do this for a legitimate business purpose in providing the Services as permitted under UK and EU privacy laws, and therefore specific consent is not required under the EU and UK legal schema. Nevertheless, out of abundance of caution, we are asking for your consent, especially when it comes to processing the data of minor children. We will take all steps reasonably necessary to ensure that your Personal Information is treated securely in accordance with this Privacy Policy, and no transfer of your Personal Information will take place to a third party unless there are adequate controls in place to protect your Personal Information and/or you have provided contractual consent by becoming a client.

If you are a user in the European Union or United Kingdom and have a concern about our processing of personal information that we are not able to resolve, you have the right to lodge a complaint with the data privacy authority where you reside. For contact details of your local Data Protection Authority, please see: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.

Information for California, Colorado, Connecticut, Utah and Virginia Residents

Various U.S. states (e.g., as of the date of this Policy, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah and Virginia) allow consumers to opt out of sharing of their data. As such, residents of those states may request that the Company:

Disclose the sources, categories, and specific pieces of personal information we have collected about them, how that information is used, and with whom the Company shares it
Disclose the purpose for collecting personal information
Disclose the categories of third parties with whom the Company shares personal information
Delete/rectify/restrict their personally identifiable information, subject to certain exceptions (right of rectification not applicable to Utah residents)
Though not specifically applicable to this Company, to disclose, for any "sales" of personal information, the categories of personal information collected and sold and to what categories of third parties it was sold
Though not specifically applicable to this Company, to opt them out of sales of their personal information (if any) or subject certain personal information to automated decision-making algorithms (not applicable to Utah residents)
Provide a copy of their personal information in a readily usable format that allows the information to be transmitted to others
Residents in these states may not be discriminated against for exercising any of the rights described above.

U.S. residents may exercise these rights by contacting the Company at privacy@capti.com. In general, we collect the following California regulated categories of Personal Information from you:

Category	Examples	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.	YES
B. PI categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some PI included in this category may overlap with other categories.	YES
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	YES
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	NO
K. Inferences drawn from other PI.	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	YES

Sharing Your Personal Information for a Business Purpose

Category A: Identifiers.
Category B: California customer records Personal Information categories.
Category C: Protected classified characteristics.
Category F: Internet or other similar network activity.
Category H: Sensory data
Category J: Non-public education information
Category K: Inferences drawn from other PI

Opt-Out of Sale in U.S.

Marketing and Advertising Rights in U.S.

Opt-out of Marketing: All individuals have the right to opt-out of receiving marketing communications from Capti at any time. You may exercise your choices regarding marketing communications by clicking on the "unsubscribe" link in emails we send you, or you can please submit an email to privacy@capti.com.
Direct Marketing: California residents and residents of certain other states may have the right to request a list of Personal Information we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year.
No Marketing to Children. We do not do any marketing to children.

13. What data security measures do we take?

We have reasonable safeguards to help prevent unauthorized access to, disclosure of, or misuse of your Personal Information. However, we cannot guarantee that your Personal Information will never be shared or otherwise processed in a manner inconsistent with this Privacy Policy (for example, as a result of unauthorized acts by third parties that violate applicable law or our Terms of Service).

If you register for a membership with any Services we offer, you will be asked to select a password to help protect your Personal Information. These passwords help us verify your identity before granting access or making corrections to any of your Personal Information. You should never share your password with anyone. The Company will never ask you for your password in a phone call or email. You are responsible for maintaining the secrecy of your passwords and any account information. We also offer for your convenience single sign-on via various Service Providers, including Google, Clever, ClassLink, Schoology, Canvas Blackboard, etc.

When subscribing to certain Services you also provide your credit card information. It is transmitted using Secure Sockets Layer (SSL) technology to help prevent unauthorized access or misuse of that information. (PCI-compliance requires following the Transport Layer Security 1.2 rules.) SSL is the standard security technology for establishing an encrypted link between a web server and a browser. Make sure you see a full "lock" symbol and https in the status bar of your browser. Browsers like Firefox 123 and above, Google Chrome 122 and above, Safari 16 and above employ some version of the lock symbol to indicate security. If the lock symbol is not visible, do not enter any information. Direct any issues or concerns to our support community for further guidance at privacy@capti.com.

Finally, the computers/servers in which we store Personal Information are kept in a secure environment. However, please note that to the extent your Personal Information is shared with a Service Provider or other third party, we cannot guarantee, nor will we be responsible for, the security measures of those third parties.

14. How should you track changes to this Privacy Policy?

We may update this Privacy Policy from time to time. If we do, we will post the updated Privacy Policy on our Site and update the "Last Updated" date at the top of this Privacy Policy. Your continued use of our Services after we post any such updates constitutes your acceptance of the Privacy Policy as updated.

15. Where should you direct questions to us about this Privacy Policy?

If at any time you have questions or concerns about our privacy practices in general or this Privacy Policy in particular, please feel free to contact us by sending an email to privacy@capti.com or contacting us at PO Box 896, Buffalo, NY 14205.

Privacy Notice for Children Under the AGE of 13

Updated May 27 2025

The Children's Online Privacy Protection Act of 1998 and its rules (collectively, "COPPA") require us to inform parents and legal guardians (as used in this [policy/section], "parents") about our practices for collecting, using, and disclosing personal information from children under the age of 13 ("children"). It also requires us to obtain verifiable consent from a child's parent for certain collection, use, and disclosure of the child's personal information.

The types of information we may collect from children.
How we use the information we collect.
Our practices for disclosing that information.
Our practices for notifying and obtaining parents' consent when we collect personal information from children, including how a parent may revoke consent.
All operators that collect or maintain information from children through the Sites.

This policy only applies to children under the age of 13 and supplements our Capti Global Privacy Policy. Only our general privacy policy applies to teens and adults.
Terms that are defined in the general privacy policy have the same meanings as used in this Privacy Policy for Children Under the Age of 13.

1. Information We Collect from Children

2. Information We Collect Directly

3. Automatic Information Collection and Tracking

We use technology to automatically collect information from our users, including children, when they access and navigate through the Site and use certain of its features. The information we collect through these technologies may include:

One or more persistent identifiers that can be used to recognize a user over time and across different websites and online services.
Information that identifies a device's location (geolocation information).

We also may combine non-personal information we collect through these technologies with Personal Information about you or your child that we collect online.

For information about our automatic information collection practices, including how you can opt out of certain information collection, see the "What information do we collect automatically about you?" section of our general Privacy Policy.

4. How We Use Your Child's Information

We use the personal information we collect from your child to:

Register him or her with the Services.
Communicate with him or her about activities or features of the Services that may be of interest.
Track his or her performance in games and other activities.

We use the information we collect automatically through technology (see Automatic Information Collection and Tracking) and other non-personal information we collect to improve our Services and to ensure that it performs as expected.

5. Our Practices for Disclosing Children's Information

We do not share, sell, rent, or transfer children's personal information other than as described in this section.

We may disclose aggregated information about many of our users, and information that does not identify any individual or device. In addition, we may disclose children's personal information:

To third parties we use to support the internal operations of our Services and who are bound by contractual or other obligations to use the information only for such purposes and to keep the information confidential.
If we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request.
If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Charmtech Labs LLC, our customers or others, including to:
protect the safety of a child;
protect the safety and security of the Services; or
enable us to take precautions against liability.
To law enforcement agencies or for an investigation related to public safety.

In addition, if Charmtech Labs LLC is involved in a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Charmtech Labs LLC's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding or event, we may transfer the personal information we have collected or maintain to the buyer or other successor.

6. Social Media and Third-Party Plug-ins

Our Services may include social media features, such as the Facebook "Like" button, and widgets, such as the "Share This" button or interactive mini-programs that run on our Services. These features may collect your IP address, which page you are visiting on our Services, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Services. Your interactions with these features are governed by the privacy policy of the company providing it.