M4TTBIT
Privacy & Data Policy Cookie Preferences

PRIVACY & DATA POLICY

Introduction

As M4TTBIT, I believe that your privacy is as important as the games and tools I build. I created this policy to explain exactly what information my site collects, how it keeps data safe, and how it protects children.

My main rule is simple: Only collect the minimum amount of info needed to make the site, games, and tools function. I do not sell your data, I do not use it for ads, and I do not use your chat messages to train AI models.

Section 1: Children’s Privacy (COPPA)

This section explains how I protect children under the age of 13.

  • Neutral Age Gate: Before anyone can sign up for my AI chat, they must enter their birth year. I don't guess or pre-fill this for you.
  • Registration without Email: Children can sign up using just a Nickname and a Password. I don't require an email address for kids to use the site.
  • Parental Consent: If a user is under 13, a parent or guardian must provide consent before the account is activated. This involves a parent verifying their identity so I know the permission is real.
  • PII Scrubbing: I use an automated "scrubber" that removes names, emails, and phone numbers from chat messages before they are processed by my AI tools.

Section 2: School & Student Privacy (FERPA)

For schools and districts using my tools, I follow the Family Educational Rights and Privacy Act (FERPA).

  • Direct Control: I acknowledge that schools and districts "own" the student data. I act as a "School Official" under their direct control.
  • No Data Mining: I do not use student data to build marketing profiles or for any purpose other than providing educational services.
  • NDPA Ready: I am willing to sign the National Data Privacy Agreement (NDPA) and support "Exhibit E" to make it easy for school IT departments to approve my site.

Section 3: Data Security & Rights (Indiana ICDPA)

In compliance with the Indiana Consumer Data Protection Act, I provide the following protections:

  • Strong Encryption: I store data using AES-256 encryption (like a digital vault) and send data using secure TLS 1.3 connections.
  • 72-Hour Breach Notice: If I ever discover that data has been accessed without permission, I will notify the affected school or user within 72 hours.
  • AI Safety: My AI tools (Google Gemini API) are configured for "Enterprise" privacy, meaning your messages are not used to train global AI models.

Section 4: The Data Map (What's Collected)

What's collected How it's obtained Why it's needed How long it's kept
Nickname / ID You type it in To let you log back in Until you delete your account
Birth Year Age Gate To follow child safety laws Until you delete your account
Chat Messages You type them To let the AI answer you Deleted immediately after use
IP Address Automatic To keep the site secure 90 Days
Contact Info Contact Form To reply to your emails Until the issue is resolved

Section 5: Your Rights

You have the right to see any data I have about you or your child and ask me to delete it. To make a request, or if you have any questions, please email me at: contact@m4ttbit.dev