Privacy Policy

Controller: GPT Ground ApS, Enighedsvej 44, 2920 Charlottenlund, Denmark · [email protected]

1. Introduction

GPT Ground ApS ("GPT Ground", "we", "us") operates Ground AI, a learning-focused artificial intelligence assistant designed for children with parental oversight.

We comply with GDPR, UK GDPR, COPPA (where applicable), and EU consumer law.

2. Who This Applies To

  • Parents or guardians who create accounts
  • Children aged 6–17 using Ground AI under parental supervision

3. Information We Collect

Parent Information:

  • Email address
  • Password (hashed)
  • Billing information (processed via Stripe)
  • Country
  • Consent records

Child Information:

  • Nickname
  • Birth month and year
  • Chat messages
  • AI responses
  • Safety moderation flags

Technical Information:

  • IP address (security logging)
  • Device/browser information
  • Usage logs

Google Analytics is used only for parent dashboard navigation and never for child chat activity. IP anonymisation is enabled and advertising features are disabled.

4. How We Use Personal Data

  • Provide AI responses
  • Apply age-based safeguards
  • Monitor unsafe content
  • Enable parental oversight
  • Process payments
  • Maintain security

We do not sell personal data, use it for advertising, profile children, or train AI models on child conversations.

5. Legal Basis

Parents: Article 6(1)(b) — contract; Article 6(1)(c) — legal obligation; Article 6(1)(f) — security interests.

Children: Article 6(1)(b) — service performance; Article 8 — parental authorisation; Article 6(1)(f) — safety and integrity.

6. Data Retention

Chats are automatically deleted:

  • Ages 6–9: 30 days
  • 10–12: 60 days
  • 13–15: 90 days
  • 16+: 180 days

Parents may delete accounts at any time. Billing records are retained as legally required.

7. International Transfers

Processors: OpenAI, Stripe, SendGrid, Google Analytics, DigitalOcean.

Safeguards include Standard Contractual Clauses and encryption.

8. Children's Privacy (COPPA)

For U.S. children under 13:

  • Parental verification required
  • Parents may review, delete, export data
  • Consent may be withdrawn

9. Data Security

  • TLS encryption
  • Encryption at rest
  • Access controls
  • Audit logging

10. Parental Rights

Parents may access, correct, delete, export, restrict, or object to processing. Contact: [email protected]

11. Data Breach Notification

We notify authorities and users when legally required.

12. Changes

Material updates will be communicated via email or in-app.

13. Contact

Privacy: [email protected] · Safety: [email protected] · Support: [email protected]

← Back to home