Privacy Policy

Last updated: April 24th, 2019

Your Child’s Data

The following data is collected and stored on a secure database by Wordful Vocab Tracker:

Your email address
Your child’s first name
A “blurred” version of your child’s birthdate, within a week of their actual birthday.
The vocabulary data that you provide

Once you sign in to the app, the app may read or change these values changed in the database. Otherwise, pnly developers on the Wordful Vocab App team can inspect the contents of this database. Your email constitutes personally identifiable information for you as a user. If your child has an uncommon first name, this may constitute PII for your child, especially in combination with their birthdate.

When you add a photo to your child’s account, it is stored exclusively on your phone or tablet, and is not transmitted to the server at any time. If you sign in on another device or delete the app, you will need to supply the app with a new image . If you share your child’s account with another user, that user will need to add a photo on their phone or tablet. In all cases, Wordful will continue to function if you choose not to supply a photo.

Demographic and Vocabulary Data

We retain de-identified (see Glossary) demographic information collected when a child is added, as well as all data regarding vocabulary. We collect this information to support academic research into early child language development. This de-identified data is stored in a database that can only be accessed by verified researchers who agree to our Terms of Data Access. Access to this data can be revoked from a researcher at any time for noncompliance with the Terms of Data Access.

Third Party Services

In order to provide its core functionalities, Wordful makes use of the following 3rd-party services:

Google Cloud Services provides Wordful Vocab Tracker with the user account functionality (i.e., the login system). Firebase, a Platform-as-a-Service product offered by Google Cloud Services, stores the following information in order to provide account functionality:

Your email
Your Wordful password. Note that the developers on the Wordful team can reset this, but not view it. Also note that Google Cloud Services does not store your password, but rather a one-way hash of your password (see Glosssary).

Firebase additionally stores:

A “blurred” version of your child’s birthdate
Your child’s first name
The demographic information you supply
Any vocabulary data you provide.

This data can only be viewed by developers on the Wordful Team, and requires multifactor authentication through Firebase.

Sentry provides Wordful with advanced error reporting in case there’s a bug in the code. Sentry may collect your IP address and details regarding your phone’s hardware. Only developers in the Wordful team have access to this information. Only developers on the Wordful Team have access to these logs, and must log in with multifactor authentication.

PaperTrail provides Wordful with advanced logging, again to help us track down bugs and other issues. Papertrail may retain anonymized records regarding your engagent with the app. Only developers on the Wordful Team have access to these logs, and must log in with multifactor authentication.

Glossary

personally identifiable information (PII): information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Examples include your name or birthdate.
de-identification: the removal of personally-identifiable information while keeping the uniqueness and relations among records. As an example from Wordful, the child “Tabitha” belonging to the user “smeylan@berkeley.edu” is stored as “child452” belonging to “user316”.
one-way hash: A cryptographic transformation of sensitive data that turns an email, password, or other text into an apparently random string. The random string cannot be transformed back into the text, but other text can be transformed and checked against previously hashed strings. If someone a malicious actor gains access to the hashed passwords, they must also have access to this hash function in order to recover the “plain-text” usernames or passwords.