Numics Privacy Policy

Last updated: May 9, 2026 · Version: 1.0

1. Who we are

Numics is an AI-powered tutoring app for grades 6–12 + AP. This policy describes what information the app collects, how it's used, who it's shared with, and the choices you have. By using Numics you agree to the practices described below.

Contact: johniverson@yahoo.com.

2. Summary

We collect the minimum data needed to teach: a name, grade, email, and the conversations the student has with the AI tutor (Kai).
Conversations — including any text, voice transcripts, photos, or handwritten work the student sends — are processed by third-party AI providers (Anthropic, ElevenLabs) so Kai can respond.
We use Supabase to store account data and session history, RevenueCat to handle subscriptions, and PostHog to understand how the app is used in aggregate.
Camera, microphone, and photo-library access only run when the student explicitly initiates the corresponding feature.
Engagement sensing (the optional on-device feature that watches for signs of confusion) runs entirely on the device. Only a single per-session engagement score is stored.
We do not sell personal information.

3. Information we collect

3.1 Information you provide

Account info: name (or display name), email address, grade level, subject preferences. Collected during onboarding and editable in Settings.
Authentication: magic-link tokens emailed to you at sign-in. We never see or store your email password (we don't issue passwords).
Subscription state: whether your account has an active premium subscription, the product purchased, and the billing platform's transaction identifiers. Payment card numbers are handled by Apple In-App Purchase / RevenueCat — we do not see them.

3.2 Information generated while using the app

Tutoring conversations: the student's typed, spoken, photographed, or handwritten input, plus Kai's text and audio responses. Stored under your account so you can resume sessions.
Concept & mastery data: which curriculum bands and concepts have been taught and at what mastery level. Used to drive the Progress tab and spaced-repetition scheduling.
Engagement score: if you enable engagement sensing, one summary score per session indicating how engaged the student appeared. The underlying camera/microphone analysis runs on-device and is not uploaded; only the score is stored.
Product analytics: events such as "session started", "concept tapped", "sim opened" along with anonymous app metadata (app version, device type, locale). See section 4.4.

3.3 Information collected automatically

Device identifiers needed by the operating system, App Store, and crash reporting (e.g. an anonymized installation ID assigned by PostHog).
Approximate language / locale.

3.4 Information we do not collect

Precise location.
Contacts, calendar, health, or financial data.
Camera or microphone data outside the moments the student explicitly takes a photo, dictates, or uses handwriting input.

4. Third-party processors

We rely on the providers below to deliver the app. Each receives only the data necessary for its function. None of them are authorized to use Numics data to train their general-purpose models.

Processor	What we send	Why
Supabase (database + auth)	Account profile, magic-link auth, session messages, concept mastery, engagement score.	Storage and authentication. Hosted in the EU/US region per your Supabase project configuration.
Anthropic (Claude API)	The student's text input, voice transcripts, photos taken in the app, and PencilKit handwriting; the system prompt; prior turns of the same conversation.	Generates Kai's tutoring responses. Anthropic processes requests to produce the response and per their API terms does not use API content to train their general models.
ElevenLabs (text-to-speech)	The text Kai speaks aloud (a cleaned version of the response, with math notation rewritten for natural speech).	Generates Kai's voice audio. Audio is streamed to the device and not retained client-side beyond the playback session.
RevenueCat (subscription orchestration)	Apple receipt data, anonymized user ID, entitlement state.	Validates In-App Purchase receipts and tracks subscription status. We never receive payment card numbers; Apple handles billing.
PostHog (product analytics)	Product event names + properties (e.g. "session_started", "subject:math"), app version, device type, anonymous installation ID. We do not send conversation contents.	Helps us understand which features are used so we can improve the app. Self-hostable; configure region in your PostHog project settings.
Apple (operating system)	App Store / App Store Connect data, push notification tokens (if enabled), crash logs (if enabled by you in iOS Settings).	App distribution and platform integration.

4.1 On-device processing

The following run on the device and do not transmit raw audio or video to any server:

Speech recognition for voice dictation (SFSpeechRecognizer). Apple may handle dictation on-device or via Apple's servers depending on the device and language; see Apple's privacy documentation.
Engagement sensing (when enabled). All audio / vision analysis is performed on-device. Only a single engagement score per session leaves the device.

4.2 Camera and microphone

Camera access is requested only when the student taps the camera button in the chat input bar. Photos are resized on-device, JPEG-encoded, and sent as a Claude API attachment so Kai can read the math, equation, or diagram and respond. Photos are not retained outside the conversation transcript stored under your account.

Microphone access is requested only when the student starts voice dictation. The transcribed text (not raw audio) is sent to Anthropic as part of the conversation. ElevenLabs audio playback uses the device speaker only.

4.3 Photo library

If the device's camera is unavailable, the camera button falls back to the photo picker. Only the photo the student explicitly selects is uploaded; we do not enumerate the library.

4.4 Analytics scope

Product analytics events are intentionally narrow: which subject was opened, which concept was tapped, which simulation was viewed, session duration, app version, and similar interaction signals. We do not send the contents of conversations, photos, voice transcripts, or handwriting strokes to PostHog.

5. Children & COPPA

Numics is intended for students in grades 6–12, which spans ages roughly 11–18. Some users will be under 13.

For users under 13 we comply with the Children's Online Privacy Protection Act (COPPA). We collect only what's needed to provide the tutoring service and we do not knowingly use children's data for behavioral advertising or sell it to third parties.
Where a school district or guardian establishes the account on the child's behalf under a school agreement, that agreement governs verifiable parental consent.
Parents/guardians can request deletion of a child's account and associated data at any time by emailing the contact address above. We will delete or de-identify the data within 30 days of a verified request.
Parents can review the data associated with a child's account by requesting an export through the same contact address.

6. How long we keep data

Account data: until you delete your account.
Conversation transcripts: until you delete your account or use the in-app "Delete history" control (when present).
Engagement scores & mastery data: kept while your account is active to drive the Progress tab; deleted with the account.
Analytics events: retained according to PostHog's default retention (typically 7 years) unless you've configured a shorter window in your PostHog project.
Subscription/billing records: retained as required by tax and accounting law (typically 7–10 years), held primarily by Apple and RevenueCat.

7. Your choices & rights

Edit profile: change your name, grade, or enabled subjects in Settings at any time.
Engagement sensing: turn it off in Settings → Privacy. When off, no engagement analysis runs, and no engagement scores are stored.
Microphone & camera: revoke permission in iOS Settings → Numics at any time. The corresponding features will simply stop working.
Subscription: manage or cancel via Apple Settings → Subscriptions.
Sign out: Settings → Sign out.
Account deletion: email the address above to request full deletion. We'll confirm and process within 30 days.
Right to access / correct / port / delete (under GDPR, CCPA, and similar laws): contact the address above. We respond within the deadlines those laws require.
Do Not Sell / Share (CCPA): we do not sell or share personal information for cross-context behavioral advertising.

8. Security

We use TLS for all network requests, Supabase Row-Level Security to isolate per-user data, and standard iOS Keychain storage for any device-side credentials. No system is perfectly secure, but we follow industry-standard practices for protecting personal data and will notify affected users in the event of a confirmed breach as required by applicable law.

9. International transfers

Depending on the configuration of our processors, data may be processed in the United States, the European Union, or other regions. Where required, transfers rely on Standard Contractual Clauses or comparable safeguards.

10. Changes to this policy

We may update this policy as the app changes. Material changes will be flagged in-app or by email before they take effect. The "Last updated" date at the top reflects the current version.

11. Contact

Questions, requests, or COPPA-related contact: johniverson@yahoo.com.