EOG PracticeEOG Practice

Privacy

EOG Practice is built for a parent and their kid. Privacy is taken seriously here because the product is meant for families and because much of the data is about minors.

What we collect

From the parent: an email address and a password (stored as a salted hash — the actual password is never stored). The email is used to sign in and to recover the account.

From the kid (entered by the parent when adding the kid): a display name, a username, and a password. The kid’s password is also stored as a salted hash. The display name and username are used to identify which kid is signed in. We never ask for a kid’s real name, address, school, birthdate, or contact information.

From normal use: which questions a kid answered and when, the kid’s answer, whether it was correct, the standard the question is aligned to, and the reward posters the kid creates (the theme, style, and free-text seed they pick, plus the AI-generated image). We also temporarily keep an IP address in memory to rate-limit logins and posts; it is not written to the database.

Why we collect it

The parent email and password let the parent sign in and let us scope a kid’s account to a single household. Kid usernames and passwords let kids practice without a parent re-typing credentials each session. Practice attempts are what produce the per-standard progress that the parent dashboard shows. Posters are the kid’s reward and only exist because the kid practiced.

Who has access

Only the operator (the dad behind this app — see About) has access to the database. We don’t sell your data. The only third-party advertising relationship is Google Ads conversion tracking — described below — and it is scoped to parent-facing marketing pages only, never to the kid practice flow.

Third parties we use

OpenAI.We send prompts to OpenAI to generate practice questions and reward poster images. The prompts include the standard being practiced and (for posters) the kid’s theme/style/free-text seed. The prompts do notinclude the parent email, the kid’s username, the kid’s display name, or any account identifiers. OpenAI’s use of inputs is governed by their privacy policy.

Vercel hosts the app and serves the pages. Neon hosts the Postgres database where account info, attempts, and posters are stored. Both are reputable infrastructure providers under their own privacy policies.

Stripe processes payments for paid subscriptions. We never see or store your card number — Stripe does. We store only the Stripe customer and subscription identifiers tied to your parent account.

Google Ads. On parent-facing marketing pages (the homepage, grade landing pages, signup, login, upgrade, and account) we load Google’s gtag.js so that ad clicks that lead to a paid subscription can be attributed to the campaign that produced them. Google sees the URL you visited, your IP address, and a Google Ads click identifier (gclid) if one is present. Conversion events fire only on the post-checkout success page and include the Stripe checkout amount and a Stripe session id. Google Ads is notloaded on the kid practice pages, on quiz screens, or on any page once a kid is signed in. Google’s use of this data is governed by their privacy policy.

PostHog. We use PostHog to count product events — page views, signups, kid-profile creation, practice-session starts/completions, poster reveals, paywall views, checkout starts, and purchases — so we can see where new visitors drop off in the funnel. Event payloads contain numeric account and kid identifiers, never email addresses, kid display names, or usernames. Autocapture, heatmaps, and session replay are all disabled — only the specific events listed above are recorded. PostHog is notloaded on the kid practice pages or on any page where a kid is signed in; kid-engagement events (questions answered, poster pieces revealed, sessions completed) are recorded server-side from our own APIs so the kid browser never contacts PostHog. PostHog’s use of this data is governed by their privacy policy.

Cookies

Our own cookie: an HttpOnly, SameSite=Strict session cookie that keeps you signed in for 30 days.

Google Ads cookies (only on parent-facing marketing pages, never in the kid practice flow): _gcl_au and _gcl_aw, used by gtag.js to remember whether you arrived from a Google ad so a later subscription can be attributed to the right campaign. These are first-party cookies on eogpractice.com and are not used to build a cross-site advertising profile from this site.

PostHog cookie (only on parent-facing pages, never in the kid practice flow): ph_*_posthog, used to assign a random identifier so anonymous events captured before signup stitch to your account after you sign up. It is a first-party cookie on eogpractice.com and is not used to build a cross-site advertising profile.

Kids and COPPA

Kid accounts can only be created by a signed-in parent through their own parent account. The parent provides the kid’s display name, username, and password — that’s the entire kid profile. By creating a kid account on EOG Practice, the parent confirms they are the kid’s parent or legal guardian and consents to the collection described on this page.

Google Ads conversion tracking does not run on any kid-facing screen. It is loaded only on parent-facing marketing and account pages (homepage, grade landing pages, signup, login, upgrade, account). Once a kid signs in and starts practicing, no Google scripts are loaded and no Google cookies are read.

Google Ads gtag.js is deliberately not loaded on kid practice pages, quiz screens, reward pages, or any page once a kid is signed in. Advertising/conversion tracking is scoped to the parent-facing marketing and account pages only.

A parent can delete a kid account at any time, which removes all of that kid’s sessions, attempts, and posters.

Data retention and deletion

We keep account data while the account is active. To delete an account, email support@eogpractice.com from the parent email on file. When a parent account is deleted, all linked kid profiles, sessions, attempts, and posters are removed.

Security

Passwords are stored as bcrypt hashes. Session tokens are signed and stored in HttpOnly cookies with SameSite=Strict. State-changing requests check the request origin to defend against cross-site forgery. None of this guarantees perfect security — no system is airtight — but those are the practical safeguards in place.

Changes

If this policy changes in a way that affects what is collected, how it’s used, or who it’s shared with, we’ll announce the change in-product before it takes effect.

Privacy questions or deletion requests: support@eogpractice.com.