Early Bird Special — save up to 38% during launch. Limited time.
MyzoGet started

Legal · Last updated 2026-06-05

Privacy Policy

DRAFT — placeholder copy pending legal review before launch. Do not treat as the final agreement.

Myzo is a homework focus app built for kids and the parents who support them. We treat your family’s information as something we hold in trust, not something we monetize.

This policy explains what we collect, how we use it, what we don’t do with it, and the rights you have over it. For details specifically about data we collect from children under 13, see our Children’s Privacy Notice.

What we collect

Account information. When a parent creates a Myzo account, we collect an email address and a password (hashed at rest). Optional: a display name and avatar.

Children’s profiles. Parents may add up to three child profiles per family. Each child profile stores a first name (or nickname), age range, and the homework / task data the child enters themselves. No child email addresses, no photos.

Usage data. Aggregated and anonymized usage metrics for understanding which features are working. No cross-family or behavioral profiling.

Subscription / payment. Handled by our payment processor (Paddle) — Myzo itself never sees full card details.

What we don't do

No ads. No data resale. No tracking pixels for advertisers.

No cross-site tracking. No sharing of child data with third parties, ever, for any purpose other than the strictly limited operational vendors described below.

Service providers we use

Myzo runs on a small set of carefully chosen vendors:

  • Supabase — database, authentication, and file storage. Data is encrypted at rest and in transit.
  • Cloudflare — content delivery and the hosting layer for this website and our APIs.
  • Paddle — subscription billing and receipts. They process payment information; we receive only metadata (plan, status, renewal date).
  • Resend — transactional emails (password reset, receipts). Marketing email is opt-in only.
  • PostHog — anonymized product analytics. We disable behavioral profiling and never tie analytics events to individual children.

How we keep it safe

All data is encrypted in transit (HTTPS / TLS) and at rest. The Myzo database uses Row Level Security so no family can read or modify another family’s data. We never expose service-role keys to client apps. Access to production systems is restricted to a small number of trained operators.

Your rights

You can review, export, correct, or delete any data we hold about your family at any time. The fastest paths:

  • In the parent app: Settings → Account shows what we hold and gives you export / delete buttons.
  • By web: visit our Account Deletion page for the no-app-required deletion flow.
  • By email: privacy@getmyzo.com.

Deletion removes your family record and cascades to every child profile, task, score, reward, and session tied to it. We complete deletions within 14 days.

Changes to this policy

If we materially change how we handle data, we’ll email every active account and post the new policy here with the updated date at the top.

Contact

Privacy questions: privacy@getmyzo.com.