Privacy Policy

Last updated: June 11, 2026

ReDirect ("we", "us") is an iOS app that lets parents gate apps on a child's iPhone behind short learning sessions. This policy explains what information we collect, why we collect it, and how it is used.

Information we collect

• Parent account. Email address and a hashed password, used to authenticate the parent.
• Child profile. The display name and grade level the parent enters for each child. No child email, phone number, or real-world identifier is required.
• Learning activity. Which passages a child has read, quiz attempts and scores, earned breaks, and screen-time balance.
• Device tokens. An Apple Push Notification Service (APNs) token per device, used to deliver background pings and parent alerts.

Information we do not collect

• Location, contacts, photos, microphone, or camera data.
• Browsing history or data from inside the apps a child unlocks.
• Advertising identifiers. We do not track users across other apps or websites.
• Health, fitness, or financial data.

Apple Screen Time data

ReDirect uses Apple's Family Controls, Managed Settings, and Device Activity frameworks to shield and unshield selected apps. The set of shielded apps is chosen by the parent through Apple's own FamilyActivityPicker and is stored only on the device. We never receive the identities of the apps the parent selected or any data from inside those apps.

Third parties

• Google Gemini API. Passage text is sent to Google's Gemini API to generate fresh comprehension questions. No parent email, child name, or other identifying information is included in these requests.
• Apple Push Notification Service. Receives standard device tokens for the limited purpose of delivering notifications.
• Book sources. Public-domain books are fetched from Project Gutenberg and a third-party Gutendex mirror. These requests contain no user information.

How information is stored

Account, child, and learning-activity data is stored in our backend database, accessed only over HTTPS. Authentication uses JSON Web Tokens. Passwords are stored only as hashes — we cannot recover a forgotten password and can only reset it.

Data retention and deletion

Data is retained while the account is active. To delete an account and all associated child profiles, learning activity, and device tokens, email support@redirectscreentime.org from the email address on the parent account. We will delete the account within 30 days of receiving a verified request.

Children's privacy

ReDirect is intended to be set up by a parent or legal guardian on their child's device. We collect only the minimum information needed to run the learning loop (display name, grade level, learning activity). We do not knowingly create accounts for children directly and we do not sell or share children's data.

Changes to this policy

If this policy materially changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify parents in the app.

Contact

Questions about this policy: support@redirectscreentime.org.