Skip to main content
HeyOtto Logo
Get Started

COPPA Compliance — Children's Privacy Policy & Data Practices

What COPPA compliance means in practice COPPA — the Children's Online Privacy Protection Act — requires platforms serving children under 13 to meet strict standards around data collection, parental consent, and privacy. The FTC's 2025 amendments, now in effect, raised the bar significantly.

Here's what compliance actually requires, and what HeyOtto does:

  • Verifiable parental consent before collecting child data: Every child account requires a verified parent account
  • No targeted advertising without explicit opt-in consent: HeyOtto has no advertising model. Zero.
  • Written data retention policy — delete data when no longer needed Published. Parents can delete all data instantly from the dashboard.
  • Written information security program for children's data: AES-256 encryption in transit and at rest
  • No selling or sharing children's data with third parties: Never. No exceptions.
  • Biometric data protected as personal information: HeyOtto does not collect biometric data
  • Parent access, correction, and deletion rights: Full control in the parent dashboard

We go further than the law requires

COPPA protects children under 13. HeyOtto extends the same privacy standards to every user on the platform — including teens ages 13–18.

  • No advertising at any age. No behavioral profiling, no ad targeting, no data selling — for any user.
  • Conversations are never used to train AI models. We use zero-training, zero-retention APIs. Your child's words stay private.
  • Parents see everything. Full conversation history for all child accounts, regardless of age.
  • KORA benchmark: 95%. The only independent child AI safety evaluation in existence. See the results →

For schools and administrators

HeyOtto is appropriate for classroom and school use. If you're evaluating HeyOtto for a pilot program or institutional deployment, our privacy practices are designed to meet the standards schools require.

Contact us about school access →

Questions about our privacy practices

Privacy policy →

Trust center →

Safety architecture →

Contact our privacy team →


This page reflects HeyOtto's compliance with the FTC's COPPA Rule as amended effective April 22, 2026. This is not legal advice. For compliance questions specific to your organization, consult qualified legal counsel.