Privacy Notice for Parents

Last Updated: January 17, 2026

This Privacy Notice for Parents ("Notice") is intended to help parents and legal guardians ("you" or "your") understand what data we may collect from children under 13 who use our Services, why we collect it, what we do with it, and your privacy controls. This Notice provides information about our privacy practices that are specific to children, summarizing and supplementing our main Privacy Policy. Capitalized terms that are not defined below have the same meaning as stated in the Privacy Policy. If there is a discrepancy between this Notice and our Privacy Policy, this Notice supersedes.

We strive to educate parents and children about how to safeguard their privacy when using our Services. We are committed to complying with the Children's Online Privacy Protection Act of 1998 ("COPPA"), which requires us to notify a parent or legal guardian directly about our data practices before collecting individually identifiable information from a child under the age of 13 online, as defined by COPPA ("Children's Information"). COPPA also requires that we obtain parental consent before we allow children to use our Services. We urge children to check with their parents before using our Services, and we encourage parents to communicate safe practices with their child about sharing information online with anyone they don't know.

This Notice does not apply to Users in the EU or UK. For information about specific practices and rights applicable to such children under 13 or the age of digital consent in your region, whichever is higher, please refer to our European Data Privacy Addendum.

Please note, this Notice does not restrict our ability to process data that does not identify an individual child, such as aggregated or de-identified information, or data that was not collected from a child, for example, information disclosed by a Provider in connection with the provision of HIPAA-regulated art therapy services to a child. If you have questions or concerns about such information, please contact your child's Provider directly.

What Children's Information Do We Collect?

While individuals under the age of 18 cannot register for an Account, we may still collect some Children's Information.

When children access our Website, we may automatically collect Children's Information from their device, such as an IP address (to infer device location at the state level only), browser type, and other device attributes. We do not use cookies or pixel tags to track your child's online movements.

We do not collect Children's Information like a name, home address, or online contact information, such as an email address, from children unless they voluntarily chose to disclose such information while using our Services. Some Session Features allow your child to disclose Children's Information to us, other Participants, and the Host during a Session. For example, by using the Audio and Video Conferencing features, children may share their image and voice. By using the Chat Messaging feature, children may disclose other Children's Information, such as their telephone number, home or physical address, email address, and other information about them that, when combined, identify a particular child.

How Do We Use Children's Information?

We collect Children's Information to provide and support our Services. FrameShare's online platform is designed to support art therapy and related creative activity. Because communication and collaboration are integral to such services, Session features enable real-time sharing of Children's Information with the Host, or any other Participants, in the Session. We may also use Children's Information to perform analytics and troubleshoot; protect the security and integrity of Users and our Services; and to ensure legal and regulatory compliance.

FrameShare does not sell Children's Information or use it for cross-context behavioral advertising.

Disclosures to Third Parties

FrameShare does not disclose Children's Information to third parties, except for:

  • Service providers who support our internal operations, for example, database maintenance and hosting services.
  • Government entities, when permitted or compelled to do so by government authorities or by law, such as in response to court orders and subpoenas, or to enable us to take precautions against liability.

We may also disclose Children's Information to such third parties when we have reason to believe that someone may be causing injury to or interfering with our rights or property, other Users, or anyone else who could be harmed by such activities.

Please refer to our main Privacy Policy for comprehensive information about the limited circumstances in which we may share information in identifiable form with third parties.

How Do We Protect Children's Information?

User Anonymity

We do not enable children to create screen names that allow direct and continuous contact through our Services. Instead, we randomly generate anonymous screen names to disguise and protect Participants' real identities when they enter a Session. After the Session expires, Participants cannot elect to reuse the same screen name, and a new screen name will be randomly generated for each new Session joined.

Note, however, that your child's Provider may share your child's actual name when they configure settings to host a Session. Please contact your child's Provider directly if you have questions or concerns regarding such disclosures.

Retention

We retain Children's Information for only as long as reasonably necessary to fulfill the purposes for which it was collected. Retention periods differ depending on different criteria, such as the type of information and the purposes for which we use the information.

Please refer to the general Privacy Policy for more information about our retention practices.

Data Security

We take commercially reasonable steps to protect the confidentiality, security, and integrity of Children's Information. To reduce security risks, for example, only the Host may have ongoing access to the Crafting Table and Session Notes through our Services after a Session expires. We also encrypt data in transit to and at rest in our AWS database in the United States.

Unfortunately, the transmission of information via the internet is not completely safe and our security system is not impenetrable. We cannot guarantee the security of Children's Information transmitted through our Services.

What Are Your Rights?

We strive to help parents and legal guardians ensure that their children have a safe experience using our Services. A parent or legal guardian may submit a request to access or delete their child's Children's Information, as well as a request to appeal a decision we have made about such a request, by contacting us at support@frameshare.org. We take steps to verify the identity of anyone requesting information about a child to ensure that the person is in fact the child's parent or legal guardian.

Updates

This Notice is effective as of the date stated at the top of the document.

We may change this Notice from time to time and will post the updated version as soon as it goes into effect. You will be asked to review this Notice each time you give consent to allow your child to participate in a Session. By giving your consent after we make any changes to this Notice, you are deemed to have accepted such changes. We recommend that you review this Notice on a regular basis to stay informed of our privacy practices.

Contact Us

If you have questions about this Notice or our main Privacy Policy, please contact us at: