Privacy Policy
forty2a builds Génie, a pocket voice assistant designed for children and managed by their parent or guardian. This policy explains what information we collect, how we use it, who we share it with, and the choices and rights you have. Because Génie is intended for use by children under the supervision of a parent, we apply heightened protections and require verifiable parental consent before a child uses the device.
Who we are What we collect How we use it Children's privacy Who we share with Safety & moderation Retention Your rights & controls Security Where data is processed Changes Contact
1. Who we are
forty2a ("we", "us", "our") is the operator of the Génie voice assistant and its companion web app at
app.forty2a.com. For privacy questions you can reach us at
hello@forty2a.com. Génie is a trademark of forty2a.
2. Information we collect
Parent / guardian account
- Account details - your name and email address, used to create and secure your account.
- Sign-in data - if you sign in with Google, we receive your email, name, profile picture, and a Google account identifier (we request only basic profile and email; we do not access your Gmail, Drive, Calendar, or contacts). If you use email/password sign-in, we store a securely hashed password.
- Communications - emails you send us and notification preferences.
Device & child profile
- Device information - a device identifier, firmware version, and connection/diagnostic data (battery, storage, signal strength, uptime) used to operate and support the device.
- Child profile - information you enter about your child, such as a first name or nickname, age, language, and interests/preferences, used to personalize responses.
Voice & conversation data
- Voice recordings - when the child speaks to the device, audio is sent to our servers and to our speech-to-text provider to convert it to text so the assistant can respond.
- Conversation content - the transcribed questions and the assistant's answers, used to generate replies and (optionally) to let you review recent history.
- AI-learned memory - to make the assistant more helpful, it may save short facts the child shares (e.g. "I like dinosaurs"). These facts are stored on the device itself and are visible to you in the parent web app, where you can review or delete them.
Safety data
- Moderation events - to keep children safe, both questions and answers are screened. When content is flagged, we record the category, a short snippet, and a timestamp so parents can review it and so we can meet our child-safety obligations.
Marketing sign-ups
- If you submit your email on our "notify me" form, we store it solely to tell you when the product launches.
3. How we use information
- To provide the assistant: understand speech, generate answers, and speak them back.
- To personalize responses using the child profile and saved memory facts.
- To operate, secure, and support devices and accounts (authentication, diagnostics, content delivery).
- To protect children through content moderation and, where required, safety reporting.
- To communicate with you (account, verification, and safety notifications you've enabled).
We do not sell personal information, and we do not use children's voice data or conversations for advertising or to build advertising profiles.
4. Children's privacy
Génie is intended to be set up and managed by a parent or guardian. We require verifiable parental consent before a child uses the device, and the parent controls the account.
- We collect from children only what is reasonably necessary for the assistant to function.
- A parent can review, edit, or delete the child's profile and learned memory at any time in the web app.
- A parent can revoke access, unregister the device, or request deletion of associated data (see Your rights & controls).
We aim to comply with applicable children's-privacy laws, including the U.S. Children's Online Privacy Protection Act (COPPA) and Canadian privacy and online-harms requirements. If you believe a child has provided us information without parental consent, contact us at hello@forty2a.com and we will delete it.
5. Service providers we share with
We use a small set of trusted providers ("subprocessors") to deliver the service. They process data only on our instructions and only to perform their function:
| Provider | Purpose |
|---|---|
| Optional parent sign-in (OAuth) | |
| Deepgram | Speech-to-text and text-to-speech |
| Groq | AI language model, content moderation, and optional web search |
| OpenAI | Backup AI language model (failover) |
| Together AI | Illustration / image generation |
| Email/SMTP provider | Account, verification, and safety emails |
| Hosting provider | Servers that run the service |
We may also disclose information if required by law, to protect the safety of a child or others, or to comply with a legal obligation (see Safety & moderation).
6. Safety & moderation
Children's questions and the assistant's answers are automatically screened for harmful content. If serious content is detected, we may notify the parent and, where there is an indication of child sexual abuse or exploitation, we may be legally required to report it to the appropriate authorities (such as Cybertip.ca / the Canadian Centre for Child Protection, or NCMEC). We retain the minimum information needed to make and support such a report.
7. Data retention
- Voice recordings are kept only transiently for processing and are not retained as a long-term archive of the child's voice.
- Memory facts live on the device and in a temporary server cache; deleting them in the web app removes them.
- Account and safety records are kept while your account is active and for as long as needed to meet legal, security, and safety obligations, then deleted or anonymized.
8. Your rights & controls
As the parent/account holder you can, through the web app or by contacting us:
- Access and review your child's profile, learned memory, and recent conversation history.
- Correct or delete profile data and individual memory facts.
- Turn features on or off (for example, internet search is off by default and parent-controlled).
- Unregister a device, close your account, and request deletion of associated personal data.
Depending on where you live, you may have additional rights (access, correction, deletion, portability, or to lodge a complaint with a data-protection authority). To exercise any right, email hello@forty2a.com.
9. Security
We protect information with measures including encrypted connections (TLS), hashed passwords, access controls, rate limiting, and least-privilege handling of secrets. No system is perfectly secure, but we work to safeguard data and respond promptly to any incident.
10. Where data is processed
Our servers and service providers may process data in Canada, the United States, and other countries. Where we transfer information across borders, we take steps to ensure it remains protected consistent with this policy and applicable law.
11. Changes to this policy
We may update this policy from time to time. We will revise the "Last updated" date above and, for material changes, provide a more prominent notice. Continued use after an update means you accept the revised policy.
12. Contact us
Questions, requests, or concerns about privacy:
forty2a - hello@forty2a.com