Skip to main content
FLASHMATH
Terms & ConditionsPrivacy Policy

FlashMath Privacy Policy (US)

Effective Date: February 7, 2026  | Last Updated: February 7, 2026  | Version: 1.0

FlashMath LLC ("FlashMath," "we," "us," or "our") provides this Privacy Policy to explain how we collect, use, disclose, and retain personal information when you use FlashMath websites, applications, and related services (collectively, the "Services").

This Privacy Policy is primarily intended for users in the United States. If you are located in the European Economic Area, UK, or Switzerland, please also review Section 13 for additional rights under GDPR.

1. Scope

This Privacy Policy applies to personal information we collect when you:

  1. Create or use a FlashMath account.
  2. Use gameplay, social, or subscription features.
  3. Contact support or otherwise communicate with us.
  4. Interact with our websites, emails, and related services.

2. Personal Information We Collect

Depending on how you use the Services, we may collect:

2.1 Account and Profile Information

  1. Email address
  2. Username/display name
  3. Password hash and account credentials metadata
  4. Date of birth and age category
  5. Profile avatar and preferences

2.2 Family and Child-Account Information

  1. Parent account and linked child-account relationship data
  2. Parent control settings and permission toggles
  3. Family messaging content and metadata
  4. Link codes and authorization events
  5. Parental consent records (including under-13 consent where required by law)
  6. Consent records for elevated minor privileges (where applicable)

2.3 Gameplay and Performance Information

  1. Practice session activity and results
  2. Match history, ratings, and statistics
  3. Progression metrics (for example, XP, levels, achievements)
  4. Virtual currency and virtual item inventory activity

2.4 Purchase and Subscription Information

  1. Subscription status, plan details, and renewal status
  2. Transaction history, receipts, and payment-related records
  3. Limited payment method descriptors (for example, brand/last four when provided by processor)

Important: Full payment card credentials are processed and stored by our payment processor, not FlashMath.

2.5 Device, Technical, and Usage Information

  1. IP address
  2. Device type, browser, operating system
  3. Log files, timestamps, and crash/error diagnostics
  4. In-app usage events and interactions
  5. Cookie or similar technology identifiers

2.6 Communications and Support Information

  1. Messages sent to support
  2. Survey responses and feedback
  3. Records of legal/privacy requests and responses

3. Sources of Information

We collect personal information:

  1. Directly from you (or from a parent account holder for linked child accounts).
  2. Automatically when you use the Services.
  3. From service providers (for example, payment confirmation data from Stripe and other processors/providers we use).
  4. From other users where features involve account linking or messaging.

4. How We Use Personal Information

We use personal information to:

  1. Provide, operate, and maintain the Services.
  2. Create and manage accounts, including optional linked family accounts.
  3. Process purchases, subscriptions, renewals, and related support.
  4. Deliver gameplay features, progress tracking, and personalization.
  5. Enforce account permissions and parental controls.
  6. Detect, prevent, and investigate fraud, abuse, and security incidents.
  7. Communicate with users about accounts, transactions, policy updates, and support.
  8. Comply with legal obligations and enforce our legal rights.
  9. Improve and develop features, quality, and reliability.

5. How We Disclose Personal Information

We may disclose personal information:

  1. Service Providers: To vendors performing services on our behalf (for example, hosting, authentication support, customer support tooling, messaging delivery, analytics, payment processing).
  2. Payment Processor: To process subscription and payment transactions (currently Stripe; PayPal may also be offered at checkout).
  3. Family-Linked Accounts: Between linked parent and child accounts consistent with feature design.
  4. Legal/Compliance: When required by law, court order, subpoena, or lawful process, or to protect rights, safety, and security.
  5. Corporate Transactions: In connection with a merger, financing, reorganization, sale, or transfer of all or part of our business.
  6. With Consent: Where you (or a parent account holder, as applicable) direct or authorize us to disclose information.

5.1 Infrastructure and Third-Party Services

The following third-party services process data as part of delivering our Services:

  1. Google Fonts: Your IP address may be transmitted to Google servers for font delivery. See Google Privacy Policy.
  2. Redis (Hosting Provider): Account identifiers and session data are processed by our Redis hosting provider for real-time features.
  3. Socket.IO Infrastructure: Connection metadata and message content are processed for real-time communication (arena matches, chat).

6. Sale, Sharing, and Targeted Advertising

  1. We do not sell personal information for monetary consideration.
  2. We do not currently share personal information for cross-context behavioral advertising.
  3. If our practices change, we will provide required notices and rights mechanisms under applicable law.
  4. Where legally required, we will process opt-out preference signals (such as Global Privacy Control) for relevant browser/device contexts.

7. Cookies and Similar Technologies

We use cookies and similar technologies for:

  1. Essential functionality (authentication, security, session management)
  2. Performance and diagnostics
  3. User preferences and experience features

You can control certain cookies through browser settings. Blocking some technologies may affect feature availability.

8. Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, fulfill the purposes described above, and comply with legal obligations.

Typical retention approach:

  1. Account profile and gameplay records: for account lifetime unless deleted.
  2. Transaction and tax-relevant records: retained as required for accounting, legal, and tax purposes.
  3. Security and operational logs: retained for limited periods based on business and security needs.
  4. De-identified or aggregated data: may be retained and used where permitted by law.

9. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. No system is completely secure, and we cannot guarantee absolute security.

10. Children's and Minors' Privacy

  1. Users under 13 may access the Services only through a parent-managed linked account, where offered, and only after legally required verifiable parental consent is obtained.
  2. Users under 13 may not create standalone accounts.
  3. Users age 13 or older may register and use accounts as permitted by applicable law.
  4. We may offer optional linked family features that allow parents to manage linked-account permissions.
  5. Elevated privileges for minors may require parental consent where offered or required by law, and such consent can be revoked by the parent.
  6. Parents can request updates or deletion for linked minor accounts, subject to verification and legal requirements.
  7. If we learn we collected personal information from a child under 13 contrary to this policy, we will take appropriate remedial action, including suspension or deletion as required.
  8. For under-13 linked access, parental consent is captured through an in-product parental acknowledgment flow and maintained in consent records.

11. US State Privacy Rights

Residents of certain states may have rights under applicable state privacy laws, which can include:

  1. Right to know/access categories or specific pieces of personal information.
  2. Right to correct inaccurate personal information.
  3. Right to delete personal information (subject to legal exceptions).
  4. Right to obtain a portable copy of personal information.
  5. Right to opt out of certain processing, such as targeted advertising, sale, or profiling in furtherance of decisions producing legal or similarly significant effects, where applicable.
  6. Right to non-discrimination for exercising privacy rights.
  7. Right to appeal denial of a rights request, where required by law.

11.1 How to Submit a Privacy Request

Submit requests using:

  1. Email: privacy-rights@flashmath.io
  2. Web form: https://flashmath.io/privacy
  3. Toll-free phone: Not provided

We may verify your identity before fulfilling requests. Authorized agents may submit requests where permitted by law and subject to verification.

11.2 Appeals

If we deny your request, you may appeal by contacting privacy-appeals@flashmath.io with subject line "Privacy Appeal."

11.3 California-Specific Note

California residents may have additional rights under CCPA/CPRA, including rights related to sensitive personal information and required notices regarding categories, purposes, retention, and disclosures.

12. Third-Party Services and Links

The Services may link to third-party services not controlled by FlashMath. We are not responsible for third-party privacy practices. Review third-party privacy policies before sharing personal information.

13. International Users & GDPR

FlashMath is operated from the United States. If you access the Services from outside the US, your personal data will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction.

13.1 European Economic Area (EEA), UK & Swiss Users

If you are located in the EEA, UK, or Switzerland, the following additional terms apply under the General Data Protection Regulation (GDPR) and equivalent legislation:

  1. Lawful Basis for Processing: We process your personal data on the following bases: (a) Contract — to provide the Services you signed up for; (b) Legitimate Interests — to improve our Services, prevent fraud, and ensure security; (c) Consent — for optional features such as marketing emails, which you can withdraw at any time.
  2. Your Rights: You have the right to: access your personal data; rectify inaccurate data; request erasure ("right to be forgotten"); restrict processing; data portability (receive your data in a structured, machine-readable format); object to processing based on legitimate interests; and withdraw consent at any time without affecting prior processing.
  3. Exercising Your Rights: To exercise any of these rights, email privacy-rights@flashmath.io with subject line "GDPR Request." We will respond within 30 days.
  4. International Transfers: Your data is transferred to the United States. We rely on Standard Contractual Clauses (SCCs) approved by the European Commission as our transfer mechanism.
  5. Supervisory Authority: You have the right to lodge a complaint with your local data protection authority if you believe your data has been processed unlawfully.
  6. Data Protection Contact: For GDPR-related inquiries, contact privacy-rights@flashmath.io.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice by reasonable means. The "Effective Date" and "Last Updated" fields indicate when updates apply.

15. Contact Us

FlashMath LLC
Attn: Privacy
7901 4th St N #23864
St. Petersburg, FL 33702, USA
Email: privacy-rights@flashmath.io
Phone: N/A