Policy version: v7. Last updated: May 31, 2026
Sure Footing collects minimal data to provide curriculum matching and planning:
We do not sell or rent your personal data. We do not run ads. We share data only with the service providers listed below under written agreements.
We use a small set of trusted services to run Sure Footing. The table below shows what each one does and exactly what information reaches it. Services you can already see in your browser (payment, email delivery, security, analytics) are named directly; behind-the-scenes infrastructure is described by its role, and we'll send you the full named list on request.
| Provider / Category | Purpose | Data Shared |
|---|---|---|
| Cloudflare | Protects the site from attacks and speeds up page loads | Your IP address, the page you're visiting, and basic browser info |
| Stripe | Processes your subscription payment | Your name, email, billing address, and payment details (we never see your card number). Stripe collects payment info directly so it never reaches our servers. |
| Resend | Sends you account and receipt emails | Your email address |
| Plausible Analytics | Counts page visits so we know what's working | Anonymous page counts. No cookies, no profile, no personal data. |
| Managed Postgres database (US) | Stores your account and your child's curriculum plan | All application data, encrypted at rest |
| Application hosting platform (US) | Runs the Sure Footing website and app | Request logs only, never the contents of forms you submit. |
| Cache and rate-limit service | Keeps the site fast and blocks abuse | Hashed identifiers only, nothing readable. |
| Error monitoring service (Sentry) | Alerts us when something breaks so we can fix it. Opt-in only. See "Performance & errors" below. | Technical error details and (with your consent) anonymized clicks and scrolls. Form inputs, passwords, and media are masked before transmission. Scrubbed of any child or family information. |
A complete list of named sub-processors, including the infrastructure providers above, is available on request. Email privacy@surefooting.net. We'll notify registered users by email at least 30 days before adding or replacing any sub-processor that handles your data.
The Sure Footing chooser requires a registered account. Each account receives 5 free curriculum searches; after that you can subscribe for unlimited searches.
How the counter works.Every completed chooser submission is stored against your account in our database with a school-year tag (so you can find it later). The counter for free-tier searches is simply the number of those rows. We don't use any tracking cookies for this; the count lives in the same database row as your account.
Default limit.5 free searches per account. Subscribers get unlimited searches. If your subscription lapses, you keep access to all your saved searches but the free-tier limit applies again. Your prior counter value is preserved (subscriber-period searches don't count toward it).
Retention.Saved searches are retained for the life of your account. Delete your account (under Settings → Data & Privacy) to remove them.
Marketing email opt-in.When you registered we asked whether you'd like occasional product update emails. You can change your preference any time on the Settings page; this is separate from transactional emails (verification, password reset, billing receipts) which are required for the service.
We use a service called Sentry to catch and diagnose bugs in the app. It runs only when you opt in. The cookie banner has three categories: Functional (always on), Social login (Facebook sign-in), and Performance & errors. The third one controls this.
What it captures, with your consent:
What it never captures:
Where the data goes. Sentry (sentry.io), based in the United States. Sentry retains event data for up to 90 days by default. We have not opted into any longer retention.
Storage on your device. Sentry uses browser localStorage to buffer the click and scroll trail before sending. This is treated as a tracking technology under EU ePrivacy rules, which is why it lives behind the consent toggle. If you decline, nothing is written to localStorage and Sentry never initializes.
Changing your mind.You can toggle Performance & errors at any time from Settings → Cookie Preferences. Changes take effect on your next page load (the error monitor is started once when the page loads; flipping the toggle doesn't start or stop a running monitor mid-session). If you have multiple Sure Footing tabs open, the change takes effect per-tab as each tab reloads.
If you decline: the app works exactly the same. You won't see any difference. We just won't see error reports from your sessions, which means we may not catch bugs that affect you specifically. That's a deliberate trade-off. Your privacy choice is more important than our crash reports.
Sure Footing is designed for parents, not children. We collect information about children only from their parent or legal guardian. We do not collect information directly from children under 13.
Child names are optional.You may use pseudonyms (e.g., "Child 1", "Child 2") instead of real names. The app functions identically with pseudonyms.
Data we collect about children (from parents): name (or pseudonym), grade level, subjects, school year dates, daily schedule, weekly plans, task completions, skip days, and calendar data.
What we never share with AI services: Child names are never sent to Anthropic or any third-party AI provider. Only anonymous identifiers (UUIDs) are used when generating personalized content.
Error monitoring: We use Sentry for error monitoring to improve app reliability. Error reports only run when you opt in via the cookie banner's "Performance & errors" toggle (see the dedicated section below). When enabled, all error reports are anonymized before transmission. No child names, email addresses, or personally identifiable information is included.
Your rights as a parent:
Your data is stored in encrypted databases hosted in the United States. We use industry-standard security practices including HTTPS encryption, secure authentication with optional two-factor authentication, and access controls. Sensitive authentication data is encrypted at the application layer.
We retain your data only as long as your account is active or as needed to provide services. Saved results from unauthenticated users are automatically deleted after 30 days. When you delete your account, all data is permanently removed.
Questions about this privacy policy? Email us at privacy@surefooting.net.
Policy version: v7
We value your privacy
Essential cookies keep you signed in. Optional ones help us spot bugs faster. You can change your preferences anytime in Settings.