CHILDREN’S PRIVACY STATEMENT
Last Updated: March 18, 2021
Moxie is designed with privacy, security and parental control in mind. Embodied takes special steps to protect children. A parent must provide verifiable parent consent before a child can interact with Moxie. More information about Moxie and our AI is available at embodied.com.
Embodied is committed to be in compliance with the Children’s Online Privacy Protection Act (“COPPA”), a federal law designed to protect children online. We take Children's privacy seriously and encourage parents or guardians to protect their children's online privacy at all times. Embodied is working with PRIVO, an FTC approved COPPA Safe Harbor organization, to safeguard the Personal Information of your child, ensure the safety of your child’s data and help us meet the high standards set by COPPA.
EMBODIED is a member of the PRIVO Kids Privacy Assured COPPA Safe Harbor Certification Program (“the Program”). The Program certification applies to the digital properties listed on the validation page that is viewable by clicking on the PRIVO Seal. PRIVO is an independent, third-party organization committed to safeguarding children’s personal information collected online. The PRIVO COPPA certification Seal posted on this page indicates COMPANY has established COPPA compliant privacy practices and has agreed to submit to PRIVO’s oversight and consumer dispute resolution process. If you have questions or concerns about our privacy practices, please contact us at (855) 945-3411 or firstname.lastname@example.org. If you have further concerns after you have contacted us, you can contact PRIVO directly at email@example.com.
Protecting Children’s Privacy
Embodied takes special steps to protect children as defined in this Children’s Privacy Statement in our sites and services directed to children. Embodied does not condition a child’s participation in an activity or online service on the disclosure of more personal information than necessary and full verifiable parental consent is required for a child to interact with Moxie.
Please help us protect your children’s privacy by teaching your child to never provide personal information without your permission.
Collection and Use of Children’s Information
G.R.L. Site - Children do not need to own a Moxie to visit the G.R.L. website to explore characters, games and activities. If the child or parent does not own Moxie, the G.R.L. Site does not collect the child’s personal information.
If the child or parent owns the Moxie and has connected Moxie with the Parent App, the G.R.L. Site utilizes a first-party authentication cookie to allow Moxie users to more easily log in after the initial log in to the G.R.L. Site.
Embodied utilizes Google Analytics to collected aggregated and anonymized information about activity on the G.R.L so we can improve the performance and design of the G.R.L. Site. This information may tell us that ten users have visited page A and ten users have visited page B on a certain day. However, no information is collected regarding who the users are. This information is only utilized by Embodied personnel.
Embodied utilizes Google Analytics to collected aggregated and anonymized information about activity on the G.R.L. Site. For example, the information collected may be that ten users have visited page A and ten users have visited page B on a certain day. However, no information is collected regarding who the users are. This information is only utilized by Embodied personnel.
Security - Moxie was developed with security in mind. We take steps to securely send and store data, and only work with business partners and cloud service providers who provide assurances that they will do the same. Data is managed internally to limit the ability of Embodied personnel to link certain data to a specific child or device.
Data will be automatically recorded by Moxie in the form of video files and audio files and may be linked to a unique identifier for your robot. Anyone in range of the video or audio recording capabilities of Moxie may be recorded, including your child, members of your family or others in the home at the time the robot is recording.
Audio Data and Audio Transcript Data - The recorded Audio Data is encrypted and sent to our cloud service provider, Google Cloud STT, who automatically transcribes the audio files to create audio transcription files and deletes the audio recording after creating the audio transcription file. This file is the Audio Transcript Data. The Audio Transcript Data is securely transmitted to Moxie and used to interact with the user, and then transmitted through Moxie to a separate cloud storage area. Our cloud storage service provider does not have access to the Audio Transcript Data; only Embodied has access. The Audio Transcript Data are used by Embodied to understand the content of the recorded Audio Data, respond to the child, and improve the AI. The Audio Transcript Data will remain on a secure and encrypted server after data collection has been completed. The Audio Transcript Data may be stored for 18 months. Embodied has access to the Audio Transcript Data, but cannot link them to any particular user, account or device. Parents must either be using the Parent App with access to the AUID or have the Recovery Key to access or delete the Audio Transcript Data associated with their child; the Audio Data is deleted when the transcripts are made.
Video Data - The recorded Video Data will be automatically processed locally on the Moxie device to create facial expression datapoints. The recorded Video Data does not leave Moxie, is utilized to create the Facial Expression Datapoints, and is deleted after the Facial Expression Datapoints have been created. The recorded Video Data is not transmitted from Moxie.
Facial Expression Datapoints - The Facial Expression Datapoints allow Embodied to determine facial expressions of the child and/or analyze the emotion of the child in order to enhance the interaction between Moxie and child. The Facial Expression Data points will be transmitted to the cloud storage service provider and are encrypted during transmission and storage. The Facial Expression Datapoints are only accessible to Embodied and are not accessible by the cloud service provider. The Facial Expression Datapoints may be stored for 18 months. Embodied has access to the information, but cannot link it to any particular user, account or device. Parents must either be using the Parent App or have the Recovery Key to view or access data associated with their child.
Primary User Images - The camera on Moxie will initially capture images of the primary user (your child) during their interaction with Moxie. The Primary User Images are utilized by Moxie to verify that Moxie is speaking to the primary user during conversation interactions, and to respond appropriately to the primary user. Please note: During interaction with Moxie, images of other individuals may be captured if they are within the field of view of the camera. Moxie may process these images to determine if this individual is the Primary User, and may ask “who are you,” or “are you my mentor” to confirm. If another user asks Moxie to remember them, that user will be recognized and information stored. The Primary User Images will be encrypted and securely transmitted to the cloud storage service provider. Embodied has access to the information, but cannot link it to any particular user, account or device. Parents must have the Recovery Key to view or access data associated with their child. Moxie may communicate with the other individuals, but is designed to call only the primary child user by name. This comparison is performed within Moxie and there is no communication with the cloud storage service provider. Parents must either be using the Parent App or have the Recovery Key to view or access data associated with their child. Embodied does not have access to the information as it is encrypted using the Recovery Key, but Embodied can link it to the user or device and can therefore delete Primary User Images if requested by a parent.
Activity Data – Moxie collects certain Activity Data, such as how long children are using Moxie, if children read a book with the robot, how many missions the children have completed with Moxie, badges and trophies earned, and other information to help parent’s track a child’s general activities and progress. The Activity Data is generally summary information about the child’s activities. Data on children’s interactions with Moxie and activities and progress are encrypted and stored with the cloud service provider, but in a separate database from the Audio Transcript Data, Facial Expression Datapoints, Moxie Interaction Data, Insight Data, and other personal information. The Activity Data on a particular child’s interactions and progress is accessible through the Parent App or with the recovery key and linked to the robot ID accessibly by Embodied.
Moxie Interaction Data – Moxie Interaction Data is data associated with the child’s interactions with Moxie, such as the Audio Transcript Data (collected through Moxie’s microphones), Facial Expression Datapoints (collected through Moxie’s camera), whether and where other objects or persons may be located in a room (collected through Moxie’s camera), responses communicated to Moxie, and/or what Moxie facial animations are utilized. In addition, touch sensors are utilized to determine if a child is touching or hugging Moxie. The Moxie Interaction Data is collected and processed on Moxie and is utilized to enhance the child’s interaction with Moxie and is associated with the AUID. The Moxie Interaction Data is then encrypted and transmitted to the cloud service provider and stored in the same account as the anonymized Insight Data, Audio Transcript Data, and Facial Expression Datapoints. The Moxie Interaction Data is stored for three months with precise timestamps, and for eighteen months with relative timestamps. Parents can request to access or delete Moxie Interaction Data using the Parent App or with the recovery key.
Insight Data – Insight Data is data derived from the Embodied proprietary AI engine that analyzes how the child is doing in achieving missions and goals and progress towards achieving those goals, such as improvements in language skills, how long the child was engaged with the robot, number of words read per minute. Insight Data is just that: it is data derived from the Moxie Interaction Data, Facial Expression Datapoints, Audio Transcript Data and other data to provide an analytical assessment of the child’s progress. Activity Data and Insight Data are available to parents while using the Parent App or with the recovery key.
Moxie Sensor and Telemetry Data – Embodied collects computer sensor and telemetry data from Moxie to troubleshoot problems and improve hardware and software operations. This data is associated with the robot ID but stored separately from other data for three months.
Recovering Data and Troubleshooting
Moxie is a complex product that has been designed with privacy and security in mind. Embodied needs access to certain information to provide services, allow children to interact with Moxie, help children engage in activities and work towards achieving goals, and deploy the AI to provide insights to the parent. Embodied has built the Parent App to allow parents to see their child’s activities and progress. Embodied’s data management procedures are designed to restrict Embodied’s access to most data associated with an identifiable child, but we also want to assist parents in troubleshooting issues or answering questions. That is why we have created a process that allows a parent elect to share the AUID with customer service.
As a reminder, the AUID is an encrypted ID created on Moxie and sent during initial pairing with Moxie and the Parent App. The AUID is linked to the recovery key, but both are unknown to Embodied. Embodied will never ask a parent for the recovery key or analytical user ID, but if a customer reports a problem, Embodied will ask the customer for permission to “add a share my AUID” button on the help page of the Parent App. Having a mechanism to allow Embodied to access the AUID in the Parent App allows Embodied to work with the parent to troubleshoot problems, or respond to requests to access or delete information. When the customer receives the “share my AUID” button, and affirmatively clicks on the button, Embodied personnel can access the Moxie Interaction Data, Facial Expression Datapoints, Audio Transcript Data, and Insight Data associated with the AUID to assist the customer with the request. Access is limited to the help session and this data is otherwise not visible to Embodied in a way that is linked to a particular child.
Parental Access to Information
Even after the parent or guardian has provided Embodied consent to collect and user her Child’s personal information, the parent or guardian can 1) review, correct and/or delete the Child’s personal information and/or 2) stop collection or use of the Child’s personal information. To do so, please send your request to the following address at Embodied or email us at firstname.lastname@example.org. Please note: Parents must be using the Parent App or have the recovery key for Embodied to respond to certain requests related to Moxie data. Be sure to include your email address and/or contact information. We will let you know what additional information we require to verify that you are a parent.
Attn: Customer Support
385 E. Colorado Blvd., Suite 110
Pasadena, CA 91101