Privacy Policy

How we collect, use, and protect your information.

Octo Privacy Policy

Last updated: 28 September 2025

1. Who We Are

Octo ("Octo", "we", "us", or "our") is operated by Batuhan Aktaş (placeholder), registered in United Kingdom with its registered address at 10 Park Avenue South, London, N8 8LT. We act as the data controller for personal data collected through the Octo mobile application, parental dashboard, websites, customer support channels, and related services (the "Services").

Questions about privacy can be sent to support@octo.toys. Once an official data protection contact is appointed, update this section accordingly.

2. Scope

This Privacy Policy explains how we process personal data when:

  • a parent or guardian creates or manages an Octo account;
  • a child interacts with our voice assistant experiences or content;
  • you visit our websites, use in-app purchases, or engage with customer support; and
  • we rely on trusted suppliers—such as ElevenLabs, LiveKit, Apple, and Stripe—to power the Services.

It applies to users in the United Kingdom and the European Economic Area. Additional contractual terms may apply where we process data on behalf of a school or other organisation.

3. Data We Collect

We collect the following categories of personal data:

| Category | Examples | Purpose | | --- | --- | --- | | Account Data | Parent/guardian name, email address, password hashes, verification tokens, profile photo, household details | Create and secure the account, verify identity, manage subscriptions | | Child Profile Data | Child first name or nickname, age band, consent status, avatar selections, content preferences | Personalise the experience, tailor content to the child’s developmental stage | | Voice & Interaction Data | Audio streams, speech-to-text transcripts, prompts, responses, timestamps, conversation metadata | Deliver conversational experiences, perform safety filtering, enable parental insights | | Device & Technical Data | Device identifiers, IP address, operating system, app version, diagnostic logs, crash reports | Maintain performance, detect fraud, troubleshoot issues | | Usage & Analytics Data | Session length, feature use, content progress, parental dashboard activity | Understand engagement, improve features, inform roadmap decisions | | Payment & Billing Data | Subscription plan, status, renewal dates, Apple transaction identifiers, limited Stripe tokens, VAT records | Process payments, comply with accounting and tax law | | Support & Feedback | Support tickets, survey responses, beta feedback, call recordings (if any) | Resolve issues, gather feedback, comply with consumer rights |

We intentionally minimise collection of special category data. If you provide sensitive information (e.g. wellbeing concerns) during interactions, we apply enhanced safeguards and encourage you not to share unnecessary personal details.

4. How We Collect Data

  • Directly from you when you sign up, set up child profiles, complete surveys, or contact support.
  • Automatically via in-app events, cookies, local storage, SDKs, and device sensors needed to deliver features.
  • From integrated services you choose to enable, such as Sign in with Apple, ElevenLabs voice services, LiveKit real-time communications, Stripe billing, analytics tools, or crash reporting platforms.

5. Why We Use Personal Data (Legal Bases)

We rely on the following lawful bases under the UK GDPR and the Data Protection Act 2018:

| Purpose | Legal Basis | | --- | --- | | Provide and operate the Services, including real-time conversations | Performance of a contract (Article 6(1)(b)) | | Authenticate accounts, process payments, provide parental dashboards | Performance of a contract | | Personalise child experiences, maintain safety filters, improve accessibility | Legitimate interests (Article 6(1)(f)) aligned with the Age Appropriate Design Code | | Deliver push notifications, parental alerts, or marketing updates | Consent (Article 6(1)(a)) or legitimate interests, as applicable | | Run analytics, product research, A/B testing (pseudonymised/aggregated where possible) | Legitimate interests | | Monitor safety, detect misuse, enforce Terms | Legitimate interests and legal obligation | | Comply with legal obligations (tax, consumer protection, safeguarding) | Legal obligation (Article 6(1)(c)) |

Where a child is under 13, we require verifiable parental consent before collecting personal data. Consent can be withdrawn at any time through the parental dashboard or by emailing support@octo.toys.

6. How We Share Personal Data

We only share personal data when necessary and subject to appropriate safeguards:

  • Service providers / processors under written data-processing agreements. This includes ElevenLabs (speech processing and synthesised voice storage), LiveKit (real-time communications), Stripe (billing), Apple (distribution and in-app purchases), analytics providers, and crash monitoring tools. They act solely on our instructions.
  • Parental/guardian accounts: linked adult accounts can view usage summaries, voice transcripts, or safety alerts relating to their child.
  • Professional advisers and authorities where required to comply with legal obligations or to protect vital interests.
  • Business transitions such as a merger, acquisition, or restructuring. We will provide notice before personal data is transferred.

We do not sell personal data or allow third parties to use it for their own marketing purposes.

7. International Transfers

Some processors are based outside the UK/EEA (for example, in the United States). When personal data is transferred internationally, we rely on:

  • UK adequacy regulations (where applicable);
  • standard contractual clauses adopted by the UK Secretary of State, together with supplementary measures; or
  • another lawful transfer mechanism permitted under UK data protection law.

You can request copies of relevant transfer safeguards by contacting support@octo.toys.

8. Data Storage and Retention

  • Voice recordings & transcripts: ElevenLabs hosts encrypted audio and transcripts. We retain access for up to 180 days to support replays, QA, and safety reviews, unless parents request deletion sooner.
  • Account data: kept for the life of the account plus up to 12 months to manage queries and potential reactivation.
  • Safety and moderation logs: retained for up to 180 days unless escalation requires longer retention (e.g. enforcing Terms or complying with safeguarding obligations).
  • Analytics and diagnostic logs: kept for up to 24 months in pseudonymised form.
  • Billing records and invoices: retained for 6 years to satisfy tax and accounting requirements.

When retention periods expire, we securely delete or anonymise the data. If we depend on a third-party processor, we instruct them to do the same.

9. Data Subject Rights

Subject to legal limits, parents/guardians (and older children when appropriate) may:

  • request access to personal data we hold;
  • correct inaccurate or incomplete data;
  • delete data ("right to be forgotten");
  • restrict or object to certain processing activities;
  • receive data in a machine-readable format (portability);
  • withdraw consent at any time; and
  • lodge a complaint with the UK Information Commissioner’s Office (ICO) via https://ico.org.uk or +44 303 123 1113.

To exercise these rights, use the in-app privacy tools or email support@octo.toys. We may need to verify identity before fulfilling a request and may deny requests where permitted by law (for example, if we must retain data for legal compliance).

10. Children’s Privacy and the UK Age Appropriate Design Code

Octo is designed for children aged 4–12 and requires an adult account holder. We:

  • present explanations suitable for both adults and children;
  • minimise data collection to what is necessary for the experience;
  • require verified parental consent before enabling full functionality;
  • provide parental dashboards to review and delete child data;
  • apply automated and human review to flag potentially harmful content;
  • avoid profiling children for marketing or behavioural advertising; and
  • conduct Data Protection Impact Assessments for high-risk processing.

If you believe a child has provided personal data without parental consent, contact us immediately so we can delete it.

11. Security

We implement technical and organisational measures appropriate to the sensitivity of the data, including encryption in transit and at rest, role-based access controls, secure key management, security training, code reviews, and incident response plans. We will notify affected users and relevant authorities of personal data breaches where required by law.

12. Automated Decision Making

We do not make solely automated decisions that produce legal or similarly significant effects. Automated moderation may flag content for human review, but human oversight decides on enforcement actions.

13. Third-Party Links and Features

The Services may link to external resources or embed third-party content (for example, educational materials or payment processors). This Privacy Policy does not cover those services; review their privacy policies before sharing data with them.

14. Changes to This Policy

We may update this Privacy Policy to reflect changes in law, technology, or our practices. When we do, we will:

  • publish the updated version in-app and on our website;
  • revise the "Last updated" date at the top; and
  • notify account holders via in-app notice or email before material changes take effect.

Continued use of the Services after the effective date means you accept the updated policy.

15. Contact Us

Privacy queries, complaints, or requests can be sent to support@octo.toys or mailed to 10 Park Avenue South, London, N8 8LT. If you require accessible formats or translations, please let us know.

Record of Processing Activities (summary)

| Processing Activity | Data Subjects | Categories of Personal Data | Legal Basis | Retention | | --- | --- | --- | --- | --- | | Account management | Parents/guardians | Account Data | Contract | Life of account + 12 months | | Child conversations & engagement | Children | Child Profile Data, Voice & Interaction Data | Consent + legitimate interests | Up to 180 days | | Behavioural analytics | Parents/children (pseudonymised) | Usage & Analytics Data | Legitimate interests | Up to 24 months | | Billing & subscriptions | Parents/guardians | Payment & Billing Data | Contract + legal obligation | 6 years | | Safety monitoring & incident response | Parents/children | Voice & Interaction Data, Device Data | Legitimate interests + legal obligation | Up to 180 days (longer if legally required) |

Document owner: [[DPO_OR_PRIVACY_LEAD]] (placeholder)

Review cycle: At least annually, and sooner if we launch new features, integrate new partners, or change data practices.