← Back to Home

Privacy Policy

Last updated: February 19, 2026

1. Overview

Parable Post (“we,” “us,” “our”) provides a personalized children’s letter subscription service. We are committed to protecting the privacy of all our users, especially children under 13. This Privacy Policy explains what information we collect, how we use it, and how we protect it.

2. COPPA Compliance

We comply with the Children’s Online Privacy Protection Act (COPPA). We do not knowingly collect personal information directly from children under 13. All child information is provided by a parent or legal guardian who has given verifiable parental consent.

  • We collect only the minimum information necessary to generate personalized letters: child’s first name, age, gender, and interests.
  • Child names are encrypted at rest in our database.
  • We do not use tracking cookies, behavioral advertising, or analytics on any content directed at or generated for children.
  • We do not share, sell, or disclose any child information to third parties.
  • Our email marketing platform (VBOUT) receives only the parent/guardian’s email address — never any child data.
  • Parents may review, modify, or delete all data associated with their children at any time through their account dashboard or by contacting us.

3. Information We Collect

From Parents / Guardians:

  • Name, email address, phone number (optional), mailing address
  • Account credentials (password is hashed, never stored in plaintext)
  • Payment information (processed by third-party payment processors; we do not store card details)

About Children (provided by parent/guardian only):

  • First name (encrypted at rest)
  • Age, gender, pronouns
  • Interests (used for story personalization)
  • Family structure and developmental goals (used for story personalization)

We collect no additional data from or about children beyond what is listed above.

4. How We Use Information

  • To generate personalized letters/stories for your child using AI
  • To print and mail physical letters to your address
  • To communicate with parents about their subscription
  • To improve our service

We do not use child data for advertising, profiling, or any purpose beyond letter generation.

5. Data Security

  • Child names are encrypted using AES-256-GCM encryption at rest
  • Passwords are hashed using bcrypt
  • All data is transmitted over HTTPS/TLS
  • Administrative access to child data is restricted — admin interfaces never display child names
  • Audit logs never contain child personally identifiable information

6. Data Retention & Deletion

Parents may delete their child’s data at any time via their dashboard. Upon account deletion, all associated child data is permanently removed from our systems. We do not retain child data after account termination.

7. Third Parties

We use the following services, none of which receive child data:

  • Google Gemini AI — generates story content. Child first name and interests are sent to generate stories. No data is retained by Google beyond the API call.
  • VBOUT — email marketing. Receives parent email only.
  • Printing partners — receive letter content and mailing address for fulfillment.

8. Parental Rights

Under COPPA, parents have the right to:

  • Review all personal information collected about their child
  • Request deletion of their child’s information
  • Refuse further collection of their child’s information
  • Consent to collection without consenting to disclosure to third parties

To exercise these rights, use your account dashboard or contact us at [email protected].

9. Contact

For privacy inquiries: [email protected]