TrulyForged

Privacy Policy

Last updated: June 9, 2026

1. Who We Are

TrulyForged is operated by Truly Forged LLC, a Florida limited liability company ("we," "us," or "our"). We provide a daycare management platform — including a web-based admin portal, a guardian mobile app ("Guardian"), and a staff mobile app ("Classroom") — to licensed childcare providers and their authorized users.

Contact: consult@trulyforged.com

2. Scope

This policy applies to all TrulyForged applications and services, including the admin portal at admin.trulyforged.com, the Guardian mobile app, and the Classroom mobile app. It describes how we collect, use, store, and protect information about childcare providers, their staff, enrolled families, and children.

3. Information We Collect

Childcare providers and staff

  • Name, email address, phone number
  • Account credentials (passwords stored as hashes — never in plain text)
  • Role and classroom assignments
  • Device location (Classroom app only, to verify proximity to the facility for sign-in)

Guardians and families

  • Name, email address, phone number, home address
  • Payment method information (processed by Stripe — we do not store full payment credentials)
  • A 4-digit check-in PIN used to verify identity at kiosk sign-in/sign-out
  • Device push notification token (to deliver activity updates)
  • Device location (Guardian app only, used solely to validate a facility check-in QR code scan)

Children

  • First and last name, date of birth, enrollment information
  • Daily attendance records (check-in and check-out times)
  • Activity logs (meals, naps, diaper changes, photos, and similar care events)
  • Classroom assignment history

Usage and technical data

  • App crash reports and error logs (used to improve reliability)
  • IP addresses and user-agent strings (logged for security auditing)

4. How We Use Information

  • To provide, operate, and improve the TrulyForged platform
  • To process tuition payments and generate billing records
  • To send activity updates, attendance notifications, and messages between staff and families
  • To verify identity at kiosk check-in/check-out stations
  • To support childcare providers in meeting state licensing and compliance requirements
  • To respond to support requests

We do not sell personal information to third parties. We do not use children's data for advertising purposes.

5. FERPA Notice

Childcare providers that receive Florida VPK funding or other state/federal education funding may be subject to the Family Educational Rights and Privacy Act (FERPA). In those cases, TrulyForged acts as a "school official" under FERPA, using education records solely to provide contracted services to the childcare provider. We do not disclose education records to third parties without appropriate authorization.

Families have the right to inspect and request correction of their children's records held by their childcare provider. Please contact your childcare provider directly to exercise these rights.

6. Data Sharing

We share data only as necessary to provide our services:

  • Supabase — database and authentication infrastructure
  • Stripe — tuition payment processing (ACH and credit card) and subscription billing
  • Resend — transactional email delivery
  • Cloudflare — media storage and delivery (activity photos)
  • Expo / Apple / Google — push notification delivery
  • Vercel / Render — application hosting

Each sub-processor is contractually bound to protect data and use it only to provide their services to us.

7. Data Retention

We retain personal data for as long as the childcare provider's account is active. Upon account termination or a guardian's written request:

  • Children's personally identifiable information is removed within 30 days
  • Financial records are retained for 7 years as required by Florida law
  • Education records for VPK-funded providers are retained for 5 years post-disenrollment per Florida DOE requirements

8. Security

We use industry-standard measures to protect your data, including encryption in transit (TLS), hashed password storage, row-level security on our database, and multi-factor authentication for administrative access. Guardian check-in PINs are never stored in plain text and are never visible to childcare administrators.

9. Children's Privacy (COPPA)

TrulyForged's apps are not directed at children under 13. Our Guardian and Classroom apps are designed exclusively for adults (parents, guardians, and childcare staff). Information about enrolled children is provided by their parent or guardian and is used solely to operate the childcare management service.

10. Your Rights

You may contact us to:

  • Request access to personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Opt out of non-essential communications

Email us at consult@trulyforged.com with your request. We will respond within 30 days.

11. Changes to This Policy

We may update this policy from time to time. We will notify active users of material changes by email or via an in-app notice. Continued use of TrulyForged after changes take effect constitutes acceptance of the updated policy.

12. Contact

Truly Forged LLC
Florida, United States
consult@trulyforged.com