What is MathCracks and how does it work?

MathCracks is an adaptive math platform for schools and families. It combines the OLA™ (Optimal Learning Architecture) system with artificial intelligence so each student advances at their own pace through 25 progressive levels, writing answers by hand while an AI tutor guides them.

What ages is MathCracks designed for?

MathCracks covers from Pre-K to 11th grade (ages 6-16), aligned to Venezuela's 11-year MPPE education system. The 25 levels range from basic operations to advanced algebra and trigonometry.

Does MathCracks show ads?

No. MathCracks does not display any advertising. It's a safe, distraction-free environment designed specifically for learning.

How does it work for schools?

Schools integrate MathCracks as a complement. Students practice 15-30 min daily outside class. Teachers access a dashboard with real-time data per student: progress, accuracy, alerts and AI analysis. No curriculum changes needed.

What makes MathCracks different from other platforms?

Three unique things: (1) Real handwriting with AI recognition, (2) Complete curriculum aligned to Venezuela's MPPE system, and (3) OLA™ adaptive learning system with progressive thresholds. Plus: AI tutor, full gamification and teacher dashboard.

What devices does it work on?

iPad with Apple Pencil (available), iPhone (available) and Android with stylus (available). The best handwriting experience is with iPad + Apple Pencil.

Privacy Policy

Last updated: March 25, 2026

Effective date: March 25, 2026

1. Introduction

MathCracks ("we", "our" or "the application") is an adaptive math learning educational platform developed by Trawen Technologies S.L. This privacy policy describes how we collect, use, store, share and protect your personal information when you use our mobile applications (iOS and Android), the teacher web portal, the parent portal, and all related services.

MathCracks is designed for students from Preschool through 12th grade (approximate ages 4 to 17). Because our application is directed at children, we comply with the U.S. Children's Online Privacy Protection Act (COPPA), Google Play's Families Policy, Apple App Store Guidelines, the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA/CPRA).

By using MathCracks, you accept the practices described in this policy. If you disagree with any part, we recommend not using the application. For minor users, a parent or legal guardian must review and accept this policy before allowing use of the application.

2. Data We Collect

2.1 Account Information

Email: To create the account and communicate (provided by the school, parent, or guardian)
Student name: To personalize the experience and display in the teacher dashboard
Password: Stored encrypted via Firebase Authentication (we never store plaintext passwords)
Apple ID: If "Sign in with Apple" is used — we only receive an anonymous identifier
Google ID: If "Sign in with Google" is used — we only receive name, email, and a unique identifier

2.2 Academic Progress Data

Completed exercises and answers provided
Scores and accuracy percentage
Time spent on each exercise and session
Student's current level and chapter
Error history, corrections, and learning patterns

2.3 Gamification Data

Virtual coins earned and in-app transactions
Unlocked badges
Consecutive practice day streaks
League positions and rankings (by level, not by age)
Selected avatar

2.4 Writing and Recognition Data

Handwriting strokes (stylus/finger coordinates)
Exercise sheet images (if the camera function is used)
This data is processed exclusively for math answer recognition and is deleted after processing

2.5 Technical Data

Device type and operating system
Application version
Session identifiers (not advertising identifiers)
Error logs for technical diagnostics

2.6 Data We Do NOT Collect

We do not collect location or geolocation data
We do not collect contacts, photos, or files from the device
We do not collect advertising identifiers (IDFA/GAID)
We do not collect data from other apps on the device
We do not collect financial information (payments are processed by Apple/Google)

3. How We Use Your Data

Essential functionality: Authentication, saving progress, generating and personalizing exercises
OLA™ adaptive algorithm: Automatically adjusting difficulty based on student performance
Gamification: Calculating coins, unlocking badges, managing leagues and rankings
Handwriting recognition: Converting handwriting to text to validate math answers
AI analysis: Generating progress reports for teachers and parents (aggregated and anonymized data)
Service communications: Sending weekly digests to teachers and progress notifications to parents (if enabled)
Technical support: Resolving issues and answering inquiries
Service improvement: Analyzing usage patterns in aggregate to improve the platform

4. Legal Basis for Processing

We process personal data under the following legal bases (GDPR Art. 6):

Consent: For minors, parental consent granted when creating the student's account
Contract performance: To provide the educational service contracted by the school or family
Legitimate interest: To improve the platform and prevent fraud or misuse
Legal obligation: To comply with applicable data protection and child privacy laws

5. Third-Party Services

We use the following service providers for platform operation. Each provider is contractually obligated to protect data and use it only for specified purposes:

Firebase (Google)

User authentication and secure credential storage. Firebase is COPPA-compliant and certified for use in child-directed services.

Google Sign-In

If "Sign in with Google" is chosen (available on Android), we receive name, email, and a unique identifier. We do not access any other Google account data.

Apple Sign-In

If "Sign in with Apple" is chosen (available on iOS), we receive an anonymous identifier and, optionally, an email (may be a private Apple relay email).

Mathpix

Optical character recognition (OCR) for mathematical writing. Only math exercise images are sent, without personally identifiable data. Images are deleted after processing.

OpenAI

Generation of academic progress analysis reports using artificial intelligence. Only aggregated performance data (scores, times, patterns) is sent, never personally identifiable student data.

Amazon Web Services (AWS SES)

Transactional email sending service (AWS SES). Used to send digests to teachers and notifications to parents. Emails contain unsubscribe links.

Railway

Server infrastructure where the application backend runs and data is stored securely and encrypted.

Cloudflare

Content delivery network (CDN) and protection for the website and teacher portal. Cloudflare does not access users' personal data.

We do not share personal data with any third party beyond those listed above. All providers comply with industry security standards and are contractually obligated to protect data.

6. Data Sharing and Disclosure

We NEVER sell, rent, or trade personal data of our users, including children.

We only share data in the following limited circumstances:

With the service providers listed in Section 5, exclusively for platform operation
With the student's school and teachers: academic progress data for educational tracking
With the student's parents/guardians: progress and performance reports
Legal obligation: if the law requires us to disclose information (court order, subpoena, or other legal requirement)
Rights protection: to protect the safety of our users or the public when reasonably necessary

7. Advertising

MathCracks does NOT contain advertising of any kind. Ever. No exceptions.

We do not display ads, we do not use advertising SDKs, we do not collect advertising identifiers (IDFA/GAID), and we do not perform tracking for advertising purposes. The platform is funded exclusively through subscriptions contracted by schools. This complies with the strictest requirements of COPPA and Google Play's Families Policy.

8. Data Retention

Account data: While the account is active or the student is enrolled in a school
Academic progress: While the account is active
Gamification data: While the account is active
Exercise images: Deleted within 24 hours after processing
Writing strokes: Deleted within 7 days after processing
Technical logs: 90 days
AI analysis data: Reports are stored while the account is active

When an account is deleted, all associated personal data is permanently erased within a maximum of 30 days. Some data may be retained in anonymized and aggregated form for statistical purposes.

9. Account and Data Deletion

We provide multiple ways to delete your account and all associated data, complying with Google Play and App Store requirements:

9.1 In-App Deletion

Users can delete their account directly from the application:

Profile → Settings → Delete my account → Confirm

9.2 Email Deletion

You can also request account deletion by sending an email to [email protected]. We will process your request within a maximum of 5 business days.

9.3 Data Deleted

When an account is deleted, the following is permanently erased:

Personal information (name, email, credentials)
All academic progress and answers
Gamification data (coins, badges, streaks, league position)
AI analysis reports
Account preferences and settings

9.4 Data Retained After Deletion

Aggregated and anonymized statistical data (with no possibility of identifying the user)
Records required for legal compliance (maximum 90 additional days)

10. Data Security

We implement technical and organizational security measures to protect our users' information:

SSL/TLS encryption in all communications between the app and our servers
Passwords hashed with secure algorithms (bcrypt via Firebase)
JWT authentication tokens with time-based expiration
Restricted database access with rotating credentials
Servers in certified data centers with redundancy
Periodic code security reviews
Principle of least privilege for internal data access

11. International Data Transfers

Data may be processed and stored on servers located outside your country of residence. We currently use infrastructure in:

United States: Railway (backend), Firebase (authentication), OpenAI (AI analysis), AWS (emails)
Global network: Cloudflare (CDN and web protection)

For transfers from the EU/EEA, we rely on Standard Contractual Clauses approved by the European Commission and on the privacy guarantees provided by each provider. All providers maintain industry security certifications.

12. Children's Privacy

MathCracks is designed for students ages 4 to 17 and fully complies with applicable child privacy laws.

12.1 COPPA Compliance (U.S.)

We comply with the Children's Online Privacy Protection Act (COPPA) of the United States. For users under 13 years old:

Verifiable parental consent is obtained through the school (under the COPPA school exception) or directly from the parent/guardian
We only collect the minimum information necessary to provide the educational service
Parents/guardians can review, modify, or request deletion of their children's data at any time
We do not condition the child's participation on collecting more data than necessary
We do not collect data for advertising or marketing purposes

12.2 Google Play Families Policy Compliance

As an app directed at children on Google Play, we comply with Google's Families Policy:

Contains no advertising of any kind
Does not use SDKs or APIs not approved for child-directed services
Does not collect device identifiers for advertising or commercial tracking purposes
Privacy policy is available on the Google Play listing and within the application
All content is appropriate for the target audience
Does not redirect users outside the app without adult supervision

12.3 Parents' and Guardians' Rights

Parents and legal guardians have the following rights:

Review the personal data we have collected from their child
Request correction of inaccurate data
Request complete deletion of their child's account and all data
Withdraw consent and request that we stop collecting their child's data
Receive academic progress reports about their child
Contact us at [email protected] or [email protected] to exercise any of these rights

12.4 Contact for Children's Matters

If you are a parent/guardian and believe your child has provided data without your consent, or if you have any concerns about your child's privacy, contact us immediately at [email protected]. We will investigate and delete any data collected without proper consent within 48 hours of verification.

13. Your Rights (GDPR)

If you are in the European Union or European Economic Area, you have the following rights under the GDPR:

Access: Request a copy of the personal data we hold about you
Rectification: Correct inaccurate or incomplete personal data
Erasure: Request deletion of your personal data ("right to be forgotten")
Portability: Receive your data in a structured, machine-readable format
Objection: Object to the processing of your data in certain circumstances
Restriction: Request that we limit the processing of your data
Withdraw consent: Withdraw your consent at any time without affecting the lawfulness of prior processing

To exercise these rights, you can delete your account directly from the app (Profile → Delete my account) or contact us at [email protected]

14. U.S. State Privacy Rights (CCPA/CPRA)

If you are a resident of California or other U.S. states with privacy laws, you have additional rights:

Right to know what personal data we collect, use, share, or sell
Right to delete your personal data
Right to opt out of the sale of personal data (note: we do not sell data)
Right to non-discrimination for exercising your privacy rights
Right to correct inaccurate personal data

To exercise these rights, contact us at [email protected]. We will not discriminate against any user for exercising their privacy rights.

15. Changes to this Policy

We may update this policy periodically to reflect changes in our practices or applicable legislation. We will notify you of significant changes through a notice in the application, by email, or through updates on the Google Play / App Store listing. The "last updated" date at the beginning indicates when it was last modified. We recommend reviewing this policy periodically.

16. Contact

For questions about this policy, your personal data, or to exercise any of your rights:

Privacy email: [email protected]

Company: Trawen Technologies S.L.

Address: Caracas, Venezuela

Data Protection Officer: [email protected]