ProudMe
Privacy Policy for ProudMe
Effective date: May 15, 2026
Last updated: May 25, 2026
For app version: ProudMe iOS v1.0
Aligned with Apple App Store Review Guidelines 5.1.1 and 5.1.2, the Children's Online Privacy Protection Act (COPPA) 16 CFR Part 312, and standard practice for U.S. academic research apps that serve minors. ProudMe is a lab-based research project operated directly by the LSU Pedagogical Kinesiology Lab; the Family Educational Rights and Privacy Act (FERPA) does not strictly apply because the lab is not an educational agency and the project is not run through any child's school (see Section 7). IRB approval is in place under protocol IRBAM-25-0015 (LSU, initial approval 2025-02-05; continuation 2026-02-04 with 45 CFR 46 "no longer requires continuing review" status).
1. Introduction
This Privacy Policy explains how Project ProudMe ("ProudMe", "we", "us", or "our") collects, uses, shares, and protects information when you use the ProudMe mobile application (the "App"). ProudMe is a research project of the Pedagogical Kinesiology Lab at Louisiana State University ("LSU"), led by Dr. Senlin Chen.
ProudMe is provided for use by children ages 7 to 11 (elementary-school-age, grades 2 through 6) participating in an LSU research study on childhood obesity prevention and health behavior tracking. Use of the App is voluntary and is conducted under written parental or guardian consent obtained directly through the LSU Pedagogical Kinesiology Lab, in accordance with the IRB-approved enrollment process. ProudMe is a lab-based research project; enrollment does not require involvement from the child's school.
By creating an account or using the App, you acknowledge that you have read this Privacy Policy. Because every user of the App is under 13 years old, a parent or legal guardian must review this Privacy Policy and provide consent on the child's behalf in accordance with the school's enrollment process.
If you have any questions about this Privacy Policy or about how we handle your information, please contact us at pklab@lsu.edu.
2. Who we are
ProudMe is operated by the Pedagogical Kinesiology Lab in the School of Kinesiology at Louisiana State University.
- Principal Investigator: Dr. Senlin Chen
- PI phone: 225-578-7995 (M-F 8:00 a.m. to 4:30 p.m. Central)
- Performance site: Louisiana State University and Agricultural and Mechanical College
- Mailing address: School of Kinesiology, LSU, Baton Rouge, LA 70803
- Email: pklab@lsu.edu
- IRB protocol number: IRBAM-25-0015 (LSU Proposal AM241163), study title "Preventing Childhood Obesity through Artificial Intelligence-Assisted Behavioral Counseling". Initial IRB approval 2025-02-05; continuation 2026-02-04. Per 45 CFR 46, the study no longer requires continuing review.
LSU is the data controller for all personal information collected through the App. Day-to-day data processing is performed by the LSU research team and a small set of vendors listed in Section 5.
3. Information we collect
The App collects only the information necessary to operate the research study and the in-app features. We do not collect or use any information for advertising, profiling, or commercial purposes outside the LSU research study.
3.1 Information you provide when you create an account
When you sign up, you provide:
| Category | Specific data |
|---|---|
| Identifiers | Username, email address |
| Personal information | First name, last name |
| Demographic / contextual | School name, grade level (2nd to 6th) — informational fields about the child, not shared with the child's school |
| Demographic information | Birth month, birth year, gender |
| Authentication | A password you choose (stored as a one-way bcrypt hash; the plaintext is never stored) |
3.2 Information you provide when you use the App
When you use the App's journal and goal-setting features, you provide:
- Daily behavior values (minutes of activity, hours of screen time, servings of fruits and vegetables, hours of sleep).
- Goal values for each behavior.
- Free-text reflections you write about each behavior.
- Chat messages you send to Pebble, the in-App AI health buddy.
- Voice input you speak to Pebble when you use the optional Voice mode. Your voice is converted to text on your device using Apple's native speech-recognition framework; only the resulting text, never the audio recording, is sent to our servers and to OpenAI.
3.3 Information generated by the App about you
While you use the App, we generate:
- An internal account identifier used to associate records with your account.
- AI-generated feedback on your reflections, produced by OpenAI's models (see Section 5).
- AI-generated chat replies from Pebble, also produced by OpenAI's models (see Section 5).
- Content-safety metadata. When the App's automated classifier flags one of your messages or one of Pebble's replies as potentially inappropriate, we record the flag category, the action taken (e.g. "redirected to crisis resources"), and a timestamp, but not the flagged text itself. This metadata helps the LSU research team monitor for safety events and respond to incidents. See Section 8 for retention.
- Standard server-side request logs (IP address, request path, response status, timestamp) retained for 30 days for security, abuse prevention, and operational troubleshooting.
3.4 Information we do not collect
To make this explicit:
- We do not access your device's contacts, photos, camera, location, or health data store.
- We do not record or transmit your voice audio. When you use Voice mode, your speech is processed entirely on your device by Apple's speech-recognition framework; only the resulting text is sent to our server. We do not store the audio.
- We use the microphone only while you are actively in Voice mode and only to capture speech that you intend to send to Pebble.
- We do not collect device advertising identifiers (IDFA / GAID).
- We do not embed third-party advertising or analytics SDKs.
- We do not request or collect financial information, government identifiers, or biometric data.
- We do not track you across other apps or websites.
- We do not collect browsing history or search history outside the App.
4. How we use your information
We use your information for the following purposes only:
- To operate the App's features: display your journal, save and load goals and behaviors, generate AI feedback on reflections, power the Pebble chat (text and voice), send daily reminders if you opt in, and produce daily and weekly progress reports.
- To maintain your account: verify your email address during sign-up, allow you to log in, allow you to recover access to your account, and let you permanently delete your account.
- To conduct the LSU research study: analyze de-identified or aggregated data to evaluate the effectiveness of the ProudMe intervention, in accordance with the IRB-approved research protocol.
- To keep the App secure and safe: detect and respond to abuse, fraud, or unauthorized access using server-side logs and rate limits; run an automated content-safety classifier on the messages you send to Pebble and on Pebble's replies, so that messages flagged for self-harm content trigger a redirect to crisis resources rather than a normal AI reply.
- To meet legal obligations: retain records as required by applicable U.S. federal and Louisiana state law and the applicable LSU records retention schedule.
We do not use your information for advertising, marketing to you about non-LSU products, or sale to any third party.
5. Who we share your information with
We share information only with the limited set of vendors needed to operate the App and the research study, and with the LSU research team. Each vendor is bound by a written Data Processing Agreement that requires them to use the data only to provide their service to ProudMe and to maintain appropriate safeguards.
| Vendor | What they do | What data they receive |
|---|---|---|
| MongoDB Atlas (MongoDB, Inc.) | Hosts the ProudMe database. | All account data, behavior data, reflections, AI feedback, chat messages, and content-safety metadata. Encrypted at rest and in transit. |
| Render (Render Services, Inc.) | Hosts the ProudMe backend server. | Receives requests in transit; does not retain application data. |
| OpenAI (OpenAI, L.L.C.) | (a) Generates AI feedback on the reflections you write in your journal. (b) Generates Pebble's replies in chat (text and voice mode). (c) Runs an automated content-safety classifier on chat messages and replies. | For (a) and (b): the text of your reflection or chat message and a short system prompt; no name, email, school, or other identifier is sent. For (c): the text being classified is sent to OpenAI's moderation endpoint, which returns a list of flagged categories. OpenAI uses these inputs only to monitor for API abuse, not to train models. OpenAI retains API inputs for up to 30 days under a service-provider relationship governed by OpenAI's API data usage policy and 16 CFR Part 312.8. The LSU lab has requested Zero Data Retention from OpenAI; updates to this paragraph will follow if the status changes. |
| SendGrid (Twilio Inc.) | Sends one-time email verification codes during sign-up. | Email address, the verification code, and a short body template. |
| Apple, Inc. (on-device, iOS only) | Provides on-device speech recognition (Speech framework) and text-to-speech (AVSpeechSynthesizer) for Voice mode. | Your voice is processed by the on-device speech-recognition framework. The resulting text stays on your device until you choose to send it to Pebble. Apple's framework may, at Apple's discretion and according to Apple's privacy policy, route a small portion of speech to Apple's servers when an on-device model is unavailable; we have no visibility into that and do not receive any audio. |
We share aggregated, de-identified data, for example, average minutes of activity per grade level, with the LSU research team and, in some cases, with academic publishers as part of peer-reviewed research output. Aggregated and de-identified data does not, on its own or in combination with other reasonably available information, identify any individual user.
We do not sell your information and we do not share your information with advertisers or data brokers.
We may disclose information when required to do so by law (for example, in response to a valid court order or subpoena) or when necessary to protect the rights, safety, or property of LSU, our users, or the public.
6. Children's privacy and COPPA
ProudMe is intended for children ages 7 to 11 (elementary-school-age, grades 2 through 6). Every user of the App is under 13 years old, so the Children's Online Privacy Protection Act (COPPA) applies to every user without exception.
COPPA requires verifiable parental consent before personal information is collected from a child under 13. Parental and guardian consent for ProudMe is obtained on paper directly through the LSU Pedagogical Kinesiology Lab as part of the IRB-approved enrollment process. Parents or guardians sign the consent form with the LSU research team before any account credential is issued. The IRB approved this paper-based, lab-administered consent mechanism as part of IRBAM-25-0015 (initial approval 2025-02-05). LSU Office of General Counsel will issue a separate written confirmation that the paper-consent form, as approved by the LSU IRB, satisfies 16 CFR § 312.5; the IRB approval letter is the operating basis in the interim.
If you believe a child has used the App without proper parental consent, contact us at pklab@lsu.edu and we will:
- Suspend the account.
- Confirm the consent status with the LSU Pedagogical Kinesiology Lab.
- If proper consent cannot be confirmed, delete the account and all associated data.
We do not knowingly retain information from any user for whom verifiable parental consent has not been obtained.
IRB-approved research study (separate from App usage)
A subset of users enrolled in the LSU Pedagogical Kinesiology Lab study may also be enrolled in an IRB-approved research study (IRBAM-25-0015, "Preventing Childhood Obesity through Artificial Intelligence-Assisted Behavioral Counseling"). The research study enrolls children ages 11 to 13 and requires its own separate parental consent and child assent, administered on paper at the LSU PK Lab and not through the App. App usage by itself does not enroll a child in the study; study enrollment is a separate process coordinated directly by Dr. Chen's lab. Children who use the App but are not enrolled in the study experience the same App with no additional data collection beyond what this Privacy Policy describes. The App itself is built for children ages 7 to 11; the small age overlap (11-year-olds) is where the two populations meet. The research study uses three assessment timepoints (pre-spring-break, pre-summer-camp, post-summer-camp) and additional in-person camp activities at the LSU campus, none of which are conducted through the App or through participating schools.
7. FERPA (Family Educational Rights and Privacy Act)
ProudMe is a lab-based research project operated directly by the LSU Pedagogical Kinesiology Lab. Enrollment and consent are handled between the LSU research team and each family; the project is not run through any child's school and does not act as a school official for any educational agency. FERPA (34 CFR Part 99) applies to education records maintained by an educational agency or institution about its students; it does not extend to the lab in this context. We collect a child's school name and grade level only as informational demographic fields about the child, never as education records sourced from a school, never shared back to the child's school, and never used to make a determination on the child's behalf at school. We voluntarily align with FERPA's data-minimization and recordkeeping principles where they sensibly apply to research data about minors.
8. Data retention
- Account information (name, email, school, grade, gender, birth month/year, password hash) is retained while your account is active.
- Behavior, goal, and reflection data is retained while your account is active and for the duration of the LSU research study, after which it is either deleted or fully de-identified for long-term research archiving in accordance with the LSU records retention schedule.
- AI feedback responses generated by OpenAI on your reflections are retained alongside the reflection that produced them.
- Pebble chat messages (your messages and Pebble's replies, in both text and voice mode) are retained for 30 days in our database. After 30 days the database automatically deletes them. This window matches OpenAI's own 30-day retention policy for API inputs, so a single answer to "how long is my chat kept?" applies on both sides.
- Voice audio is not retained. When you use Voice mode, audio is processed on your device by Apple's speech-recognition framework and is never stored by ProudMe or transmitted to our servers.
- Content-safety metadata generated by our automated classifier (the flag category, the action taken, a timestamp, not the flagged message text) is retained for up to 1 year so the LSU research team can monitor for safety events. The flagged text itself is not stored beyond the standard 30-day chat window described above.
- Server logs (IP address, request path, response status) are retained for 30 days and then automatically deleted.
- Email verification codes are stored as a one-way hash and expire shortly after issuance.
- Revoked authentication tokens are retained until the underlying token would have expired (24 hours) and then automatically deleted.
When you delete your account (Section 9), all of the above, including chat messages and content-safety metadata, are permanently removed from the live database within 24 hours. De-identified, aggregated research outputs (for example, statistical summaries published in academic papers) cannot be recalled, but those outputs do not contain information that identifies you.
9. Your rights and choices
9.1 Access and correction
You can review and update most of your account information at any time from inside the App. To request a copy of all data we hold about you, email pklab@lsu.edu with the subject "Data access request." We will respond within 30 days.
9.2 Account deletion
You can permanently delete your account and all associated data at any time:
Settings → Delete Account → confirm
After confirmation, your account, your behaviors, your goals, your reflections, and your AI feedback responses are permanently removed from the live database within 24 hours. This action cannot be undone.
You may also request deletion by emailing pklab@lsu.edu with the subject "Delete my account."
9.3 Notification preferences
If you have opted in to daily reminders, you can turn them off at any time from Settings → Daily Reminders.
9.4 Withdrawing from the research study
Use of ProudMe is part of an IRB-approved research study (IRBAM-25-0015). You may withdraw from the study at any time by deleting your account or by contacting the LSU research team at pklab@lsu.edu. Withdrawal will not affect your child's relationship with their school or your family's standing in the community.
9.5 California residents (CCPA)
If you or your child reside in California, you have the same access, correction, and deletion rights described in Sections 9.1 and 9.2 under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). You also have the right to know what personal information is collected (described in Section 3), to know whether personal information is sold or shared (we do not sell or share personal information for advertising; see Section 5), and to non-discrimination for exercising these rights. To exercise any of these rights, email pklab@lsu.edu with the subject "CCPA request" and we will respond within 45 days as required by California law.
10. Data security
We use a combination of platform-level and application-level controls to protect your information:
- All network traffic between the App and the ProudMe server is encrypted using HTTPS.
- Passwords are stored as bcrypt hashes; we never store the plaintext password.
- Email verification codes are stored as bcrypt hashes; the plaintext code is never written to disk.
- Authentication tokens and Pebble chat content are stored on your device using the platform's secure storage (Apple Keychain on iOS, EncryptedSharedPreferences on Android), not in general-purpose preferences.
- Authentication tokens expire 24 hours after issuance and can be revoked server-side on logout. Logging out of the App also clears the locally cached chat content.
- Application traffic is rate-limited to mitigate brute-force attempts on login, email verification, and AI feedback endpoints, and to bound the volume of chat messages a single account can send per hour.
- Pebble chat is filtered by an automated content-safety classifier in two directions: messages you send are screened before they reach the AI model, and the AI model's replies are screened before they reach you. Messages flagged as crisis-related (for example, mentions of self-harm) are short-circuited to a response that points you to crisis resources rather than a generic AI reply.
- Database access is restricted to the LSU research team and authorized service accounts, with credentials rotated periodically.
No system can guarantee perfect security. If we discover a breach affecting your information, we will notify you and the appropriate authorities as required by applicable U.S. and Louisiana law.
11. International users
ProudMe is operated from the United States and is intended for users located in Louisiana and other U.S. states participating in the LSU research study. If you access the App from outside the United States, you understand that your information will be processed and stored on servers located in the United States, where data protection laws may differ from those of your country.
12. Changes to this Privacy Policy
If we change this Privacy Policy in a material way, we will update the "Last updated" date at the top of the policy and, if appropriate, notify you through the App or by email. Continued use of the App after a change indicates your acceptance of the updated policy. If a change requires fresh parental or guardian consent under COPPA, we will obtain that consent before applying the change.
13. Contact us
For any question, request, or concern about this Privacy Policy or your information, contact:
Project ProudMe, Pedagogical Kinesiology Lab
Louisiana State University
School of Kinesiology, LSU, Baton Rouge, LA 70803
Email: pklab@lsu.edu
PI phone: 225-578-7995 (Dr. Senlin Chen, M-F 8:00 a.m. to 4:30 p.m. Central)
For App-specific support questions, you can also use Settings → Contact Us inside the App.
For questions about your rights as a research participant or any other research-subject concerns, contact the LSU Institutional Review Board:
Alex Cohen, Chair, LSU Institutional Review Board← Back to ProudMe
Email: irb@lsu.edu
Phone: 225-578-8692
Web: www.lsu.edu/research