Privacy Policy

Effective Date: May 5, 2026

Nyro Quest is a mobile application operated by Nyro Dynamics ("we," "us," or "our"), located at 3030 Lincoln Ave #211, Coquitlam, BC V3B 2H6, Canada. This Privacy Policy explains how we collect, use, and protect personal information when you use the Nyro Quest mobile application ("App").

This policy applies to all users of the App, including parents/guardians ("Parents") and children ("Children"). We are committed to complying with the Children's Online Privacy Protection Act (COPPA), the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), and applicable provincial privacy legislation.

1. Information We Collect

From Parents:

• Name
• Email address. Parent email addresses are provided during registration and are not automatically verified at signup. We may ask Parents to verify their email address for account security, account recovery, abuse prevention, or access to certain features.
• Password (stored as a bcrypt hash; we never store or see your actual password)
• Country (optional)
• Timezone (automatically detected)
• Consent record (date and time you agreed to these terms)

From Children (collected with parental consent):

• First name or nickname
• Year of birth (optional, for age-appropriate content)
• Avatar selection
• PIN code (stored as a bcrypt hash)
• Learning activity data: lesson progress, quiz answers, quest completion, XP earned, streak days
• Session data: session start/end times, duration, slides viewed, quizzes answered

Automatically Collected:

• Device type and operating system (via standard HTTP headers)
• App crash reports and performance data (via Sentry, if enabled)

2. How We Use Information

• To provide the App's core functionality: accounts, quests, lessons, progress tracking, and verification
• To allow Parents to monitor and guide their Children's learning
• To send notifications within the App (quest updates, verification results)
• To send password reset emails when requested
• To improve App stability and fix bugs

3. Information Sharing

We do not sell, rent, or trade any personal information. We do not share Children's information with third parties for marketing purposes. Information may be disclosed only:

• To the Parent who created the Child's profile (progress, quiz answers, session data)
• To service providers who help us operate the App (e.g., email delivery, crash reporting), bound by confidentiality obligations
• When required by law or to protect our legal rights

4. Data Storage and Security

Data is stored on secure servers. Passwords and PINs are hashed using bcrypt and cannot be recovered in plaintext. Authentication tokens are encrypted. We use HTTPS for all data transmission. While no system is perfectly secure, we implement industry-standard safeguards to protect your data.

5. Data Retention

We retain account data for as long as the account is active. Parents can request deletion of their account and all associated Children's data at any time by contacting us. Upon account deletion, all personal data is permanently removed from our systems within 30 days.

6. Parental Rights

Parents have the right to:

• Review the personal information we have collected from their Child
• Request deletion of their Child's personal information
• Refuse further collection of their Child's information (by deleting the Child's profile)
• Delete their own account and all associated data

To exercise any of these rights, contact us at info@nyroquest.com.

7. Children's Privacy (COPPA)

We do not knowingly collect personal information from children under 13 without verifiable parental consent. A Parent must create an account and explicitly consent to this Privacy Policy and our Children's Privacy Notice before any Child profile can be created. Children cannot create accounts independently. For more details, see our Children's Privacy Notice.

8. Third-Party Services

The App may use the following third-party services:

• Sentry (crash reporting): Collects anonymous crash and performance data. No personal information is intentionally sent to Sentry.
• PHPMailer / SMTP (email delivery): Used only for password reset emails sent to Parent email addresses.

We do not use advertising networks, social media trackers, or behavioral analytics services.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify Parents via the App or email. Continued use of the App after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights:

• Email: info@nyroquest.com
• Phone: (778) 775-4535
• Address: 3030 Lincoln Ave #211, Coquitlam, BC V3B 2H6, Canada