Age Assurance Mechanism

1. The School-Operator Model

KairosED™ operates under the school-operator exception established by COPPA (15 U.S.C. § 6501 et seq.) and the FTC's implementing regulations (16 CFR Part 312). Under this model, the school district — acting as the educational institution — assumes responsibility for obtaining any required verifiable parental consent before enabling student-facing features for children under 13.

KairosED does not independently collect parental consent because the school district acts in loco parentis when deploying educational technology within its authorized programs. This is a well-established framework used throughout the ed-tech industry and explicitly recognized by the FTC.

2. How Age-Gating Works

KairosED™ does not allow self-registration by students. All student accounts are provisioned exclusively through district-controlled mechanisms:

3. What KairosED Collects About Students

KairosED collects the minimum information necessary to deliver the educational service. For student accounts, this includes:

• Email address (used for authentication only);
• Name (first/last, used for display within the platform);
• Role assignment (STUDENT);
• AI request logs (tool used, timestamp, cryptographic hash of prompt/output — not plaintext content);
• Safety events (if a safety rule is triggered).

KairosED does not collect date of birth, physical address, phone number, or any other information that would constitute personal information beyond what is necessary for the educational purpose.

4. District Responsibilities

Under the school-operator COPPA framework, the District is responsible for:

• Obtaining any required verifiable parental consent before enabling student-facing AI tools for children under 13;
• Ensuring student accounts are provisioned only for enrolled students;
• Promptly deprovisioning accounts for students who withdraw or whose parents have revoked consent;
• Complying with applicable state student privacy laws in addition to federal COPPA requirements.

5. Optional Parental Attestation Workflow

For districts that require additional documentation of the age-assurance process — for example, to satisfy a state-specific student privacy law or DPA requirement — KairosED supports the following attestation workflow:

1. The district collects written parental consent using their standard consent form, referencing KairosED™ as an approved educational technology vendor;
2. The district retains consent records per their records retention policy;
3. The district enables student tools in KairosED after completing their consent collection process;
4. KairosED can provide districts with a template consent disclosure language upon request at privacy@kairosed.ai.

6. Parent Rights Under COPPA

Parents and guardians of children under 13 have the following rights under COPPA with respect to KairosED:

• The right to review the personal information collected about their child — contact privacy@kairosed.ai;
• The right to request deletion of their child's personal information — requests are fulfilled within 10 business days;
• The right to opt their child out of continued collection — contact your district administrator, who can deprovision the student's account;
• The right to consent to collection and use without consenting to disclosure to third parties (KairosED does not sell student data).

7. Contact

Questions about age assurance, COPPA compliance, or student data privacy should be directed to: