Privacy Policy

Last updated: February 2026

Overview

HootRated ("we," "our," or "us") is a parent-directed service that helps families find age-appropriate books for their children. This privacy policy explains how we collect, use, and protect your information.

What We Collect

Anonymous Visitors (No Account)

  • Session cookie (hw_sid) — A random ID used to limit AI-powered searches to 5 per day. Expires in 24 hours. Contains no personal information.
  • Search queries — We log search terms anonymously to improve our service. Not linked to any identity.
  • Standard web analytics — Page views, referrer, browser type (via Vercel Analytics). No cookies for analytics.

Registered Users (Phase 2 — Coming Soon)

  • Parent email — Required for account creation and optional newsletter
  • Display name — Optional, for your dashboard
  • Child first name — For your dashboard ("Emma's Reading List"). First name only.
  • Child birth year — For age-based recommendations. Year only, not full date of birth.
  • Child reading preferences — Grade level, interests, and content sensitivities you set
  • Reading history — Books you mark as read, ratings you provide
  • Custom book lists — Lists you create and optionally share

What We Do NOT Collect

  • Child's full name, date of birth, email, photo, or any identifying information beyond first name and birth year
  • Location data beyond country (for legal compliance)
  • Financial information (payments handled by third parties if applicable)
  • Social media profiles or contacts

How We Use Your Data

  • Personalized recommendations — Your child's profile (age, grade, interests) helps us suggest better books
  • Newsletter — If you opt in, we send grade-segmented book picks using your child's reading grade
  • Service improvement — Anonymous, aggregated data helps us identify popular books and improve ratings
  • AI-powered search — When using our "Discover" search, your query is sent to OpenAI for natural language processing. We send the query only — no personal data.

Third-Party Services

Service Purpose Data Shared
SupabaseDatabase & authenticationAccount data (encrypted at rest)
VercelHosting & analyticsPage views (no cookies)
OpenAIAI search re-rankingSearch queries only (anonymized)
ButtondownNewsletter deliveryEmail + grade tags (if subscribed)
AmazonAffiliate linksNone from us (standard Amazon cookies)

Children's Privacy (COPPA)

HootRated is a parent-directed service. Parents create accounts and manage their children's profiles. Children never interact with HootRated directly.

  • We require age verification at signup: "I confirm I am 13 or older, or a parent/guardian"
  • Child data is minimal: first name + birth year only
  • Child data is never shared with third parties except as anonymized aggregates
  • Parents can export or delete all data at any time

Your Rights

  • Access — Download all your data from your dashboard settings
  • Deletion — Delete your account and all associated data permanently
  • Correction — Update any information in your dashboard
  • Opt-out — Unsubscribe from newsletters at any time

Data Retention

  • Account data: retained until you delete your account
  • Search logs: anonymized after 90 days
  • Session cookies: expire after 24 hours

Contact

For privacy questions or data requests, contact us at privacy@hootrated.com.