1. Introduction

Super Epic Group ("we," "us," or "our") operates Super Epic Goals (www.superepicgoals.com), a platform that helps children and their families create goals, reward their efforts, and celebrate their achievements.

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our service. By using Super Epic Goals, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

We collect the following personal information when you create an account:

• Your name
• Your email address
• Your child's name
• Your child's month and year of birth

2.2 Google Sign-In Information

When you choose to sign in using Google through NextAuth, we may collect:

• Your Google account name
• Your Google profile information as permitted by your Google account settings

2.3 Goal and Activity Data

We collect information about:

• Goals created for your child (including any conditions/goals selected from AI-generated suggestions)
• Progress tracking data
• Achievement records
• Usage patterns within the application

2.4 Goal Wizard (AI) Input Data

When you use our Goal Wizard feature, we temporarily process:

• Your child's gender (not stored in your profile)
• Conditions or goal types you specify
• Short-term or long-term goal preferences
• Your child's age (derived from birth month/year in your profile)

This information is used solely to generate age-appropriate goal suggestions through our AI system.

2.5 Technical Information

We may collect technical information including:

• Device information (we may collect this in the future)
• Browser type and version
• Usage analytics and performance data

2.6 Cookies and Similar Technologies

We use cookies to:

• Maintain your user preferences (such as text size and confetti settings)
• Keep you signed in to your account
• Improve your user experience

3. How We Use Your Information

3.1 Primary Purposes

We use your personal information to:

• Provide and maintain our service
• Create and manage your family's account
• Track your child's goals and progress
• Generate age-appropriate goal suggestions through our AI-powered Goal Wizard
• Customize the experience for your family
• Communicate with you about your account and our service

3.2 Aggregated Data Analysis

We use goal data in aggregated, de-identified form to:

• Understand which types of goals are most commonly "social proofed"
• Create a database of effective goal types that can benefit other families
• Improve our service and develop new features

Important: This aggregated data cannot be used to identify specific users or families.

3.3 Service Improvement

We may use your information to:

• Analyze usage patterns to improve our platform
• Develop new features and functionality
• Ensure technical functionality and security

3.4 Artificial Intelligence (Goal Wizard)

Our Goal Wizard feature uses artificial intelligence (currently Google's Gemini Flash 2.0, though this may change in the future) to generate personalized goal suggestions. This process:

• Combines your input (child's gender, desired conditions/goals, time preference) with your child's age
• Sends this information to our AI service provider to generate age-appropriate goal suggestions
• Does not store gender information in your profile
• Only stores condition/goal information if you choose to select and save an AI-generated goal
• Gives you complete control over which suggestions to accept, modify, or discard

The AI processing occurs in real-time through our third-party AI provider, and you retain full control over what information becomes part of your child's permanent goal record. We may change AI service providers in the future to improve our service.

4. Information Sharing and Disclosure

4.1 No Third-Party Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties for their marketing or commercial purposes.

4.2 Service Providers

We may share your information with trusted service providers who assist us in operating our platform, including:

• MongoDB (database hosting with encryption at rest and in transit)
• Vercel (application hosting with encryption at rest and in transit)
• NextAuth (authentication services)
• Google (when you choose to use Google Sign-In, and for AI services through Gemini Flash 2.0 for our Goal Wizard feature)

These providers are contractually obligated to keep your information secure and use it only for the services they provide to us. For our Goal Wizard feature, Google's AI processes your input data (child's gender, conditions/goals, time preferences, and age) to generate personalized suggestions, but this data is not stored by Google for model training purposes.

4.3 Legal Requirements

We may disclose your information if required by law or if we believe such action is necessary to:

• Comply with legal obligations
• Protect and defend our rights or property
• Protect the safety of our users or the public
• Prevent or investigate possible wrongdoing

5. Data Security

5.1 Encryption

All data is encrypted both at rest and in transit through our hosting providers (MongoDB and Vercel).

5.2 Access Controls

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

5.3 Regular Reviews

We regularly review our security practices and update them as necessary to maintain the highest level of protection.

6. Data Retention

We retain your personal information:

• For as long as your account remains active
• Until you request deletion of your data
• As required by applicable law

When you request data deletion, we will remove your personal information while maintaining your user ID to preserve system functionality and prevent service disruptions.

7. Your Rights and Choices

7.1 Access and Correction

You have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or incomplete information
• Update your account information at any time

7.2 Data Deletion

You can request deletion of your personal data through your account settings. Please note:

• Your user account will remain to maintain system functionality
• Your personal information will be removed
• This action cannot be undone

7.3 Cookie Management

You can control cookies through your browser settings, though this may affect your experience on our platform.

8. Children's Privacy

Super Epic Goals is designed for parents and families to use with their children. While we collect information about children (name, birth month/year), this information is:

• Collected with parental consent through the parent's account
• Used only to provide our goal-tracking service
• Protected with the same security measures as all user data
• Never shared with third parties

Parents have full control over their child's information and can request its deletion at any time.

9. International Data Transfers

9.1 Data Location

Our servers are currently located in Australia.

9.2 International Users

If you access our service from outside Australia (including from the United States), your information may be transferred to and processed in Australia. By using our service, you consent to this transfer.

9.3 Data Protection

We ensure that any international data transfers comply with applicable privacy laws and maintain appropriate safeguards for your personal information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

• We will post the new Privacy Policy on this page
• We will update the "Last Updated" date
• For significant changes, we may notify you via email or through our service

Your continued use of Super Epic Goals after any changes constitutes acceptance of the updated Privacy Policy.

11. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For privacy-related inquiries, please include "Privacy Policy" in your email subject line.

12. Australian Privacy Law Compliance

This Privacy Policy is designed to comply with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). If you believe we have breached your privacy rights, you may lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC).