Cocovox uses carefully selected third-party service providers ("subprocessors") to deliver our educational platform. This page provides complete transparency about who processes student data, why, and how it's protected.
Subprocessors are third-party companies that process data on behalf of Cocovox to provide specific services. We carefully vet all subprocessors to ensure they meet our strict privacy and security standards, especially for children's data under COPPA and FERPA.
This table is generated from the repo-managed processor registry used for diligence and public disclosures.
| Processor | Purpose | Data sent | Retention | DPA status |
|---|---|---|---|---|
| Anthropic | Primary conversational AI for tutoring, explanations, and adaptive responses | Learner prompts, model instructions, and structured learning context. Direct identifiers are reduced where the application flow allows, but message content can still contain learner-provided information. | API processing via Cocovox backend; investor-facing DPA status tracked in repo metadata, not in this public page. | Tracked outside the repo |
| OpenAI | Fallback transcription and alternative model processing | Fallback transcription can temporarily handle raw audio server-side before submission. Some flows also send conversation text and structured context. | Temporary server-side files may exist during fallback processing; derived transcripts can persist in Cocovox records after raw audio is removed. | Tracked outside the repo |
| ElevenLabs | Speech-to-text and text-to-speech processing | Voice flows can send raw audio for speech processing and text for voice synthesis. Cocovox may persist transcripts and derived note artifacts even when raw audio is not intentionally retained. | Raw audio is intended to be ephemeral in Cocovox processing paths, but transcript and note artifacts can persist under the account retention rules. | Tracked outside the repo |
| DigitalOcean | Application, database, and storage hosting | Primary platform hosting for stored learner and parent data. | Data persists according to Cocovox retention rules until deleted or aged out. | Tracked outside the repo |
| SendGrid | Transactional email delivery for verification and parent notices | Parent, teacher, and account-holder contact details plus message content needed to deliver notices. | Delivery logs retained under provider settings and Cocovox operational needs. | Tracked outside the repo |
| Stripe | Credit-card verification for verifiable parental consent | Parent verification requests use Stripe payment method details for low-value authorization and identity verification. | Verification artifacts retained according to Cocovox audit needs and Stripe account settings. | Tracked outside the repo |
| Google OAuth | Optional sign-in and identity federation | Only account identity fields needed for optional OAuth login. | Identity data persists with the Cocovox account until deleted. | Tracked outside the repo |
These companies power our AI tutoring features:
| Purpose | Primary conversational AI for tutoring interactions |
| Data Shared | User messages, prompts, and chat context |
| Data Retention | Zero data retention - processed and immediately deleted |
| Location | United States |
| Designed for COPPA | Yes (with parental consent for under 13) |
| Privacy Policy | anthropic.com/privacy |
| Purpose | Alternative AI model and speech-to-text transcription (Whisper API) |
| Data Shared | User messages, audio recordings (when voice features are used) |
| Data Retention | Zero data retention - API calls opted out of training |
| Location | United States |
| Designed for COPPA | Yes (with parental consent for under 13) |
| Privacy Policy | openai.com/privacy |
| Purpose | Text-to-speech voice synthesis for audio responses |
| Data Shared | Text responses to be converted to audio |
| Data Retention | Processed in real-time, no persistent storage |
| Location | United States |
| Children's Data | Not used for children under 13 without explicit parental consent |
| Privacy Policy | elevenlabs.io/privacy |
Services that host and secure our platform:
| Purpose | Cloud infrastructure hosting for application servers and database |
| Data Stored | All user data, including accounts, messages, and learning progress |
| Location | United States (configurable by region) |
| Security | SOC 2 Type II certified, encrypted at rest and in transit |
| Privacy Policy | digitalocean.com/legal/privacy-policy |
Optional third-party login providers:
| Purpose | Optional "Sign in with Google" authentication |
| Data Shared | Email address, name, profile picture (if you choose to use Google sign-in) |
| Location | United States |
| Note | This is entirely optional - users can create accounts with email/password instead |
| Privacy Policy | policies.google.com/privacy |
Services used for transactional email delivery:
| Purpose | Transactional email delivery for account verification, parental consent requests, and notifications |
| Data Shared | Email addresses, recipient names (within email content) |
| Data Retention | Email logs retained for 30 days per Twilio's data retention policy |
| Location | United States |
| Designed for COPPA | Yes - processes parent email addresses for COPPA consent verification only |
| Privacy Policy | twilio.com/legal/privacy |
For transparency, here are common third-party services we explicitly do not use:
We will update this page whenever we add, remove, or change subprocessors. Significant changes will be communicated via email to account holders.
If you have questions about our subprocessors or data processing, please contact us at support@cocovox.ai