Students don’t need accounts
FERPA, COPPA, Ed-Law 2D Compliant
Sometimes, it’s good to be alone
Gimkit Privacy Policy
Last updated: December 25th 2025
Introduction
Thank you for using Gimkit! We created and adhere to this Privacy Policy to ensure Gimkit is the safest place possible for everyone who uses it.
We commit to you that:
We never sell or share your Personal Information.
We do not advertise on Gimkit.
The information we collect is used exclusively for building, improving, and maintaining Gimkit Services.
You own the original content you create on Gimkit.
We encrypt data in motion and at rest and use industry best practices to securely store and transmit your information.
You have the right to view, request, and remove your Personal Information.
This Privacy Policy (“Privacy Policy,” “this Policy,” or “Policy”) constitutes an agreement between you (“user,” “you,” or “your”) and Gimkit (“Gimkit,” “us,” “our,” or “we”). This Policy describes how Gimkit collects, protects, uses, retains, discloses, and deletes information and data created during your access to and use of the Site, Content, and Services.
This Privacy Policy applies only to information collected through the Site and/or Services.
We will notify you inside your Gimkit Account of any material changes to this policy. We recommend you check back regularly to stay up to date.
If you do not agree to this Privacy Policy, please do not use Gimkit.
📧 Contact us anytime:
privacy@gimkit.blog
admin@gimkit.blog
Definitions
Child / Children: Under 13 (US) or under 16 (outside US)
Content: Text, images, videos, links, or any media
Educator: Teacher or educational institution
Student: Anyone under 18 with a Gimkit account
Services: All Gimkit services including games, content storage, and results
Site: www.gimkit.blog and all affiliated subdomains
Account: Logged-in Gimkit user
PII / Personal Information: Information that identifies an individual
Compliance with Privacy Laws
Gimkit complies with major privacy regulations, including:
United States: COPPA, FERPA
California: CCPA, SOPIPA
Illinois: SOPPA
New York: Education Law 2-D
If you are unsure about compliance with your local privacy laws, contact us at privacy@gimkit.blog or admin@gimkit.blog.
Collection of Information
We may collect information as follows:
Information You Provide
Name
Email address
School & subject (Educators)
Purchases
Payments are processed by Stripe. We do not store credit card information.
Site Usage
We collect non-personal usage data for analytics and performance improvement.
Cookies
Cookies are used only for logged-in users. You may disable cookies, but some features may not work properly.
Third-Party Advertising
🚫 No third-party advertising is allowed on Gimkit.
Information We Collect
Educator Accounts
We collect:
First name
Last name
Email address
School
Subject / discipline
Optional (not stored):
Country
Zip code
Student Accounts
Collected only when an account is created:
First name
Last initial
Email address
Students under legal age require parental or educator consent.
Settings can be reviewed at:
👉 https://www.gimkit.blog/settings
Creating Student Accounts
Direct Sign-Up
Allowed for students:
13+ (US)
16+ (outside US)
Classes
Educators can invite students of any age using Class invitation links and provide parental consent.
Use of Your Information
We use information to:
Provide and improve Services
Manage Accounts
Process payments
Communicate updates and alerts
Provide customer support
Enforce Terms of Service
Ensure platform security
Authenticate users
Enable Google & Microsoft SSO
How We Handle Personal Information
We share Personal Information only when necessary, including:
With authorized employees
When legally required
For fraud prevention or security
During business transfers (mergers/acquisitions)
Any acquiring entity must honor this Privacy Policy.
Protection of Your Information
We use industry-standard protections including:
Encryption (in transit & at rest)
SSL / HTTPS
Multi-factor authentication
Firewalls & secure servers
⚠️ No online system is 100% secure.
Third-Party Services
Trusted partners include:
DigitalOcean, AWS, Heroku, MongoDB Atlas
Stripe (payments)
Cloudinary (media storage)
Google Analytics
Mailjet (emails)
These providers must follow privacy standards consistent with ours.
Incident Response Plan
In case of a data breach we will:
Assess severity
Contain the breach
Identify affected data
Notify affected users
Document & prevent future incidents
Retention of Information
Data retained until deleted or after 18 months of inactivity
Backups retained for 30 days after deletion
Account deletion requests:
👉 https://www.gimkit.blog/settings
📧 privacy@gimkit.blog | admin@gimkit.blog
Access & Accuracy
You may:
View
Update
Delete your information
We may deny access if required by law or to protect others’ privacy.
Account Security
Users are responsible for protecting login credentials.
Report suspicious activity immediately to:
📧 privacy@gimkit.blog or admin@gimkit.blog
Children’s Privacy
Children under required age may only use Gimkit via Educator-approved Classes with consent.
Any violation should be reported to:
📧 privacy@gimkit.blog
FERPA & COPPA Compliance
Gimkit complies fully with FERPA & COPPA.
Educators act as agents for parental consent when enrolling students.
California Residents (CCPA Rights)
No sale of Personal Information
Right to access & delete data
No discrimination for exercising rights
Requests:
📧 privacy@gimkit.blog | admin@gimkit.blog
Business Transfers
In case of acquisition or bankruptcy, user data may transfer but will remain protected under this Policy.
Feedback
User feedback may be published after removing Personal Information to help other users.
Questions
If you have questions about this Privacy Policy or your data, contact us at:
\