Welcome to Ello!
Ello Technology, Inc. (“Ello”, “we” or “us”) is committed to protecting your privacy. This Privacy Policy (“policy”) describes how we collect, store, use and distribute your personal information when you use our software, website, documentation, and related services (together, the “Services”).
This policy also provides an easy to understand description of your data protection rights and how to exercise them. It applies to all our services including our website and mobile application.
Capitalized terms not defined in this policy have the meanings set forth in our Terms of Service which can be found at www.ello.com/terms.
What we do
- We use the latest security best practices to keep all user data safe.
- We collect, use, share and retain your personal information solely for the purposes outlined in this policy. We will seek your consent for any additional use not listed in this policy.
- With your permission, we collect audio recordings of your child to improve Ello’s functionality. We aim to limit data collection to what is strictly necessary for providing and improving Ello’s services.
- We comply with applicable laws and regulations, including the Children’s Online Privacy Protection Act (“COPPA”) and data protection legislation in countries of use.
- We will notify you if material changes are made to this policy.
What we don't do
- We do not sell your or your child’s personal information to third parties.
- We do not advertise third-party products to children on Ello or display targeted advertisements within our services, nor do we track users of our application or use any tracking technologies for advertising purposes within the app.
- No child data is collected in-app by third parties for their own purposes and no data is shared with third parties for external research purposes.
- We do not obtain any personal information from third parties. We do not create user profiles for personalized advertising.
1. Intended use
Ello is primarily designed for and used by children under 13 years of age and parents assisting their children. It is primarily marketed to parents and schools for preschool and K-12 purposes. Managed accounts for parents or teachers are not available at this time.
Ello does not contract with schools or educational authorities, does not contract with a Local Educational Agency and does not designate itself as a ‘School Official’ under the Family Educational Rights and Privacy Act (FERPA). No responsibility or liability for obtaining verified parental information is transferred to schools or districts. Educational records are not entered into the product.
Ello does not allow social interactions on its product at this time. Users cannot interact with other platform users and no profile information of user created content is displayed publicly. As such, California’s Privacy Rights for California Minors in the Digital World Act does not apply.
2. Consent
By using the Services and registering for the product, you consent to the use of your and your child’s personal information as described in this policy. Your personal information will not be used for any other purpose without your consent. You may withdraw your consent to our processing of your personal information at any time. Withdrawal will not affect prior lawful processing and may limit access to certain features of the Services. If you have any questions or would like to amend your consent, please email support@ello.com.
Verifiable parental consent covers the collection and use of a child’s information for the provision of the Services, including operating Ello’s AI tutor features, processing by large language models (LLMs), and using audio recordings and interaction data for individual and, where enabled, general service improvement, subject to the parental controls and settings described in this policy.
If you are not of legal age to form a binding contract (in most jurisdictions this is under 18 years of age), we will only process your personal information with verified consent from your parent or legal guardian. We encourage children to review this policy with their parent or legal guardian to fully understand it.
3. Collection of Information
We limit the data we process and collect from users of the application to only what is required to deliver the services.
3.1. What we collect from you
We collect and process the following information:
- your first name,
- your last name,
- your email address,
- your mobile number,
- your Internet Protocol (IP) address,
- your child’s first name, grade, reading level and interests,
- information you provide in forms when signing up, and
- billing information so we can process your payment.
Any personal information combined with non-personally identifiable information will also be treated as personal information. We do anonymize and aggregate some of this personal data into datasets that are not personally identifiable.
Your registration information, together with any other information we gather through the Services that may be used to identify, contact, or locate you individually, are collectively referred to herein as your “Personal Information.”
3.2. What information we collect from your child
Other information we collect as part of providing the service:
- Audio. If a child’s parent or guardian enables the ‘Individual Service Improvement’ and/or ‘General Service Improvement’ settings in the Ello App, we will collect audio recordings of the child while using the Ello App ("Audio Recordings"). This is an optional feature that parents may opt out of at any time by emailing support@ello.com.
- Transcripts from conversations with AI features. This is for AI Safety and customer support purposes. Summaries of these transcripts are stored to customize the child’s learning experience and analyze progress and interests. While we try to limit the personal information collected in conversations with the AI tutor, we cannot guarantee that any logs of interactions will be fully free of personally identifiable information. We therefore treat any such information as if it were personally identifiable information.
3.3. What we don’t collect
- Sensitive Information: Ello does not collect sensitive information such as: Political affiliations, religious beliefs, philosophical beliefs, race or ethnicity, sexual orientation, health data, genetic information, biometric data, criminal history, credit or financial data, trade union and membership information or personal identification (ID) numbers including those of a license, social security, state ID cards or passports.
- Data integration and profiling: Data collected or maintained by Ello is not augmented, extended or combined with data from third-party sources. Neither Ello nor a third party will verify your identity with additional Personal Information.
3.4. Data
You may be able to create, upload, publish, transmit, distribute, display, store or share information, data, text, graphics, video, messages or other materials using our Services (this is collectively referred to below as “Data”). Some of this Data may be stored and maintained on our servers. Some behavioral or activity related data is collected such as interaction with app features, on-site purchases, and frequency and duration of app or website usage.
You cannot interact with other users through our Services at this time, nor can you share data with our users through our Services. As such, no information is shared by a user to participate in interactions on our services. There are no postings or social interactions to moderate, log, filter or block on our Services.
3.5. Usage and Analytics Information
We may also collect information through the use of commonly-used information-gathering tools, such as log files, and Web beacons. Collectively, this information is referred to as “Usage and Analytics Information.”
3.6. Telemetry and observability data
To keep Ello running smoothly and securely, we collect technical information about how our app and systems work behind the scenes. This helps us fix problems quickly, monitor system health, improve performance, keep your data safe, prevent fraud and make your overall experience better. We collect basic device details and session identifiers, app performance data (like loading times), error reports and crash logs, and timing and usage signals about how features are used.
We work with third-party service providers who provide hosting, analytics, and error tracking services. These providers are contractually obligated to only use this data to help maintain and improve Ello’s security and performance, and they follow strict privacy and security rules. This information is never used for advertising and does not include personally identifiable information beyond what is necessary to troubleshoot and improve our Services.
3.7. For our website and non-application services
Certain types of data are collected through our website that are not collected via our software application. We differentiate these types of data to maximize your child’s privacy.
For detail on cookies, web beacons, and similar items, as they pertain to our website, please look at our Website Privacy Policy.
3.8. Ello Classroom Mode
Ello offers a free version of the app called “Ello Classroom Mode” for teachers and librarians. This version of the app differs from the at-home product in two key ways:
- No account-level or child-identifying personal information is collected, stored, or transmitted. Children use Ello freely without accounts or logins.
- No personalization: The classroom version does not offer personalized paths or instruction for an individual child, but rather makes the entire Ello library accessible
Classroom Mode does not use generative AI or LLMs in live operation. There is no chatbot or conversational AI element. The AI is limited purely to speech recognition, used to assess whether a child has correctly read aloud a word and to provide pronunciation support. This works locally in-session and does not persist after the child stops using the tool. The in-app data collected, as outlined in this policy, therefore only applies to the at-home version of the product, not the classroom mode.
4. Children’s information
We comply with applicable laws, including the U.S. COPPA and Kenya’s Data Protection Act, which require special protection for children’s personal information. For more information about COPPA and general tips about protecting Children’s online privacy, please visit OnGuard Online.
Please look at our Children’s Privacy Policy for information about our collection, use, disclosure and parental consent practices for the personal information of children (users under the age of 13 in the US, or the relevant age of digital consent as otherwise defined by applicable laws).
5. How we use your information
We process your personal information for the following purposes:
- To provide and maintain our Sites and Services. This includes creating your account, helping you log in, processing your requests and purchases, and providing customer support.
- To improve and optimize Ello, including to understand how our Sites and Services are being used, track site performance, and make improvements, understand our customer base, and understand the effectiveness of our communications.
- To send administrative information to you. We may use your information to send you information about our products and services that we think you might like, and/or new feature information as part of our marketing efforts. You can opt out of marketing at any time by using the ‘unsubscribe’ link in our emails.
- To request feedback on our Services. We may use your personal information to request feedback and/or to contact you about your use of our Sites. You can opt-out by unsubscribing from our emails.
- To administer competitions and award prizes. If you decide to participate in a prize draw or competition that we set up, we may use your personal information to administer prize draws and competitions. Participation is entirely optional and subject to separate terms
- To respond to any regulatory enquiries and any other purposes as may be determined by a judicial and/or quasi-judicial body.
- To comply with legal process, such as warrants, subpoenas, court order, lawful regulatory or law enforcement requests and to comply with legal requirements regarding the provision of the Services.
Here is an overview of the categories of information we collect and how we use them:
We use details like your name, email, and contact information to:
• Set up and manage your account.
• Maintain our customer/visitor lists.
• Respond to questions and provide support.
• Identify and authenticate identity.
• Service improvement.
We may also use Registration Information for limited marketing purposes, namely, to contact you to further discuss your interest in the Services, and to send you information about us or our partners.
• Provide additional features to your child, such as being able to hear themselves read.
• Improve reading support and make the experience more personalized to enhance your child’s experience.
• Improve our models (“General Service Improvement”).
• Process payments and provide our Services.
• Manage your account.
• Verify financial qualifications of prospective customers and to collect payment for the Services.
Where we contract with third-party payment processors, payment processing will be conducted solely on our behalf, and under strict security and confidentiality.
Note: This section does not apply in some countries where the service might be provided for free.
• Administer and improve our Services.
• We may generate and store ‘learner profile’ information and persistent memories about your child (for example, skills practiced or mastered, interests, and learning preferences) by analyzing transcripts of past interactions, including through batch or asynchronous processing, to personalize future sessions. These memories are used to personalize the child’s experience and are not used to identify your child outside the Services.
• Monitor and analyze use of the Services, for the Services’ technical administration, and to increase the Services’ functionality and user-friendliness. Where possible, we may use this information in a de-identified, anonymous way in conjunction with an analytics service such as Google Analytics.
• Protect and secure our Sites and Services, assets, network, and business operations, and to detect, investigate, and prevent activities that may violate our policies.
• Analyze and understand overall trends.
• Improve functionality of the Services and to provide the Services.
• Track and aggregate non-personal information. For example, we use IP addresses to monitor the regions from which customers and visitors navigate our website.
6. Lawful basis for processing your personal information
We only process your personal information when we have a valid reason to do so under applicable law. This may include:
- performance of our agreement with you for the provision of our Services;
- your consent;
- compliance with legal obligations; and
- our legitimate interests (where these do not override your rights).
7. Who we share your personal information with
We will not disclose or transfer your personal information to third parties without your permission, except as permitted under this policy (see further below) and in accordance with the applicable data protection legislation in the respective jurisdiction of use.
7.1. Law enforcement, legal process, and emergency situations
We may disclose your personal information to third parties if required to do so by law or on the good-faith belief that such action is necessary to:
- conform to applicable law or comply with legal process served on us or our Sites;
- protect and defend our rights, property, or the safety of our Sites and users, provided this does not override your own rights and freedoms as a data subject;
- safeguard personal safety for you, other users, or the public; or
- prevent or investigate fraud, security incidents, or unlawful activities.
If we receive a government or legal request for user information, we will make reasonable efforts to notify affected users promptly, unless doing so is prohibited by law, poses a risk of harm, interferes with (either intentionally or unintentionally) our rights or property, users of the Services, or anyone else, or is impracticable in emergencies where immediate action is required. Notifications may be delivered through email or phone.
7.2. Change of ownership or corporate organization
In the event of a corporate re-organization, merger, acquisition, amalgamation, or sale of all or a substantial portion of assets or stock, including any negotiations and due diligence related to such transactions, your personal information may be transferred to a successor entity. Such transfers will:
- be limited to purposes consistent with this policy, including the continuation of services and compliance with legal obligations; and
- be subject to appropriate safeguards, such as contractual obligations and technical measures to protect your data.
We will provide notice of any change in ownership or corporate organization and, where practicable and legally permissible, offer you the option to request deletion of your data before completion of the transaction, unless retention is required by law.
7.3. Third-party service providers
From time to time, we may engage third-party service providers to help us provide or improve our Services. These providers may access or process your personal information solely for the purpose of performing their contractual obligations. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and they are bound by contractual obligations on confidentiality of such information.
The categories of related third parties with whom we may share data with are:
- Service providers: Entities that provide services for the use and development of Ello, such as hosting, data storage, analytics and IT support.
- Model providers: Ello uses LLMs as part of its AI tutor features. Information provided during interactions with the AI tutor, including conversation transcripts and audio inputs, may be processed by LLMs solely to provide the service, personalize learning experiences, and improve Ello’s educational functionality. Ello does not permit LLM providers to use this information for their own purposes or to train their general-purpose models, except as permitted by law and consistent with this policy.
- Marketing partners: We may contact adult users who have consented to receive marketing communications about Ello and related third-party services. We do not share your data with third parties for their own marketing purposes, however we may feature their products or services in our messages. You can withdraw this consent or opt-out of contextual marketing at any time by contacting support@ello.com or using the ‘unsubscribe’ link in our emails. We never sell child data to third parties or advertise directly to children.
- Payment processors: Entities responsible for processing payments and secure handling of financial transactions.
- Legal and compliance partners: Entities involved in ensuring legal compliance, responding to legal requests, or conducting audits, which may include legal advisors or regulatory authorities.
7.4. Who we do not share data with
We do not share data with:
- Affiliates or subsidiaries: We currently do not have affiliates or subsidiaries. If this changes, we will update this Privacy Policy.
- Third-party-login providers: Ello does not support social or federated login. No information is collected from third-party login providers nor is any data shared with them.
8. Security measures in protecting your information
The security of your personal information is important to us. We use appropriate technical, organizational, and physical safeguards to protect your personal information against unauthorized access, loss or disclosure.
These include:
- Encryption of personal data both in transit and at rest.
- Multi-factor authentication (MFA) for account access.
- Limited access controls to ensure only authorized personnel and designated staff handle your data.
- Annual internal data privacy audits and security reviews to maintain compliance.
- Physical and administrative safeguards to prevent unauthorized dissemination.
8.1. Data breach notification
In the event of a data breach that compromises your personal information, we will investigate promptly and take reasonable corrective measures. We will notify the relevant supervisory authority that is tasked with personal data protection within your jurisdiction of use and inform you of the security incident in accordance with applicable laws and regulations.
We have an internal Incident Response Plan, which is reviewed on an annual basis.
8.2. Your responsibility
You are also responsible for helping to protect the security of your personal information. This includes:
- Keeping your password safe, confidential and never sharing it with anyone.
- Protecting your username, password and personal credentials when using our Services to prevent unauthorized access.
- Enabling and maintaining two-factor authentication (2FA).
- Maintaining the security of any personal computing device you use to access our Services.
9. How long we hold on to your information
We will retain your personal information only for as long as it is necessary to fulfill the identified purposes for which it was collected or as required by law. Once the data is no longer needed, we will securely delete or anonymize it.
We may retain certain data beyond the termination of our relationship with you for legitimate purposes such as:
- To prevent fraud or future abuse.
- To analyze aggregated, non-personally-identifiable data.
- To recover your account.
- To comply with legal obligations.
- To resolve disputes.
To determine the appropriate retention period for your personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, the need to comply with our internal policy and the applicable legal, regulatory, tax, accounting or other requirements.
All retained personal information will remain subject to the terms of this policy. Please note that if you request deletion of your personal information, complete removal may not be possible in all cases due to technical or legal constraints.
10. Amendment of this policy
We reserve the right to update, modify or amend this policy at any time to reflect changes in our practices or legal requirements. If we make material amendments to this policy, we will notify you and post the updated policy on our website at www.ello.com/privacy.
Non-material changes (such as clarifications) take effect immediately upon posting. Material changes will take effect 30 days after we post or notify you.
The date of the latest update will always appear at the top of this document. We recommend that you periodically review this policy to ensure you are aware of any changes. Your continued use of our Services after changes take effect signifies your acceptance of the updated policy.
10.1. Changelog
Past policy versions are publicly available for review as follows:
Version last updated 5 Nov 2025: www.ello.com/privacy-nov-5-2025.
Version last updated 6 Mar 2024: www.ello.com/privacy-mar-6-2024.
Version last updated 5 May 2021: www.ello.com/privacy-may-5-2021.
11. Your rights
You have the following rights under applicable data protection laws in relation to your personal information:
- Right to know what personal information we have collected about you.
- Right to access a copy of the personal information we hold about you.
- Right to know what personal information we have shared with third parties.
- Right to object to processing of your Personal Information, including for direct marketing or related profiling. We may continue to process if we have a legitimate or legal reason to do so.
- Right to request restriction of processing where you contest the accuracy of your personal information or where you prefer restriction instead of deletion.
- Right to request deletion of your personal information.
- Right to request correction of any inaccurate, incomplete or outdated personal information.
- Right to export your personal information in a format that can be transferred electronically to a third party. This applies to automated data collected with your consent or for contract performance.
- Right to withdraw your consent.
- Right to delete your Ello account by following the instructions provided in the Terms of Service.
To exercise these rights, or make any other privacy-related request, please contact us at support@ello.com. We aim to respond promptly and within 30 days, unless shorter periods are required by applicable laws. For instance, in Kenya, we will respond within 7 days of receiving your request.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Please note that these rights are not absolute and Ello may refuse requests to exercise data subject rights if there is a legitimate reason, such as if we cannot authenticate your identity, if the request could violate the rights of a third party or applicable law, or if the request could interfere with our Service or prevent us from delivering a service you requested.
We will make every reasonable effort to keep your personal information accurate and up-to-date, and we will provide you with mechanisms to update, correct, delete or add to your personal information as appropriate. As appropriate, this amended personal information will be transmitted to those parties to which we are permitted to disclose your information. Having accurate personal information about you enables us to give you the best possible service.
12. Jurisdiction-specific amendments & addenda
The Ello app is currently available for use only in select countries. We do not offer our services in other jurisdictions where we are not compliant with local laws and regulations - such as any EU member state. By using Ello, you confirm that you are accessing our services from a permitted country.
If you access Ello from a region where our services are not available or not compliant with local laws, you do so at your own risk, and we do not assume any liability for such use. We reserve the right to restrict or terminate access if we determine that our services are being used in an unauthorized jurisdiction.
12.1. Non-US users: data transfer and storage
Our Services are hosted and operated in the United States. If you use the Service from any other region with data protection laws that differ from those of the United States, you consent to the transfer and storage of your personal information outside your jurisdiction.
Your personal information may be stored and processed on servers located within or outside of the United States and in other jurisdictions where our service providers operate. Certain information may be accessible to third-party service providers who are under contractual confidentiality obligations.
Prior to transferring your personal information, we will take appropriate steps to ensure that the personal information will be safeguarded and used only for authorized purposes set out in this policy or in accordance with applicable laws.
12.2. Local privacy laws
In some jurisdictions, the Services may be subject to supplemental privacy policies or local laws. For users in those jurisdictions, the applicable supplemental privacy policies and local laws will take precedence over this policy to the extent they conflict. If you have concerns about how we handle your personal information, please contact us at support@ello.com.
You have the right to withdraw your consent at any time or request more information about how your data is protected during cross-border transfers by contacting us at support@ello.com.
12.2.1. Parental consent
Where local law defines a child as under 18 years of age, Ello applies parental consent and heightened protections consistent with this policy, even where U.S. law would permit independent consent.
12.3. For our Kenyan users
We are registered as a data controller with the Office of the Data Protection Commissioner (“ODPC”) in Kenya and process personal data, as defined in Kenya’s Data Protection Act.
12.3.1. Our commitment
We process personal data of individuals located in Kenya in line with the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality as outlined in Kenya’s Data Protection Act.
12.3.2. Processing and cross-border transfers
Information we collect may be processed and transferred to the United States or other jurisdictions where we or our service providers operate. Where we transfer your personal information outside Kenya, we do so with your explicit consent and ensure that appropriate safeguards are in place, including contractual obligations and technical measures to protect your data in accordance with Kenya’s Data Protection Act.
12.3.3. Your data protection rights
As a Kenyan resident, you have the rights outlined in the “Your Rights” section of this policy, as well as any additional rights granted under Kenya’s Data Protection Act. These include the right to access, correct, delete, restrict processing, object to processing (including for direct marketing), withdraw consent, and request data portability. To exercise these rights, contact us at support@ello.com. If you are dissatisfied with our response, you may lodge a complaint with the ODPC in Kenya.
12.3.4. Complaints
If you are dissatisfied with any decision we make as a data controller, you may lodge a complaint with the ODPC in Kenya.
12.4. For our Californian users
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal information which we share with our affiliates and/or third parties for marketing purposes, along with the contact information for such affiliates and/or third parties.
12.5. For our Canadian users
- We endeavor to provide privacy protection that is consistent with the applicable privacy laws in Canada, including the Personal Information Protection and Electronic Documents Act ("PIPEDA") and the provincial private sector privacy laws in British Columbia and Alberta.
- Ello services are not available at this time for customers in Quebec.
- Ello is responsible for the personal information under its control and has designated support@ello.com as its primary contact for privacy and data protection inquiries.
- We use tracking technologies, such as the Facebook Pixel, on our website to improve our products and manage adult sign-ups. Our website is intended for use by adults only. In contrast, our application is designed primarily for children. To ensure a safe experience, we do not use any tracking technologies or track users for advertising purposes within the app.
- Personal information transferred outside of Canada, including to the United States, may be subject to the laws of those jurisdictions and lawful access by courts, law enforcement, or regulatory authorities under those laws.
13. Contact us
To help us keep your information accurate, please notify us if your details change (such as your email address or telephone number).
You can also contact us the following ways:
- email: support@ello.com
- mail: Ello Technology, Inc., 24 Shotwell St, San Francisco, CA 94103, USA
Please also contact us if you would like to:
- Access your personal information.
- Request details of any personal information shared with third parties.
- Correct, update, or delete your information.
- Assign a legacy contact to access your data.
- Report inappropriate content, harassment, cyberbullying, or any unsafe or inappropriate interactions on our platform.
- Withdraw consent for further collection or processing of your child’s data.
- Ask questions, share feedback or submit a complaint about our privacy practices.
At this time, the Privacy Policy is only available in English, but should you have any questions, please do not hesitate to reach out.