Lumi Tutor All legal

AI Disclosure & AI Use Policy

Effective date: [EFFECTIVE_DATE]

[PRODUCT_NAME] uses artificial intelligence to help children learn. This document explains exactly how, where the AI is used, what we do to keep it safe for children, what we don't allow it to do, and what your rights are.

This disclosure is required by emerging regulations including the EU AI Act, US state laws on AI transparency, and best-practice guidance for child-directed AI products.

1. What AI we use

We use large language models ("LLMs") provided by third-party AI vendors. Our current primary provider is [PRIMARY_AI_PROVIDER, e.g., Anthropic (Claude)]. We may use [SECONDARY_AI_PROVIDER, e.g., OpenAI (GPT-4o)] as a fallback or alternate, with the same safety wrappers. Our complete list of AI subprocessors is in the Subprocessor List.

We do not train our own foundation models. We compose product behaviour around third-party models using prompts, classifiers, and guardrails described below.

2. Where AI shows up in the Service

SurfaceAI used?Notes
Child tutor chat (Reading, Maths, Language, Curiosity, Calm modes)YesAll tutor replies are generated by an LLM, then checked by our safety engine
Mission of the Day suggestionsYes (occasionally)Most missions are template-based; some are LLM-generated and reviewed
Parent session summariesYesSummaries are LLM-generated from message summaries
Account settings, billing, dashboardsNoPlain product UI
Safety classifier (input + output)Currently rule-based, with a roadmap to upgrade to an AI classifierThe rule-based system is auditable; we will publish details if/when we move to AI classification
Homework guardrailRule-based, with a roadmap to AISame

The Service is upfront with the child that it is talking to an AI. The character "[ASSISTANT_NAME, e.g., Lumi]" is never represented as a human.

3. What we tell the AI to do (and not do)

The AI is steered by a server-side system prompt. The complete current prompt is in lib/prompts/childTutorPrompt.ts and is also summarised below. The prompt enforces the following:

  • Teach by guiding. The AI is instructed to never simply complete homework. It asks what the child tried first and offers one hint at a time.
  • Refuse to write essays or complete worksheets on the child's behalf.
  • Refuse to answer test questions if the child indicates they are currently taking a test.
  • Never ask for personal information like last name, address, phone, password, or school.
  • Never encourage secrecy from parents. If a child asks the AI to keep a secret, the AI explains that it doesn't keep secrets from parents.
  • Never give medical, legal, or financial advice. It redirects to a parent.
  • Never describe sexual content, graphic violence, self-harm, or dangerous instructions — even in stories.
  • In distress, redirect to a trusted adult. If the AI detects a child may be in danger, it gently directs them to speak with a parent or trusted grown-up.
  • Use age-appropriate language and short replies (typically 2–6 short sentences).

4. What runs around the AI — guardrails

Safety is enforced outside the model, not by the model alone. Every turn passes through:

  1. Input safety check (server-side). The child's message is scanned against rules for sexual content, violence, self-harm, medical advice requests, requests for private info, contact with strangers, secrecy from parents, illegal activity, dangerous instructions, age-inappropriate content, and parent-blocked topics. If blocked, the AI is never called for that turn; a safe response is returned and a Safety Event is logged.
  2. Homework guardrail (server-side). The child's message is classified for direct-answer / essay / test-cheating / worksheet / answer-check / general-explanation intent. The system prompt is adjusted accordingly.
  3. Output safety check (server-side). The AI's response is re-checked against the same rules. If blocked, the response is replaced with a safe fallback and a Safety Event is logged.

The full safety model is described in docs/safety.md and is part of our public commitment.

5. Training data

We do not use children's data to train AI models. Our contracts with AI providers prohibit them from using our request data for training their models. Zero-retention or short-retention terms are in place where the provider supports them.

The third-party LLMs we use were pre-trained by their respective vendors on data they collected before we engaged them. We do not control that pre-training. We rely on the vendors' own training-data disclosures for any questions about their corpus.

6. Accuracy, limitations, and disclaimers

AI systems can:

  • Be confidently wrong
  • Misunderstand questions
  • Produce content that sounds plausible but isn't accurate
  • Occasionally drift outside instructions despite guardrails

We minimise these risks through prompt engineering, server-side guardrails, length limits, and regular review. We cannot eliminate them. The Service is an educational aid, not a replacement for a qualified teacher, professional, or parent. Always apply your own judgement to AI output.

7. Children's right to know

Per the UK Children's Code and our own product principles, the child is always told they are interacting with an AI. The AI:

  • Has a clear non-human identity ("[ASSISTANT_NAME]")
  • Never claims to be a real person
  • Never pretends to remember the child between sessions in ways that exceed actual memory
  • Tells the child, if asked, that it's a computer program

8. Parent transparency

Parents can, in the dashboard:

  • See a list of every tutor session
  • Review session summaries (and full transcripts, if they have opted into transcript storage)
  • See every Safety Event with category, severity, and a short excerpt
  • See every Homework Guardrail event
  • Change topic allow/block lists, persona, homework strictness, voice on/off, transcript storage
  • Delete a child profile (which cascade-deletes all related data)
  • Export data via a Data Subject Access Request (see DSAR Templates)

9. Human oversight

For the AI in the Service:

  • All system prompts are written by people on our team and reviewed before deployment.
  • All guardrails are written by people on our team and unit-tested.
  • We monitor a representative sample of Safety Events to evaluate guardrail performance.
  • A nominated AI Safety Lead ([AI_SAFETY_LEAD_NAME, AI_SAFETY_LEAD_EMAIL]) owns AI safety reviews and approves material prompt changes.

For users:

  • The child has a parent as the human in the loop.
  • Parents are encouraged to review sessions and discuss the AI's behaviour with their child.

10. EU AI Act notes

[PRODUCT_NAME] is an AI system providing AI-generated text to natural persons including minors. Under the EU AI Act we:

  • Identify the system as AI (Art. 50)
  • Ensure children know they are interacting with an AI
  • Avoid uses that are prohibited under Art. 5 (we do not exploit vulnerabilities, do not perform social scoring, etc.)
  • Maintain technical documentation of the system

We monitor the regulatory landscape and will update this disclosure as obligations evolve. If [PRODUCT_NAME] is ever classified as a "high-risk" AI system under the Act (e.g., used for educational scoring with material effects on access), we will publish the additional risk-management documentation required.

11. Reporting an AI safety concern

If you encounter AI behaviour that is unsafe, inaccurate in a harmful way, or otherwise concerning, report it to [SAFETY_EMAIL] with a brief description and timestamp. We will:

  1. Acknowledge within [SAFETY_ACK_HOURS, e.g., 24] hours
  2. Investigate and respond with our findings within [SAFETY_INVESTIGATION_DAYS, e.g., 14] days
  3. Update guardrails or prompts where the issue is reproducible

12. Changes to this disclosure

We will publish material changes with at least [AI_DISCLOSURE_NOTICE_DAYS, e.g., 30] days' notice. The current version is always at [AI_DISCLOSURE_URL].

Contact

  • AI safety: [SAFETY_EMAIL]
  • Privacy & data: [PRIVACY_EMAIL]
  • General questions: [SUPPORT_EMAIL]