Security & privacy
Sorin was designed for children first. Safety and privacy aren't features we added. They're the foundation the product is built on. Here's exactly how it works.
The heart of Sorin's privacy protection is Aegis™, our identity-protection engine. It's the piece we're proudest of, and it's still rare in AI products built for kids.
Most AI applications send whatever a user types straight to a large AI model. For an adult, that is one thing. For a child sharing their name, their school, or where they live during a homework session, sending that information to an AI model is exactly what a parent should worry about.
Aegis™ sits between your child and the AI and makes sure that never happens.
Before a message leaves your child's device for processing, Aegis™ scans it for personal information such as names and identifying details.
Those details are replaced with neutral stand-ins, so the AI receives an anonymized version of the conversation. The model can still help with the homework, the story, or the question, but it never sees who your child actually is.
When the AI responds, Aegis™ maps the stand-ins back so the conversation stays natural and personal for your child.
The mapping that links a stand-in back to the real detail stays within Sorin. It is never sent to the AI provider.
Your child's real identity is kept out of the AI model entirely, which dramatically reduces what could ever be exposed.
It works automatically, every time, with nothing for your child to remember or switch on.
The same content is also checked for risky sharing like phone numbers or addresses, and you are alerted when needed.
Aegis™ reflects a simple belief: an AI can be a wonderful learning companion for a child without ever needing to know who that child is.
Beyond Aegis
We collect only what the experience genuinely needs.
You decide how data is used, and you can review and manage it.
Photos your child uploads and images Sorin generates are stored privately and served through short-lived links that expire, not open public URLs.
Learning analytics turns your child's own activity into plain-English signals, always shown with the evidence behind them. Self-relative, never benchmarked against other kids, and never an assessment.
Strong security includes not hoarding data. Sorin enforces automatic retention limits so your family's information does not live forever.
Conversations are automatically deleted after a period you control (default 12 months of inactivity). Information that no longer exists cannot be breached or misused.
Read-aloud audio is deleted automatically after 15 days. There is no permanent archive of spoken audio.
Shorten retention, delete a child profile, or delete your entire account at any time. Deletion is permanent.
Combined with the Aegis™ privacy engine, which keeps your child's identity out of the AI in the first place, retention limits mean we protect your child both in the moment and over time.
Read the full Data Retention Policy for the specifics.
Account security
Parents can enroll a second factor using any standard authenticator app, with backup codes for recovery. Required for admins.
Data is encrypted in transit and at rest, with access scoped tightly to the people in your family who need it.
Children sign in through parent-managed links. No public passwords floating around, and parents decide who can see and manage what.
Active sessions are visible and revocable, conversation transcripts are available to parents, and safety events are surfaced as they happen.
Recognized standards
Sorin is built by WhitegloveAI, and our security and privacy practices follow established frameworks for trustworthy and responsible AI rather than ad-hoc decisions.
ISO/IEC 42001
The international standard for AI management systems, defining how AI is governed, monitored, and continuously improved inside an organization.
NIST AI RMF
The U.S. standard for identifying and managing AI risk across the lifecycle of an AI product.
WhitegloveAI AI-AMF
Our own framework for adopting and governing AI responsibly. Learn more at www.aiamf.org.
We design with these frameworks in mind so that safety, privacy, and accountability are maintained continuously, not treated as one-time checkboxes.
Have questions about our security or privacy posture? Email security@sorin.ai.
Part of the Sorin Trust Center
Privacy, children's privacy, subprocessors, data retention, and the standards we align with all live in one place.