Services & Pricing Service packages designed to meet you where you are in your compliance journey. Each can be engaged independently or combined for end-to-end readiness support. See our methodology for how the readiness process works.
Readiness Sprint 2–4 weeks Estimated range: $8,000–$25,000
Market-informed estimate — actual pricing depends on scope and complexity.
Deliverables Child-directed service assessment and COPPA applicability determination Privacy notice audit against 16 CFR § 312.4 requirements Consent mechanism evaluation across all supported methods Third-party vendor and SDK review for child-directed applications Age gate design assessment and bypass testing Gap analysis with risk-ranked findings Executive readout with remediation roadmap Get Started Remediation Program 4–12 weeks Estimated range: $15,000–$60,000
Market-informed estimate — actual pricing depends on scope and complexity.
Deliverables Privacy notice rewrites with COPPA-specific disclosures for § 312.4 compliance Parental consent mechanism implementation or upgrade Vendor contract amendments with COPPA-specific PI restrictions Data retention policy and automated deletion pipeline for children's PI Age screening mechanism deployment or redesign Safe harbor program evaluation and enrollment support Internal COPPA training program for product, engineering, and support teams Get Started Audit Support During assessment Estimated range: $5,000–$20,000
Market-informed estimate — actual pricing depends on scope and complexity.
Deliverables FTC inquiry response preparation and coordination Evidence package assembly covering consent records, privacy notices, vendor contracts, and retention documentation Consent mechanism documentation and testing validation Safe harbor program coordination and communication support Internal readiness review before regulatory submission Get Started Continuous Compliance Ongoing (monthly) Estimated range: $3,000–$10,000/mo
Market-informed estimate — actual pricing depends on scope and complexity.
Deliverables Quarterly consent mechanism testing and bypass assessment Third-party vendor and SDK re-assessment for child-directed applications Privacy notice updates reflecting changes in collection practices FTC enforcement monitoring and regulatory change alerts Age gate validation and effectiveness testing Parental deletion request process audit Get Started Who Does What: RACI Matrix A clear engagement model ensures that responsibilities are understood from day one. The matrix below shows who is Responsible (R), Accountable (A), Consulted (C), and Informed (I) for each workstream.
Workstream Founder / CEO CTO / VP Eng Security / Compliance Ops / COO HR Eng / SRE Reviewer Approve scope and goals A C R C I I I Control design and mapping I A R C C R C Policy adoption A C R R C I I Evidence collection I A R C C R I Vendor management evidence I C R A I I I Review coordination I C A/R C C C R
Important Disclaimers We provide COPPA readiness, remediation, evidence preparation, and support. We do not issue compliance reports or provide attestations.
Any formal examination must be performed by an independent licensed firm where applicable.
Management remains responsible for defining scope, operating controls, and making management assertions.
We coordinate with auditors and reviewers, but we do not act as the auditor and do not guarantee outcomes.
Where privacy, employment, or customer-contract issues arise, legal counsel may be required in addition to readiness support.