Is HYVE CARES really free?

Yes. 100% free, forever. Every feature, every lab, every lesson. The only paid add-on is the optional Homeschool Compliance Program ($10/month) for families who need legal compliance tools.

Can I use HYVE CARES for homeschooling?

Yes. HYVE CARES provides a complete K-12 curriculum plus a dedicated Homeschool Compliance Program with attendance tracking, immunization records, standardized test management, and transcript generation — available in all 50 US states.

What subjects does HYVE CARES cover?

200+ subjects including Math, Science, Language Arts, Social Studies, Coding, 18 world languages, Financial Literacy, Music, Art, Career Readiness, and more — aligned with Common Core and NGSS standards.

Does HYVE CARES have practice exams?

Yes. 30+ practice exams including SAT, ACT, GRE, LSAT, MCAT, ASVAB, CompTIA A+, Real Estate, CDL, and more — with timed testing, AI-powered scoring, percentile estimates, and spaced repetition study mode.

MaXXiE is HYVE CARES' AI tutoring system — a personalized learning companion that adapts to each student, generates lessons on demand, scans homework, and provides voice-based learning.

Is HYVE CARES safe for children?

Yes. HYVE CARES requires parental consent for children under 13 (in line with COPPA), stores student data with Row-Level Security and AES-256 encryption at rest, and never sells data or shows ads.

Practical Data Protection

Understanding why data sovereignty matters is necessary but not sufficient. This lesson is about what you actually do. The goal is not paranoia or total withdrawal from digital life — that is impractical and unnecessary. The goal is a sustainable, calibrated privacy practice: knowing your threat model, choosing protection measures proportional to real risks, and building habits that protect you without making your digital life dysfunctional. This is a skill that takes practice, not a setting you turn on once.

Start With a Threat Model

A threat model is a structured analysis of who might want your data, what they could do with it, and what you realistically need to protect against. Without a threat model, privacy advice collapses into anxiety — you cannot defend against everything equally, and trying to do so produces paralysis. Four questions define a threat model: What data do I most need to protect? Your financial accounts and credentials protect you from fraud. Your location data protects you from physical harm. Your health data protects you from insurance discrimination. Your political and social data protects you from targeted manipulation or, in some contexts, state repression. Who are the realistic adversaries? The threat landscape includes commercial data collectors (companies harvesting and monetizing your data), data brokers (aggregating and selling your profile), cybercriminals (targeting credentials and financial data), and in some contexts, governments or abusive individuals. Different threats require different defenses. What are the most likely attack vectors? For most people, the biggest risks are credential compromise (password reuse, phishing), commercial data harvesting (unguarded browser behavior, app permissions), and social engineering (impersonation attacks, urgency-based manipulation). Physical device access is real but less common. What is the acceptable burden? Privacy measures have costs in convenience and time. Your threat model should identify which protections are worth their cost and which represent diminishing returns. A journalist in an authoritarian country and a teenager in a stable democracy have very different optimal threat models.

Threat Modeling Is Personal

There is no universal optimal privacy setup. A person whose location could expose them to domestic violence needs different protections than someone concerned primarily about commercial tracking. A political activist needs different defenses than a student protecting personal health data. Start with your specific context, not with a generic checklist.

The Core Privacy Stack

For most people with a standard threat model — protection against commercial surveillance, credential theft, and data broker aggregation — the following measures cover the vast majority of realistic risk. Password and authentication hygiene. Use a password manager (Bitwarden, 1Password, or similar) to generate and store a unique, strong password for every account. Never reuse passwords. Enable two-factor authentication on every account that supports it, preferring an authenticator app (Authy, Google Authenticator) over SMS-based 2FA, which is vulnerable to SIM-swapping attacks. This single layer eliminates the most common account takeover vector. Browser protection. Use a browser with strong privacy defaults — Firefox with uBlock Origin is the most widely recommended combination for privacy without sacrificing functionality. Enable tracker blocking. Regularly clear cookies and browsing data, or use browser containers to isolate websites from each other. Consider using a separate browser for high-sensitivity tasks (banking, medical research) to prevent cross-site tracking. Network protection. Your IP address is a persistent identifier that reveals your approximate location and can be linked to your browsing across sites. A reputable VPN (Mullvad, ProtonVPN) masks your IP from websites and your ISP. DNS-over-HTTPS prevents your ISP from seeing which domains you query. On public networks, always use a VPN. Device and operating system hygiene. Keep software updated — most successful malware exploits known vulnerabilities for which patches exist. Review app permissions regularly: a flashlight app does not need location access. Encrypt your device's storage (enabled by default on modern iOS and Android; enable BitLocker on Windows). Use a device PIN or biometric lock. Email and communications. For sensitive communications, use end-to-end encrypted messaging: Signal is the gold standard — its cryptographic protocol is open-source and has been audited repeatedly. For email, ProtonMail or Tutanota provide end-to-end encryption for email communications. For general email, recognize that major free email providers scan your email content for ad targeting; this is disclosed in their terms of service.

Flashcards — click each card to reveal the answer

Data Minimization and Permission Hygiene

Beyond active defenses, data minimization — simply not creating or sharing data unnecessarily — is the most effective long-term protection. Strategies include: App permission audits. Go through your phone's app permissions quarterly. Revoke any permission that is not clearly necessary for the app's core function. Location permission for a restaurant menu app makes no sense. Microphone permission for a calculator app is a red flag. Most apps work fine without every permission they request. Alternate contact information. Use an email alias service (SimpleLogin, Apple's Hide My Email) for signups that do not require your real email address. This prevents your real email from being sold to brokers and makes it easy to cut off data flows from specific services by deactivating the alias. Cash and anonymized payment. For purchases you want to keep private, cash provides genuine anonymity that digital payment never does. Pre-paid cards purchased with cash, or privacy-focused virtual card services, provide anonymity for online purchases. Form field minimalism. When forms request optional information — phone number, birth date, home address, employer — do not provide it unless strictly required. Optional fields collect data you have not consented to share for any specific purpose.

You download a popular free VPN app. The app has no subscription fee. Its privacy policy states it 'may share user data with trusted partners for business purposes.' Why should this raise concern?

A website prompts you to enable notifications to stay updated. You click allow. Three months later you want to revoke this. Where in a modern browser do you go to revoke site notification permissions?

Build Your Personal Threat Model and Privacy Audit

Complete this in three phases.
Phase 1 — Threat model (10 minutes):
Answer the four threat-model questions for yourself: What are your top three data categories to protect? Who are the two most realistic adversaries in your life right now? What are the two most likely attack vectors against your data? What level of privacy burden is sustainable for you week-to-week?
Phase 2 — Current state audit (10 minutes):
Check: How many of your accounts use the same password? Do you have 2FA enabled on your three most sensitive accounts (email, bank, primary social account)? Review your phone's app permissions — how many apps have location access that do not obviously need it? What browser and search engine do you use, and do they default to tracking?
Phase 3 — Action plan (5 minutes):
Based on your threat model and audit, identify the three highest-priority changes you will make this week. Be specific: not 'improve passwords' but 'install Bitwarden, import existing passwords, generate new unique passwords for my top 5 most sensitive accounts.' Write these down as commitments with deadlines.