Limited Pilot Program · Currently invitation-only. Request Pilot Access

Privacy Policy

Last updated: June 2026

StorylineIQ is a classroom intelligence and student support platform sold to schools and districts. We act as a school official with a legitimate educational interest under FERPA (34 CFR §99.31(a)(1)) and as a service provider under state student data privacy laws.

1. What we collect

  • Educator accounts: name, work email, role, district/school assignment.
  • Student records: first/last name, grade level, optional birthday and gender (district-controlled), classroom enrollment.
  • Classroom activity: behavior logs, teacher notes, observations, interventions, parent contacts, support plans, AI-generated summaries.
  • Parent/guardian contact info when a teacher records it for conferences and communication.
  • Audit logs: who viewed, created, edited, exported, or deleted student records and when.

2. What we never do

  • We do not sell student data. Ever.
  • We do not show advertising in the product.
  • We do not build advertising profiles of students or teachers.
  • We do not use student PII to train third-party general-purpose AI models. See Student Data Privacy.

3. How we use data

Solely to provide the contracted service: organizing classrooms, generating teacher-and-parent reports, summarizing patterns, supporting MTSS workflows, and producing audit trails for district compliance.

4. AI processing

AI summaries are produced by the Lovable AI Gateway, which proxies to model providers (e.g., Google Gemini). Before sending data to the gateway, we deterministically redact student names and replace them with placeholders (e.g., "Student A"). Names are rehydrated client-side after the response. No student PII is retained by the model provider for training.

5. Retention

Each district configures its own retention windows. Defaults: 3 years for behavior logs and summaries, 7 years for audit events, 1 year after a student withdraws before purge. Districts may extend or shorten these in Admin → Retention.

6. Parent rights (FERPA §99.10–§99.22)

  • Inspect & review: Parents may request a copy of their child's record. Admins can produce a JSON bundle via Admin → Student Export.
  • Amend: Parents may request amendment of records believed inaccurate or misleading. Admins can record the amendment via Admin → Amendments.
  • Consent: Required disclosures (e.g., to non-school-official third parties) require parental consent.
  • Complaint: Parents may file with the U.S. Department of Education, Family Policy Compliance Office.

7. Security

Encryption in transit (TLS 1.2+) and at rest, multi-tenant row-level security, mandatory MFA for admin accounts, configurable idle-session timeout, append-only audit logging. Details on Security.

8. Sub-processors

See our sub-processor list.

9. Contact

Data Protection Officer: privacy@storylineiq.com