Privacy

 

Introduction

eduPhoria AI, a subsidiary of Thorim AI, is dedicated to enhancing educational experiences through our AI-powered technology. This Privacy Policy outlines our commitment to protecting the privacy and security of our users’ information, with a particular focus on compliance with COPPA and FERPA regulations.

I. Compliance Overview

  • COPPA Compliance: eduPhoria AI adheres to the Children’s Online Privacy Protection Act, ensuring the protection of personal information for children under 13.
  • FERPA Compliance: As a provider of educational services, eduPhoria AI complies with the Family Educational Rights and Privacy Act, safeguarding the privacy of student education records.

II. Information Collection and Use

  • Personal Information: Details the types of personal and educational information collected, including but not limited to, names, ages, email addresses, grades, and courses taken.
  • Purpose of Collection: Explains how collected information is used to enhance educational experiences, support educational institution administrative functions, and comply with legal obligations.

III. Parental Consent and Student Rights

  • Parental Rights (COPPA): Describes the process for obtaining verifiable parental consent before collecting information from children under 13 and outlines parents’ rights to review and control their child’s personal information.
  • Student and Parent Rights (FERPA): Details the rights of students and parents to access and amend education records, with procedures for requesting access and amendments clearly outlined.

IV. Data Handling and Security Measures

  • Data Protection: Emphasizes encryption, access control, and other security measures to protect personal and education records against unauthorized access and breaches.
  • Data Retention and Minimization: Outlines policies for retaining information only as long as necessary and minimizing data collection to what is directly relevant and necessary for educational purposes.

V. Disclosure and Sharing of Information

  • COPPA Disclosures: Specifies conditions under which information collected from children under 13 may be disclosed, emphasizing the requirement for parental consent.
  • FERPA Disclosures: Clarifies the circumstances under which education records may be shared, with a focus on compliance with FERPA’s conditions for disclosure without consent.

VI. Training, Compliance Monitoring, and Continuous Improvement

  • Staff Training: Highlights regular training programs for staff on privacy laws, data protection, and the handling of both children’s and students’ information.
  • Compliance Audits: Details the processes for regular audits and reviews to ensure ongoing compliance with COPPA and FERPA, incorporating feedback for continuous policy and practice improvement.

VII. Collaboration with Educational Institutions

  • Access and Amendment Support: Describes support provided to educational institutions in managing access and amendment requests related to student records.
  • Documentation and Record-Keeping: Outlines the maintenance of records related to access requests, amendments, and disclosures to ensure compliance and provide audit trails.

  • Google API Services User Data Policy

    Our application integrates with certain Google APIs and services. By using our application, you are subject to the Google API Services User Data Policy, located at https://developers.google.com/terms/api-services-user-data-policy, in addition to our Privacy Policy and these Terms of Service.

    The Google API Services User Data Policy governs your use of Google API services through our application. It explains how Google handles user data, including the limited circumstances under which Google employees may access data.

    Please review the Google API Services User Data Policy carefully. Your use of our application constitutes your acceptance of the Google API Services User Data Policy. If you do not agree to the Google API Services User Data Policy, you may not use our application’s Google integration features.

    Scopes Selection & Justification: Regarding the scope https://www.googleapis.com/auth/docs, our app utilizes this scope to allow users to view and manage their Google Docs files within our app’s document management interface. This integration enables users to seamlessly access and edit their Google Docs documents without leaving our app, providing a more convenient and streamlined experience.

    Google Drive Integration

    Our application integrates with Google Drive to provide seamless file management capabilities. Through this integration, users can access and manage files stored in their Google Drive alongside other local or cloud files within our application’s file management system.

    To enable this integration, our application requests permission to access the “https://www.googleapis.com/auth/drive” scope from Google APIs. This allows our app to view and manage files in your Google Drive on your behalf.

    When you first use the Google Drive integration features, you will be prompted to grant permission for our app to access your Google Drive data. This consent screen will explain specifically how the “https://www.googleapis.com/auth/drive” scope will be used within our application.

    You can revoke this permission at any time through your Google account settings. However, revoking permission will disable the Google Drive integration capabilities within our app until permission is granted again.

    By using the Google Drive integration features, you acknowledge and agree that our application may access and transfer files to/from your Google Drive based on the permissions you grant. As with the rest of our service, your use of the Google Drive integration is subject to this Terms of Service agreement as well as Google’s API Services User Data Policy.

VIII. Incident Response and Notification

  • Incident Response: Provides an overview of the incident response plan for addressing data breaches or unauthorized disclosures, ensuring prompt action and mitigation.
  • Notification Procedures: Explains the protocols for notifying affected individuals and relevant authorities in the event of a privacy incident, in compliance with legal requirements.
  • In alignment with our commitment to user data security and privacy, we hereby disclose that EduphoriaAI strictly adheres to the Google API Services User Data Policy, inclusive of its Limited Use directives. This ensures the responsible management and transfer of information obtained through Google APIs. For detailed insights into our practices and the standards we follow, kindly visit https://eduphoria.ai/privacy/.”

IX. Contact Information and Feedback

  • Contact Details: Offers comprehensive contact information for eduPhoria AI, inviting inquiries, feedback, and concerns regarding our privacy practices and compliance efforts.
  • Feedback Loop: Encourages an ongoing dialogue with users, educational institutions, and legal guardians to refine privacy practices and enhance user trust and safety.

This Privacy Policy reflects eduPhoria AI’s commitment to the responsible management, protection, and use of personal and educational information in compliance with COPPA and FERPA regulations. Our dedication to privacy and security is integral to our mission of providing innovative and safe educational technologies.