Privacy policy
Last updated: Nov. 2025
The privacy of your data—and it is your data, not ours!—is a big deal to us. In this policy, we lay out: what data we collect and why; how your data is handled; and your rights with respect to your data.
The information we gather or process is used solely for core functionality of our products (JoySchooler) and to improve the quality and security of our service. Your information isn’t and has never been sold to third parties.
Please note that our Service is designed for Students, Parents, Educators and Educational Institutions, and as such, we adhere to the applicable laws including the General Data Protection Regulation (GDPR), the Family Educational Rights and Privacy Act (FERPA), and the Children's Online Privacy Protection Act (COPPA).
This policy is split into sections. For your convenience, links to each of those sections is as follows:
- What we collect
- Why we collect
- When we access or disclose your information
- Your rights with respect to your information
- AI Services and Your Data
- How we secure your data
- Third-party links
- What happens when you delete content in your product accounts
- Data retention
- Location of site and data
- Changes and questions
This policy applies to all products built and maintained by JoySchooler Inc including JoySchooler.
This policy applies to our handling of information about site visitors, prospective customers, and customers and authorized users (in relation to their procurement of the services and management of their relationship with JoySchooler). We refer collectively to these categories of individuals as "you" throughout this policy.
What we collect
Our guiding principle is to collect only what we need. Here’s what that means in practice:
Account Information
When you create an account with JoySchooler, we collect your name, email address, and password. If you are an educator or administrator, we may also collect your role and the name of your educational institution.
Optional Use of Pseudonyms or De-identified Information
We respect our users' choice to protect their identity. You may choose to provide us with a pseudonym or de-identified information in place of your real name. This approach will not limit your ability to use our services, and we will treat any information you provide with the same level of privacy and security as personal data that identifies you directly.
Student Data
We collect information about students provided by the educational institution, educators, parents, or students themselves. This may include student names, grades, and interests. We collect only the minimum amount of information necessary to provide our Service. We mask, hide, or disable third party tracking of student usage of the application, and we anonymize student data in cases when it is sent to a third party provider. We regularly review our application design, infrastructure, and user interface to ensure that no personally identifiable information is collected from students and transmitted to third parties.
User-generated Content
1. User Content Ownership
You retain all rights, title, and interest in and to any content you submit, upload, or share through our service ("User Content"). We do not own or have license to copy, alter, distribute, perform, or display your User Content to other users, third parties, or affiliated organizations without your explicit permission.
2. Sharing in Exercise Library
If you are an educator and choose to share exercises with our Exercise Library, you grant us and other educators on our platform the right to access, use, and incorporate these shared exercises in their educational activities. Exercises shared to the Exercise Library will be made available to all educators using our service. Personal information will not be shared with the exercises, though your name as the contributor may be displayed.
You can choose which exercises to share with the Exercise Library, and you can remove your contributions from the Lesson Library at any time by contacting us at help@joyschooler.com.
3. Limited License for Promotional Purposes
You grant us a limited, non-exclusive license to use fully anonymized excerpts from conversations for promotional and marketing purposes.
"Fully anonymized" means:
- Removal of all personally identifiable information
- Removal of any information that could reasonably be used to identify you or your organization
- Modification of specific details while preserving the general nature of the content
- No inclusion of proprietary or confidential business information
You may opt out of having your anonymized content used for promotional purposes by contacting us at legal@joyschooler.com.
4. Protection of Privacy
We will never share or use your original, unmodified content without your explicit permission. All promotional use will undergo a thorough anonymization process. We maintain strict internal guidelines for content anonymization.
Billing Information
If you sign up for a paid JoySchooler product, you will be asked to provide your payment information and billing address. Credit card information is submitted directly to our payment processor and doesn’t hit JoySchooler servers. We store a record of the payment transaction, including the last 4 digits of the credit card number, for purposes of account history, invoicing, and billing support. We store your billing address so we can charge you for service, calculate any sales tax due, send you invoices, and detect fraudulent credit card transactions. We occasionally use aggregate billing information to guide our marketing efforts.
Usage Data
We collect information about how you interact with our Service, such as the features you use, how long they tool to load, the time you spend on the platform, and the device you use to access the Service to improve our Service and ensure compatibility with various devices.
Cookies
We use cookies required for secure authentication, including maintaining login sessions, protecting against account takeover, and enabling safe access to our services. These cookies are essential to platform operation and are not used for advertising or cross-site tracking.
Technical Data
We collect technical data, including your IP address, browser type, device information, and operating system, to improve our Service and ensure compatibility with various devices. We log the full IP address used to sign up a product account and retain that for use in mitigating future spammy signups. We also log all account access by full IP address for security and fraud prevention purposes, and we keep this login data for as long as your product account is active.
Communication
We send emails including welcome emails, and updates on major new features, to the extent that you have provided consent consistent with notice and opt-out rights to receive such communications under applicable law. You can opt-out of these communications at any time by unsubscribing via the link provided in the emails or by contacting us. Please be aware that you will always receive certain emails from us related to the proper functioning of your account.
Voluntary correspondence
When you email JoySchooler with a question or to ask for help, we keep that correspondence, including your email address, so that we have a history of past correspondence to reference if you reach out in the future.
We also store information you may volunteer, for example, written responses to surveys. If you agree to a customer interview, we may ask for your permission to record the conversation for future reference or use. We will only do so with your express consent.
Why we collect your information
We use the information we collect to:- Provide and improve our Service, including personalizing the user experience.
- Support user accounts, authenticate users, and manage access control.
- Analyze usage patterns to enhance user experience and improve our services.
- Communicate with you about your account, updates, or customer support inquiries.
- Ensure the security of our Service, detect and prevent fraud, and enforce our Terms of Service.
- Comply with legal obligations and respond to lawful requests from authorities.
When we access or disclose your information
To provide products or services you’ve requested. We use some third-party subprocessors to help run our applications and provide the Services to you.
| Subprocessor | Usage reason | Shared Data | Link |
|---|---|---|---|
| Anthropic | Language models for AI services | Conversation content, age (opt in), interests (opt in) | Privacy Policy |
| OpenAI | Language models for AI services and transcribing audio | Conversation content, age (opt in), interests (opt in) | Privacy Policy |
| Microsoft Azure | AI services | Conversation content | Privacy Policy |
| Stripe | Payment processing | Payment info | Privacy Center |
| Hosting, data storage, and AI services | All user data is stored in Google Cloud SQL and Cloud Storage. | Privacy Policy | |
| Groq | Language models for AI services and transcribing audio | Conversation content | Privacy Policy |
| Amazon | AI services and email service | Conversation content, age (opt in), interests (opt in). Email addresses for sending transactional emails. | Privacy Policy |
| Datadog | Monitoring systems | Activity logs (no personally identifiable information) | Privacy Policy |
| Github | Issue tracking and code repository management | Code; User data may be included in issues | Privacy Policy |
| Slack | Internal communications; user data may be discussed for support | User data may be discussed | Privacy Policy |
| Gmail | Internal and external communications | User data may be discussed. | Privacy Policy |
To help you troubleshoot or squash a software bug, with your permission. If at any point we need to access your content to help you with a support case, we will ask for your consent before proceeding.
To investigate, prevent, or take action regarding restricted uses. Accessing a customer’s account when investigating potential abuse is a measure of last resort. We want to protect the privacy and safety of both our customers and the people reporting issues to us, and we do our best to balance those responsibilities throughout the process. If we discover you are using our products for a restricted purpose, we will take action as necessary, including notifying appropriate authorities where warranted.
Aggregated and de-identified data. We may aggregate and/or de-identify information collected through the services. We may use de-identified or aggregated data for research, marketing, or analytics.
Finally, if JoySchooler is acquired by or merges with another company — we don’t plan on that, but if it happens — we’ll notify you well before any of your personal information is transferred or becomes subject to a different privacy policy.
AI Services and Your Data
AI Services Overview
JoySchooler integrates with third-party AI services (Anthropic, OpenAI, Microsoft Azure, Google, Groq, and Amazon) to enhance our educational platform functionality. These integrations help us provide personalized learning experiences, content recommendations, and other AI-powered features that improve the educational experience.
No AI Training with Your Data
We do not use any personal information for AI model training purposes. Unlike some services that may use customer data to improve their AI models:
- We do not operate our own AI training programs
- We do not build custom AI models based on user data
- Our third-party AI providers (Anthropic, OpenAI, Google, Microsoft, Groq, and Amazon) do not use data sent through the API for training their models
- There is no opt-in/opt-out option for AI training because no such training occurs
Data Minimization and Protection
When we send information to our AI service providers:
- We only send the minimum information necessary for the requested functionality
- We do not send personally identifiable information to AI providers
AI Service Location
Our AI services are hosted in the following locations:
- Google Cloud: US-Central data centers
- Amazon Web Services (AWS): US-East data centers
- Microsoft Azure: North Europe and Sweden Central data centers
- OpenAI: US data centers
- Anthropic: US data centers
- Groq: US data centers
These data centers adhere to industry-leading security and compliance standards.
If you have any questions about our use of AI services or how we protect your data, please contact us.
Your rights with respect to your information
At JoySchooler, we strive to apply the same data rights to all customers, regardless of their location. Some of these rights include:
- Right to Know. You have the right to know what personal information is collected, used, shared or sold. We outline both the categories and specific bits of data we collect, as well as how they are used, in this privacy policy.
- Right of Access. This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
- Right to Correction. You have the right to request correction of your personal information.
- Right to Erasure / “To Be Forgotten”. This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession and, by extension, from all of our service providers. Fulfillment of some data deletion requests may prevent you from using JoySchooler services because our applications may then no longer work. In such cases, a data deletion request may result in closing your account.
- Right to Complain. You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
- Right to Restrict Processing. This is your right to request restriction of how and why your personal information is used or processed.
- Right to Object. You have the right, in certain situations, to object to how or why your personal information is processed.
- Right to Portability. You have the right to receive the personal information we have about you and the right to transmit it to another party. If you want to export data from your accounts, send us an email.
- The right to submit a complaint with a data protection authority If you are a resident of the European Union, and you are not satisfied with the outcome of the complaint submitted to us, you have the right to lodge a complaint with your local data protection authority.
- Right to Non-Discrimination. We do not and will not charge you a different amount to use our products, offer you different discounts, or give you a lower level of customer service because you have exercised your data privacy rights. However, the exercise of certain rights may, by virtue of your exercising those rights, prevent you from using our Services.
Many of these rights can be exercised by signing in and updating your account information. Please note that certain information may be exempt from such requests under applicable law. For example, we need to retain certain information in order to provide our services to you.
In some cases, we also need to take reasonable steps to verify your identity before responding to a request, which may include, at a minimum, depending on the sensitivity of the information you are requesting and the type of request you are making, verifying your name and email address. If we are unable to verify you, we may be unable to respond to your requests. If you have questions about exercising these rights or need assistance, please contact us.
How we secure your data
We employ industry-standard security measures to protect your personal information, including encryption and hashing. We regularly review and update our security practices to address evolving threats and vulnerabilities. All data is encrypted via HTTPS/TLS when transmitted from our servers to your browser. The database backups are also encrypted.
Third-party links and partner analytics
Our Service may contain links to third-party websites, products, or services. We are not responsible for the privacy practices of these third parties, and we encourage you to review their privacy policies before providing them with your personal information.
In some cases, JoySchooler partners with educational organizations such as Code.org to deliver co-hosted learning events or initiatives. Pages associated with these partner initiatives are clearly labeled as being part of the partnership. These pages may include a partner analytics pixel or beacon, solely to enable the partner to measure engagement and basic event interaction metrics.
No student personal information, account data, or identifying details are shared through these partner pixels. The presence of partner analytics is limited to clearly marked event pages and is never enabled elsewhere on the platform.
What happens when you delete content in your product accounts
Upon account deletion, your account is flagged as deleted and your data is no longer accessible. This data is stored for a grace period (90 days) to allow for account recovery in the case of accidental or malicious deletion. Upon request, you can expedite the process of performing a hard delete to remove all of your personal data from our databases. After a hard delete, your data will be deleted from our system, but could still be present in encrypted database backups for up to an additional 95 days. To request an expedited hard delete, please contact us.
Data retention
We keep your information for the time necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and your choices, after which time we may delete and/or aggregate it. We may also retain and use this information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Through this policy, we have provided specific retention periods for certain types of information. You may request the deletion of your account and personal information by contacting us. For students, parents or guardians may request the deletion of their child's personal information by contacting the student's educational institution or us directly.
To maintain data security and comply with data minimization principles, we reserve the right to delete user accounts and associated personal data that have remained inactive for more than 12 consecutive months. Account activity includes logging in or engaging with our services.
Location of site and data
Our data for Australian users signing up at au.joyschooler.com is stored in Australia. Our data for Canadian users signing up at ca.joyschooler.com is stored in Canada. For all other users signing up at joyschooler.com, the data is stored in Germany. Our products and other web properties for au.joyschooler.com are operated in Australia, while those for joyschooler.com are operated in the United States.
Changes and questions
We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our policies, we will refresh the date at the top of this page and take any other appropriate steps to notify users using in-app notifications, or email (for significant changes).
If there is a change in ownership (such as a merger, acquisition, or sale of assets), we will ensure that the privacy commitments made to you under this policy remain in effect through the end of your current contract term or subscription period, unless you are notified and provided with an opportunity to end the contract with no penalty.
Have any questions, comments, or concerns about this privacy policy, your data, or your rights with respect to your information? Please get in touch by emailing us and we’ll be happy to try to answer them!