Privacy Policy

1. What we collect

We collect only what we need to give you an account and run the tools you use:

• Account details — your name or nickname, email address, chosen role (teacher or student) and a hashed password. If you sign in with Google, we receive your name, email and profile picture from Google; we never see your Google password.
• Content you create — lessons, worksheets, boards, vocabulary sets, quizzes, schedules, grades, homework and notes that you generate or upload.
• Prompts you send to AI — the topics, texts and links you provide to generate materials (see §3).
• Usage & technical data — basic, privacy-respecting logs such as feature usage counts, error reports, browser type, approximate region and timestamps, used to keep the service reliable.
• Payment data — if you upgrade, billing is handled by our payment provider. We store your plan and status, not your full card number.

We do not collect special-category data (health, biometrics, political views, etc.) and ask that you do not enter it into the product.

2. How we use it

• To create and secure your account and authenticate you.
• To generate, store, sync and display the materials you make.
• To provide teacher–student features you opt into (shared boards, homework, gradebook).
• To keep the service working — diagnose bugs, prevent abuse and improve performance.
• To send essential service messages (e.g. password resets, security or billing notices). We do not send marketing email without your consent.

We do not sell, rent or trade your personal data, and we do not use your private content to train third-party AI models.

3. AI processing

AI features work by sending the prompt you provide (a topic, a pasted text, or a YouTube link’s transcript) to a third-party AI provider, which returns generated exercises. We send only what is needed to fulfil that request, and we do not attach your name, email or student data to AI prompts. We do not permit the AI provider to use your prompts to train their public models where that option is available to us.

Generated output is a starting point you can edit; you are responsible for reviewing AI-produced material before using it with learners. If AI is unavailable, tools fall back to offline templates so you are never blocked.

4. Legal bases (GDPR)

Where the GDPR applies, we process your data under the following bases:

• Contract — to provide the account and features you sign up for.
• Legitimate interests — to secure the service, prevent abuse and improve the product, balanced against your rights.
• Consent — for anything optional (e.g. non-essential communications), which you can withdraw at any time.
• Legal obligation — where we must retain certain records (e.g. for tax on paid plans).

5. Third parties we rely on

We use a small set of trusted providers, each only for its stated purpose:

• Google Sign-In — optional authentication.
• AI provider — generating exercises from your prompts (§3).
• Hosting & infrastructure — running the servers and delivering the app.
• Payment provider — processing upgrades and donations.

These providers act as processors under our instructions or as independent controllers for their own services, and are bound by their own privacy terms.

6. Storage & retention

• Free plan is local-first. Much of your data lives in your own browser storage and never leaves your device unless you choose to sync.
• Paid plans sync your data to our servers over encrypted connections so you can use it across devices.
• We keep account data while your account is active. If you delete your account, we remove your personal data within 30 days, except where we must keep limited records to meet legal obligations.
• Backups are rotated regularly and purged on a rolling schedule.

7. Cookies & local storage

TeachEd uses essential browser storage (cookies, localStorage and a Service Worker cache) to keep you signed in, remember preferences such as language, and make the app work offline. These are required for the product to function. We do not use advertising or cross-site tracking cookies.

8. Security

• All traffic is served over HTTPS/TLS.
• Passwords are stored hashed, never in plain text.
• Synced cloud data is encrypted in transit; access is restricted to what is needed to operate the service.
• We apply the principle of least privilege and keep our dependencies up to date.

No system is perfectly secure, but we take reasonable, current measures to protect your data and will notify affected users of any breach as required by law.

9. Your rights

Depending on where you live, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Delete your data (“right to be forgotten”).
• Export your data in a portable format.
• Object to or restrict certain processing, and withdraw consent.

To exercise any of these, email hello@teachedos.app. We respond within 30 days. You also have the right to complain to your local data-protection authority.

10. Children

Student accounts are intended to be created or supervised by a teacher, parent or guardian. TeachEd is not directed at children under 13 (or the minimum age in your country) without such supervision, and we do not knowingly collect their data directly. If you believe a child has provided us data without authorisation, contact us and we will remove it.

11. Changes to this policy

We may update this policy as the product evolves. We will revise the “last updated” date above and, for material changes, provide a notice in the app. Continuing to use TeachEd after a change means you accept the updated policy.

12. Contact

TeachEd is built and operated by an independent developer based in Ukraine. For any privacy question or request, reach us at hello@teachedos.app.