Skip to main content

Privacy Policy

Last updated: February 2026 - DRAFT: Flagged for attorney review before launch

1. Information We Collect

Account Information: Name, email address, professional role, and district affiliation when provided.

Usage Data: Course progress, quiz results, completion records, and learning analytics.

Payment Information: Payment processing is handled by Stripe. We do not store credit card numbers or CVVs. We retain Stripe customer IDs and transaction records.

AI Interactions: Conversations with the AI tutor are logged for quality assurance. Do not share student personally identifiable information in AI tutor conversations.

2. How We Use Your Information

We use collected information to:

  • Provide and improve our professional development courses
  • Issue CEU certificates and maintain completion records
  • Process payments and manage subscriptions
  • Send transactional emails (purchase confirmations, certificate notifications)
  • Generate district compliance reports for authorized administrators
  • Improve AI-generated content quality

3. FERPA Compliance

TXPD is designed for professional development of licensed practitioners. We do not intentionally collect student education records as defined by FERPA. If your district requires a Data Processing Agreement (DPA), please contact us. Our AI systems are programmed to reject and not store any student personally identifiable information shared in conversations.

4. Texas Data Privacy and Security Act (TDPSA)

In compliance with the TDPSA (effective July 2024): We do not sell your personal data. You may request access to your personal data at any time. You may request deletion of your account and associated data. You may opt out of any non-essential data processing. We will respond to verified consumer requests within 45 days.

5. Data Retention

  • AI tutor conversations: retained for 1 year, then auto-purged
  • Quiz attempts and completion records: retained indefinitely (required for certificate verification)
  • Discussion responses: retained for 2 years
  • Audit logs: retained for 3 years minimum
  • Account data: retained until you request deletion

6. Data Security

We protect your data with: encryption at rest (AES-256) and in transit (TLS 1.2+), Row Level Security on all database tables ensuring users can only access their own data, security headers (HSTS, CSP, X-Frame-Options) on all pages, and regular security audits.

7. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication
  • Microsoft Azure: Hosting and file storage
  • Stripe: Payment processing
  • Anthropic (Claude): AI content generation and tutoring
  • ElevenLabs: Audio narration generation

Each provider maintains their own privacy practices and security certifications.

8. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users within 60 days as required by the TDPSA, and within 72 hours if required by other applicable regulations.

9. Contact

For privacy-related inquiries or data requests, contact us at privacy@aimeducational.com.