Privacy Policy
Effective Date: May 1, 2025
Last Updated: Jun 9, 2025
1. Introduction
Nsightz Inc. ("we," "us," or "our") provides a student support coordination platform (the "Service") designed to help school staff coordinate student support services within educational institutions. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our Service.
Important: Our Service is designed for use by school staff and authorized personnel only. Students do not directly use our platform, though we may process student education records as part of our services to schools.
2. Information We Collect
2.1 User Information
We collect the following information from school staff and authorized users:
-
Account Information: First and last name, email address
-
Authentication Data: Login credentials or Google authentication tokens
-
Device Information: Browser type, operating system, IP address, device identifiers
-
Usage Data: How you interact with our Service, features used, time spent
2.2 Student Education Records
As a school official under FERPA, we may collect and process the following student information on behalf of schools:
-
Academic Records: Grades, coursework, academic performance data (when opted-in by school)
-
Behavioral Records: Disciplinary actions, behavioral interventions, support plans
-
Demographic Information: Student rosters, enrollment status, grade level
-
Attendance Records: Attendance data and patterns
-
Special Status Information: ELL status, 504 plans, IEP status, and related support needs
-
Student Information System Data: Any additional data imported from school SIS systems with proper authorization
2.3 User-Generated Content
-
Task and workflow data created by school staff
-
Notes, assessments, and support plans entered by authorized personnel
-
Any photos or documents uploaded in connection with student support coordination
2.4 Technical Information
-
Analytics Data: We use PostHog for product analytics to improve our Service
-
Audio Data: Microphone access on mobile devices when explicitly permitted for specific features
-
Location Data: General location information for service optimization (not precise geolocation)
3. How We Use Information
3.1 Educational Purposes
We use student education records solely for legitimate educational purposes, including:
-
Coordinating student support services and interventions
-
Facilitating communication among school staff regarding student needs
-
Generating reports and analytics for school administrators
-
Improving educational outcomes through data-driven insights
3.2 Service Operations
We use user and technical information to:
-
Provide, maintain, and improve our Service
-
Authenticate users and maintain account security
-
Provide customer support and respond to inquiries
-
Analyze usage patterns to enhance user experience
-
Ensure compliance with applicable laws and regulations
3.3 Legal Compliance
We may use information as required to comply with legal obligations, including FERPA, state privacy laws, and other applicable regulations.
4. Information Sharing and Disclosure
4.1 No Commercial Use or Sale
We do not sell, rent, or trade any personal information or student education records to third parties. We do not use student data for commercial purposes or advertising.
4.2 Service Providers
We may share information with trusted service providers who assist in operating our Service, including:
-
Cloud Hosting: Vercel and Supabase (data stored in United States)
-
Analytics: PostHog for product analytics
-
Authentication: Google for login services (when used)
All service providers are contractually bound to protect information and use it only for specified purposes.
4.3 School Officials and Authorized Personnel
Within the multi-tenant architecture, student education records are shared only with authorized school staff who have legitimate educational interests in accessing such information.
4.4 Legal Requirements
We may disclose information when required by law, court order, or government request, or to protect the rights, property, or safety of our users or others.
4.5 Business Transfers
In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of the transaction, subject to equivalent privacy protections.
5. Data Security
We implement appropriate technical and organizational measures to protect information against unauthorized access, alteration, disclosure, or destruction:
-
Encryption: Data is encrypted in transit and at rest
-
Access Controls: Role-based access with authentication requirements
-
Infrastructure Security: Secure cloud hosting with regular security updates
-
Multi-tenancy: Each school's data is isolated within separate tenants
-
Regular Monitoring: Ongoing security assessments and monitoring
6. Data Retention
6.1 Student Education Records
-
Student education records are retained as long as necessary for legitimate educational purposes
-
Upon account deletion or service termination, student-related data is deleted within two (2) years
-
Schools may request earlier deletion of specific records in accordance with their policies
6.2 User Account Information
-
User account information is retained while accounts remain active
-
Upon account deletion, user data is removed within thirty (30) days
-
Some information may be retained longer as required for legal compliance
6.3 Analytics and Technical Data
-
Analytics data is retained for up to three (3) years for service improvement purposes
-
Technical logs and security data may be retained longer as required for system security
7. Your Rights and Choices
7.1 FERPA Rights
Parents and eligible students have rights under FERPA regarding education records, including:
-
Right to inspect and review records
-
Right to request corrections to inaccurate records
-
Right to consent to disclosures (in certain circumstances)
-
Right to file complaints with the Department of Education
These rights are exercised through the school, not directly with us.
7.2 California Privacy Rights
California residents have additional rights under the CCPA/CPRA:
-
Right to know what personal information is collected and how it's used
-
Right to delete personal information (subject to exceptions)
-
Right to correct inaccurate personal information
-
Right to opt-out of sale (though we don't sell information)
-
Right to non-discrimination for exercising privacy rights
7.3 Account Controls
Users can:
-
Update account information through their profile settings
-
Request account deletion by contacting support
-
Control certain data sharing preferences within the application
8. Children's Privacy
Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13.
Student education records we process belong to the school and are governed by FERPA and school policies, not by direct relationships with students.
9. International Users
Our Service is primarily designed for schools in the United States. All data is stored and processed in the United States. Users from other countries should be aware that their information will be transferred to and processed in the United States.
10. Data Breach Notification
In the event of a data security incident that may compromise student education records or personal information:
10.1 School Notification
-
We will notify affected schools within seven (7) business days of discovering the incident
-
Notification will include available details about the nature and scope of the incident
-
We will provide ongoing updates as more information becomes available
10.2 Individual Notification
-
Schools are responsible for notifying parents, students, and staff as required by law
-
We will assist schools in preparing appropriate notifications
-
We will provide necessary documentation for regulatory reporting
10.3 Regulatory Notification
-
We will comply with applicable state and federal breach notification requirements
-
We will assist schools in reporting to appropriate authorities as required
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:
-
Post updated policies on our website with a new effective date
-
Notify schools of material changes via email or through the Service
-
Provide reasonable advance notice when possible
Continued use of the Service after changes become effective constitutes acceptance of the updated policy.
12. Contact Information
For questions about this Privacy Policy or our privacy practices:
Nsightz Inc
Email: [privacy@nsightz.com]
Address: 166 Geary St STE 1500 Suite #514, San Francisco, California 94108, United States
Phone: (650) 218 1480
For FERPA-related concerns, you may also contact: U.S. Department of Education
Family Policy Compliance Office
400 Maryland Avenue, SW
Washington, DC 20202-8520
This Privacy Policy is designed to comply with FERPA, COPPA, California privacy laws, and other applicable regulations. Schools should review this policy in conjunction with their own privacy policies and legal requirements.