Privacy Policy

We collect information to provide a bespoke educational experience. This includes:

• Guardian Data: Name, email address, phone number, and timezone provided during registration.
• Scholar Data: Profiles created by guardians (name/alias, age, grade).
• Academic & AI Data: Performance metrics, and audio/video transcripts generated during live sessions or interactions with our AI-enabled features, utilized solely to personalize instruction.
• Technical Data: IP addresses, browser data, and essential cookies (e.g., Google Analytics) to improve dashboard performance.

We know children deserve extra privacy protection. Gillians Academy strictly adheres to the Children’s Online Privacy Protection Act (COPPA).

• We do not permit children under 13 to create their own accounts; all accounts must be initialized by a verified parent or legal guardian.
• We only collect the bare minimum academic information required to facilitate tutoring.
• Third-party behavioral tracking and personalized advertising are strictly disabled for scholar profiles.

Your data is strictly used to operate the Academy and enhance the learning experience. We use it to:

• Schedule 1-on-1 sessions and match scholars with appropriate educators.
• Process tuition securely and send SMS/email alerts regarding schedule changes.
• Train our internal educational models using anonymized, de-identified metrics to improve curriculum delivery.
• Comply with legal obligations, prevent fraud, and ensure platform safety.

We do not sell your data. We only share necessary information with trusted, compliant infrastructure partners strictly to operate the Academy:

• Payment Processors: Stripe (for secure tuition billing).
• Infrastructure: Supabase and AWS (for secure database hosting).
• Communication: Calendly (for scheduling) and secure email/SMS gateways.

Security is paramount. All data is encrypted in transit and at rest using industry-standard AES-256 encryption. Our database utilizes Row Level Security (RLS) ensuring that a guardian can only ever access data belonging to their specific household.

Data may be processed in the United States. Gillians Academy complies with the EU-U.S. Data Privacy Framework (DPF) regarding the processing of personal data received from the European Union and the UK.

You retain full control over your household's data. Subject to applicable laws (such as GDPR or CCPA), you have the right to:

• Access a copy of the personal information we hold about you.
• Request corrections to inaccurate personal information.
• Request the complete deletion of your profile and history from our servers.

If you wish to exercise any of these rights, please contact our Data Protection Officer at: privacy@gilliansacademy.com