Last Updated: June 2026
This Schools Privacy Policy applies to Askie's education product used by schools, districts, and teachers ("Schools"). It supplements — and, for school use, takes precedence over — our consumer Privacy Policy. Askie for Schools is operated by Askie Kids AI Limited (company number 16991192), registered in England and Wales.
Schools control their students' data; Askie only processes it on the school's instructions to deliver the service. We do not advertise to students, do not sell student data, and never use student data to train AI models. The schools product runs on infrastructure and a database that are fully separate from our consumer product, hosted in the European Union.
When a school uses Askie, the school (or district) is the data controller and Askie is the data processor, acting only on the school's documented instructions. In the United States, Askie operates as a "school official" under FERPA's exception (34 CFR § 99.31(a)(1)), and obtains school/teacher consent on behalf of parents as permitted under COPPA for school-authorized educational services. A Data Processing Agreement (DPA) governs this relationship and is available on request at askie@kidsai.app.
The schools product is logically and operationally separated from our consumer (B2C) product: • Separate application deployment — schools run on dedicated services, not the consumer service. • Separate database — student and classroom data live in a separate schools database, isolated from consumer data. • EU data residency — schools data is hosted in the European Union. Some sub-processors (e.g. analytics, crash reporting, AI processing) may process limited technical data in the US under Standard Contractual Clauses (SCCs) with strict data minimization.
Teacher / staff accounts: name, email, school affiliation, and authentication identifiers. Student profiles (created or imported by the teacher/school): first name or nickname, age or grade level, avatar, learning preferences, and class assignment. Students authenticate through the school — students do not provide payment information and are not asked for contact details. Learning activity: questions asked, AI responses, voice sessions, generated images/videos, and usage statistics (for the teacher dashboard and safety monitoring). Google Classroom (optional): if a school connects Google Classroom, we access roster information (class lists and student identifiers) solely to create and sync classes and students. We request the minimum scopes needed, do not use Google Classroom data for any purpose other than providing the service, and do not share it with third parties.
We use student data only to provide and operate the educational service for the school: deliver age-appropriate content, maintain history for teacher review, enforce safety and content moderation, and provide the teacher dashboard. We do NOT: • sell, rent, or share student data for marketing; • use student data for behavioral advertising; • use student data to train Askie's or any third party's AI models; • build student profiles for any purpose unrelated to the school's educational use.
Student questions are processed in real time by Google Gemini (or OpenAI as a backup if Google is temporarily unavailable) solely to generate a response. These providers do NOT store the content or use it to train their models. Long-term memory features are not enabled for student accounts by default.
• Student learning history retention is configurable per school; the default retention applies on a rolling basis and history is automatically deleted past the retention window. • When a teacher or school deletes a student, the record is soft-deleted and then permanently erased after the retention grace period (COPPA/GDPR-K compliant cleanup). • On termination of a school's account or on the school's written request, we delete or return all student personal data within 30 days, except where retention is required by law. • Voice session records and generated video assets are deleted on their own automatic schedules.
We use vetted sub-processors under data-processing agreements, including: cloud hosting and infrastructure (Railway, MongoDB Atlas, Google Cloud), AI processing (Google Gemini, OpenAI), voice infrastructure (Daily.co), authentication (Auth0), email (Resend), error monitoring (Sentry), and billing (Stripe). A current sub-processor list is available on request, and we will give schools advance notice of material changes.
Encryption in transit (TLS) and at rest, role-based access controls, least-privilege access, audit logging, and regular security reviews. Access to student data is restricted to personnel who need it to operate or support the service.
Because the school is the controller, parents and eligible students should direct requests to review, correct, export, or delete student data to their school, which can action them through the teacher/admin dashboard or by contacting us. Askie will assist the school in fulfilling these requests under FERPA, COPPA, and GDPR/UK-GDPR.
Askie for Schools is designed to support FERPA, COPPA (school-authorized consent), GDPR / UK-GDPR, and applicable US state student-privacy laws (e.g., SOPIPA). We will sign a school's DPA or data-privacy addendum where required.
Data protection questions, DPA requests, or rights requests: askie@kidsai.app — Askie Kids AI Limited (company number 16991192), registered in England and Wales, and registered with the UK Information Commissioner's Office (ICO), reference ZC154927 (verify at ico.org.uk/ESDWebPages/Entry/ZC154927). You may also lodge a complaint with the ICO or your local data protection authority.