Inform(Ed) (“Company,” “we,” “our,” or “us”) delivers a cloud-based software-as-a-service platform that enables educational institutions to record, transcribe, analyze, and improve classroom teaching and learning activities (the “Platform”). Protecting the privacy and security of the students, educators, administrators, and other individuals (“Users”) whose information we process is foundational to our business. This Privacy Notice describes, in plain but comprehensive terms, how we collect, use, disclose, store, and secure personal information when we act as a “School Official” under the Family Educational Rights and Privacy Act (“FERPA”) and as a “Service Provider” under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA/CPRA”)—and, where relevant, as a “Processor” under the EU/UK/Switzerland data protection regulation (in particular the “GDPR”), which is provided under our European Privacy Policy.
This Notice applies to information processed through, the Platform and any associated mobile or desktop applications; customer support interactions (email, ticketing portals, chat, or phone); and professional services (implementation, training, or consulting) that we provide to subscribing schools, school districts, colleges, or universities (each a “Client”).
When we process Student Education Records (as that term is defined in FERPA) or other personal information on behalf of a Client, we do so solely at the Client’s direction and for no purpose other than providing the contracted services. We do not determine the means or purposes of processing those records; thus, the Client remains the data controller/educational agency.
“Personal Information” means any data that identifies or relates to an identifiable individual and is subject to an applicable privacy law.
“Student Data” means Personal Information that is directly related to a present or former student and is maintained by a school or educational agency, including education records subject to FERPA.
“Employee Data” means information about educators, teaching assistants, administrators, or other staff members provided by a Client to facilitate access to or use of the Platform.
Aggregated Data” means de-identified data that is combined so that it no longer identifies or could reasonably be used to identify an individual. Aggregated Data is not Personal Information.
| Category | Examples | Source |
|---|---|---|
| A. Account & Authentication Data | Name, institutional email, role (teacher, student, admin), hashed passwords, single- sign-on tokens | Provided by Client or User |
| B. Classroom Content | Audio recordings, real-time or post-class transcripts, classroom chat logs, | Captured by Platform at Client’s initiation |
| D. Device & Usage Data | IP address, browser type, operating system, device IDs, session metadata, feature-click analytics, error logs | Collected automatically via cookies or similar technologies |
| E. Support & Inquiry Data | Trouble-tickets, email correspondence, phone recordings, feedback forms | Provided by User or generated during support interactions |
We do not knowingly collect sensitive biometric identifiers, precise geolocation, or payment card data.
Where the GDPR applies (as provided more fully in our EU Privacy Policy) we rely on the following legal bases:
We never:
We impose contractual restrictions prohibiting third parties from selling, retaining, or using Personal Information for any purpose other than delivering the contracted services.
We retain Personal Information only for (i) the duration specified in the Client’s service order or data-retention schedule, or (ii) as needed to comply with our legal obligations—whichever is longer. Upon a Client’s written request, or within sixty (60) days after service termination, we will:
Exceptions apply where law requires preservation (e.g., ongoing litigation holds).
We maintain an information-security program aligned with NIST SP 800-171 and ISO/IEC 27001 frameworks, featuring:
| Jurisdiction | Data Subject Rights | How to Exercise |
|---|---|---|
| U.S. FERPA | Inspect, review, or request amendment of Student Education Records | Contact the school’s designated FERPA officer. We act solely on the school’s documented instructions. |
| California (CCPA/CPRA) | Right to know, delete, correct, limit use of sensitive personal information | Submit requests via the Client or, for non- Student Data, emailtommy@edinformed.com with “California Privacy Request” in the subject line. We verify identity in accordance with CPRA regulations and respond within 45 days. |
| EEA, UK, Switzerland(GDPR) | Access, rectification, erasure, portability, restriction, objection, lodge complaint with a Supervisory Authority | Direct requests to the Client (Data Controller). Where we act as independent Controller (e.g., marketing to educators), email tommy@edinformed.com. |
We do not discriminate against individuals who exercise their privacy rights.
In the event Personal Information is transferred outside the country of origin (for example, from the EEA/UK to the United States) we rely on:
We continuously monitor legal developments and will implement any additional safeguards required by regulators, including the EU-U.S. Data Privacy Framework if applicable.
We deploy strictly-necessary cookies for authentication and session management. Optional analytics cookies, when enabled by the Client, are restricted to first-party usage statistics and do not track users across unaffiliated services. Browser “Do-Not-Track” signals are honored where required by law. You may disable non-essential cookies in the in-app privacy settings panel.
The Platform may integrate with third-party learning-management systems (LMS), video- conferencing tools, or single-sign-on providers at the Client’s election. We are not responsible for the privacy practices of those third parties, and any data exchanged is governed by the third party’s terms and policies. We recommend Clients review the privacy notices of integrated services before activation.
We may revise this Notice to reflect changes in legal requirements, technology, or our business operations. Material changes will be communicated to Clients at least thirty (30) days in advance via email or in-product banner, and the “Effective Date” above will be updated. Continued use of the Platform after the effective date constitutes acceptance of the revised Notice.
Privacy Officer
Thomas Flynn Mulvoy
Gotthardstrasse 102
6490 Andermatt,
Switzerland
Email: tommy@edinformed.com
If you believe we have not resolved a privacy concern, you may lodge a complaint with your local data-protection authority or the U.S. Federal Trade Commission.
| Personal Information Category (Cal. Civ. Code § 1798.140) | Collected | Disclosed for Business Purpose | Sold/Shared |
|---|---|---|---|
| Identifiers (A) | Yes | Yes, to subprocessors | No |
| Protected classification characteristics (B) | No | - | - |
| Commercial information (C) | No | - | - |
| Internet or network activity (F) | Yes | Yes, to analytics provider | No |
| Geolocation (G) | Approximate IP-based region | Yes, to security provider | No |
| Audio, electronic, visual information (I) | Yes (classroom recordings) | Yes, to transcription engine | No |
| Inferences (K) | Engagement analytics | Yes, to Client | No |
We do not sell or share Personal Information in the meaning of CPRA, nor do we process sensitive Personal Information except to perform our contractual obligations.
A detailed ROPA covering purposes, categories, recipients, storage periods, and security measures is maintained internally and is available to supervisory authorities and Clients upon legitimate request.
If your educational institution provides you with access to the Platform, that institution is responsible for your account administration. Please direct any privacy questions to the institution’s designated administrator first; we will cooperate fully to address your inquiry.
Inform(Ed) is proud to serve the educational community and is committed to continuous improvement of our privacy and security posture. Should you have any questions about this Privacy Notice or our data governance practices, please contact us at the details provided above.