Student Privacy Protection Policy

Last updated: June 7, 2026

Ezergrade is designed to help teachers, homeschool families, co-ops, microschools, tutors, and private schools administer spelling assessments while protecting student privacy. This page summarises our student data practices in plain English for teachers, school administrators, and parents.

For full details, see our Privacy Policy.

Student Data We Collect

Ezergrade collects only the student data needed to deliver assessments and maintain teacher-controlled grade records:

  • First name and last name
  • Teacher-assigned student number or classroom identifier, not a government ID or Social Security Number
  • Grade level, if assigned by the teacher
  • Class and group membership
  • Test responses and results
  • Session metadata, such as test mode, completion time, and submission status
  • Integrity log data during supervised tests, such as fullscreen exits, focus loss events, and window dimension changes
  • Basic usage data, such as IP address, browser type, and device type

Students do not create accounts, provide email addresses, set passwords, or receive marketing communications of any kind.

How Student Data Is Used

Student data is used only to:

  • Deliver spelling assessments and play audio during test sessions
  • Grade student responses and generate results for the teacher
  • Maintain the teacher's grade record across all delivery modes
  • Support CSV export or Google Classroom grade sync when enabled by the teacher
  • Protect assessment integrity during supervised tests

Ezergrade does not use student data for advertising, behavioral profiling, cross-site tracking, or any unrelated commercial purpose.

Student Data Ownership and Control

Student data remains controlled by the teacher, school, homeschool family, co-op, or educational organization that provided it. Ezergrade does not claim ownership of student records, test responses, or assessment results.

Who Can Access Student Data

Student data is accessible only to authorized teachers, administrators, or school representatives associated with the relevant class, school, or account. Students can only access their own active test session.

AI, OCR, and Student Data

Ezergrade uses AI in optional, teacher-controlled features only. The core digital assessment workflow — test delivery, audio playback, exact-match grading, and grade record storage — does not use AI.

When optional AI feedback is enabled by a teacher, only the correct word and the student's misspelled answer are sent to an AI provider. Student names, student numbers, and all other identifying information are never included in AI feedback requests.

Paper scan grading uses AI-powered OCR to read handwritten student answers from scanned paper tests. The OCR result is compared against the teacher's word list, and uncertain handwriting is flagged for teacher review. Ezergrade does not use AI to make subjective judgments about student performance.

Parent and Student Requests

Parents, guardians, or eligible students may request access to, correction of, or deletion of student data by:

For students whose data is controlled by a school or teacher, Ezergrade will work with the teacher or school to fulfil valid requests. Ezergrade will not unilaterally delete education records held on behalf of a school without school authorisation.

Security

Ezergrade uses reasonable technical and organisational safeguards to protect student data, including:

  • Encryption in transit (TLS/HTTPS)
  • Database encryption at rest
  • Row Level Security policies ensuring teachers access only their own data
  • Secure teacher authentication
  • No student login credentials stored

Subprocessors

Ezergrade uses trusted third-party providers only as needed to operate the Service. Current subprocessors handling student data include:

  • Supabase — database hosting and authentication
  • Cloudflare — hosting, content delivery, and security
  • Google Cloud Vision — OCR text extraction for Paper Mode scanning only. Ezergrade is designed for answer sheets that do not require student names. If a teacher includes a name, student number, or other identifying information on the scanned page, that information may be included in the OCR image sent for processing.
  • Google Classroom APIs — roster import and grade sync when authorized by the teacher, school, or Google Workspace administrator

AI providers process only word and misspelling pairs for optional AI feedback — never student names, student numbers, or other student identifiers. A full subprocessor list is maintained in our Privacy Policy.

Data Retention and Deletion

Student data is retained only as long as needed by the teacher, school, or organization. Teachers can delete individual students, classes, tests, and test results at any time from within the Service.

Upon account termination or a valid deletion request, Ezergrade will delete associated student data using industry-standard methods, subject to any legal retention requirements.

Student Privacy Laws

Ezergrade is designed to support teachers, schools, and educational organizations in meeting their student privacy obligations. Ezergrade is designed to support FERPA-conscious student data practices, and to align with obligations that may arise under COPPA and applicable state and international student privacy laws.

Schools and organizations may request a Data Processing Addendum or Student Data Privacy Agreement by contacting support@ezergrade.com.

Data Breach Notification

In the event of a data breach involving student data, Ezergrade will notify affected teachers, schools, or organizations within 72 hours of confirming the breach and will provide details on the nature of the breach, data affected, and corrective actions taken.

Contact

For student privacy questions, data requests, or to request a Data Processing Addendum:

Email: support@ezergrade.com

Website: https://ezergrade.com/privacy

Ezergrade™ is committed to protecting student privacy and providing a safe, honest assessment environment.