A+ReportCardPilot

Privacy Policy

Last Updated: March 8, 2026

1. Introduction

ReportCardPilot operates the website reportcardpilot.com. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service. We are committed to protecting the privacy of our users and the student data they process through our platform.

2. Information We Collect

Account Information

  • Full name
  • Email address
  • Password (stored in hashed form)
  • Preferred language (English or French)

Student Data

  • Student first name and initial
  • Student gender
  • Grade level
  • Subject performance ratings, letter grades, and percentage marks
  • Learning skills and work habits evaluations
  • Teacher observations, overall strengths and next steps

Educational Content

  • Lesson plans (text, PDF, or image uploads)
  • Past report card samples (for writing style matching)
  • Class details (name, grade level, board type, school year, province/state)

Payment Information

Payment is processed by Stripe. We do not store your credit card number, CVV, or full payment card details on our servers.

Automatically Collected Information

We collect your IP address for security and rate limiting purposes, and use essential session cookies for authentication.

3. How We Use Your Information

  • Provide the Service — generating report cards using your account info, student data, and educational content
  • Process payments via Stripe
  • Communicate with you about account updates and support
  • Ensure security and prevent fraud using IP address and account activity

We do NOT:

  • Sell your personal information or student data to third parties
  • Use student data for advertising or marketing purposes
  • Use student data to build profiles for non-educational purposes

4. AI Processing

Our Service uses Anthropic's Claude API to generate report card comments.

  • Student name, gender, grade level, assessments, teacher notes, lesson plans, and writing tone preferences are sent to Anthropic's servers for processing
  • This data is not used by Anthropic to train or improve their AI models (per Anthropic's commercial API terms)
  • Anthropic may temporarily retain API inputs for safety and abuse monitoring purposes
  • AI-generated output is stored in your account until you delete it

5. How We Share Your Information

We use the following service providers:

  • AnthropicAI report card generation (receives student names, assessments, teacher notes, lesson plans)
  • StripePayment processing (receives payment details and teacher email)
  • Render.comCloud hosting and database (all data, encrypted in transit and at rest)
  • ResendPassword reset emails (receives teacher email address)

6. Data Retention

Account and student data is retained while your account is active. When you delete your account, all data — including student data, classes, report cards, and uploaded templates — is permanently deleted immediately. Payment records are retained as required by tax regulations. Audit logs (with no personally identifiable information) may persist for security purposes.

7. Cookies

We use only essential cookies. A single session cookie (NextAuth) keeps you logged in for 24 hours. We do not use analytics cookies, advertising cookies, or third-party tracking. We do not use Google Analytics or any similar service.

8. Data Security

We implement encryption in transit (TLS/SSL) and at rest, password hashing (bcrypt, 12 rounds), 24-hour session expiration, rate limiting on login and report generation, input sanitization, parameterized database queries, ownership verification on all resources, and audit logging of sensitive actions. No method of electronic storage is 100% secure — we cannot guarantee absolute security.

9. Your Rights

You have the right to:

  • Access your personal data through your account dashboard
  • Correct inaccurate information through your account settings
  • Delete your account and all associated data through account settings
  • Export your generated report cards (PDF/Word download)

10. Children's Privacy

ReportCardPilot is designed for use by adult educators, not by children. We do not knowingly collect personal information directly from children. Student data is provided by authorized teachers, not by students themselves. If you believe a child has directly provided us with personal information, please contact us immediately.

11. Contact Us

If you have questions about this Privacy Policy, contact us at reportcardpilot@gmail.com

Back to Home