IEP FidelitySign in

Privacy Policy

Last updated: June 16, 2026

Who we are

IEP Fidelity (“we”, “us”, “the Service”) is a tool that helps special education teams track IEP accommodations and monitor compliance rates. This policy explains what information we collect, why, and how we protect it.

What we collect

  • Educator account data: name, email, school assignment, and role, used to sign you in and scope your access.
  • Student records you add: first/last name, grade, IEP dates, accommodations, parent contact, and your own notes. We do not collect this data from any source other than your school's authorized users.
  • Usage data: accommodation logs, class schedules, and AI chat messages you send, used to compute compliance and provide the service.
  • Operational logs: security and error logs needed to keep the service running. These do not contain student PII.

How we use it

  • Provide the dashboard, reports, and Chrome extension features.
  • Generate AI summaries and suggestions when you explicitly request them.
  • Maintain audit trails so administrators can verify IEP fidelity.
  • Detect and prevent abuse of the service.

We do not sell personal information, do not run advertising, and do not use student data to train third-party models.

How we protect it

  • Row-Level Security: every query is scoped to your school at the database layer. A teacher in one school cannot read data from another.
  • Encrypted in transit and at rest using industry-standard TLS and managed Postgres encryption.
  • Least-privilege roles: teacher, admin, and super admin each have only the permissions they need.
  • Service-role access is restricted to controlled server functions and verified webhooks.

FERPA and student data

We treat student records as education records under FERPA. Your school remains the data controller; we act as a school official with a legitimate educational interest, under your school's direction. Schools can export or delete student data on request.

Data sharing

We share data only with infrastructure providers strictly needed to run the service:

  • Hosting and database (Supabase / Lovable Cloud).
  • AI model providers for features you explicitly invoke (chat, summaries).

We do not share data with advertisers or data brokers.

Retention

We retain student and accommodation data for as long as your school keeps an active account, or until your school requests deletion. Audit and security logs are retained for up to 12 months.

Your rights

You may request access, correction, export, or deletion of your data by contacting your school administrator, who can reach us at privacy@iepfidelity.example. We respond within 30 days.

Children

The Service is intended for use by educators. Students do not have accounts. Any information about students is provided to us by their school under FERPA.

Changes to this policy

If we make material changes, we will update the date above and notify school administrators by email before the changes take effect.

Contact

Questions? Email privacy@iepfidelity.example.