Privacy Policy

Privacy Policy for Dynamic Learner Platform

1. Introduction

Welcome to the Dynamic Learner Platform (“Platform,” “we,” “us,” or “our”). The Dynamic Learner is a learning platform and AI-powered educational companion provided by the Peter Clark Center and Breck School. This Privacy Policy explains how we collect, use, protect, and share personal information from students using our platform.

Contact Information:

• Data Protection Officer: sarah@dynamiclearner.org
• Phone: 612-964-3893
• Address: 123 Ottawa Ave N, Golden valley, MN 55422

2. Platform Overview and Services

The Dynamic Learner Platform provides personalized AI coaching through messaging channels including Apple Messages and WhatsApp. Our services include:

• AI-powered educational coaching and tutoring
• Personalized learning recommendations
• Short-term conversation memory and long-term learning profiles
• Integration with school systems and databases
• Wellness and mindset coaching
• Crisis intervention and escalation procedures to trained school counselors and mental health professionals
• Calendar and task management integration

3. Legal Framework and Compliance

FERPA School Official Designation

We operate as a “school official” under the Family Educational Rights and Privacy Act (FERPA) for partner educational institutions. This allows us to:

• Receive and process educational records for legitimate educational purposes.
• Provide personalized learning support services on behalf of schools.
• Maintain student privacy while delivering educational services.

COPPA Compliance Framework

For students under 13 years of age:

• School Authorization: Partner schools provide consent on behalf of parents for educational purposes.
• Parental Notification: Schools notify parents about our services within 30 days of school year start.
• Educational Purpose Limitation: Data use is strictly limited to providing educational coaching services

Minnesota Student Data Privacy Act Compliance

• Educational data remains the property of students and schools
• We implement strict limitations on data use, sharing, and retention
• Enhanced security measures protect against unauthorized access or disclosure
• No electronic monitoring beyond authorized educational purposes

4. Information We Collect

Student Information Categories

Authentication Data:

• School email addresses and associated domain information
• One-time password (OTP) verification codes
• Student identification numbers assigned by partner schools
• Login timestamps and device information

Educational Profile Data:

• Learning preferences, strengths, and areas for improvement
• Academic performance indicators shared by schools
• Personalized learning goals and progress tracking
• Course enrollment and schedule information from integrated school systems

Conversation and Interaction Data:

• Text messages exchanged with AI coaching system
• Voice interactions when using voice-enabled features
• Response patterns and engagement metrics
• Timestamp and frequency data for coaching interactions

Behavioral and Well-being Indicators:

• Academic stress levels and emotional state indicators derived from conversations
• Learning engagement patterns and motivation metrics
• Safety-related concerns identified through content analysis
• Crisis intervention triggers and escalation events

Technical and Usage Data:

• Device identifiers and operating system information
• Messaging platform integration data (Apple Messages, WhatsApp metadata)
• IP addresses and general location data (city/state level)
• Platform usage patterns and feature interaction data

Data Collection from Third-Party Integrations

School Database Information:

• Dynamic Learner Profile (DLP) data shared by partner schools
• Academic records and transcripts as authorized by schools
• Attendance and behavioral records relevant to learning support
• Parent contact information when provided by schools

Calendar and Task Integration:

• Assignment due dates and academic calendar events
• Personal task and goal information voluntarily entered by students
• Time management and scheduling preference data

5. How We Use Student Information

Core Educational Services

Personalized Learning Support:

• Develop individualized learning recommendations based on student self assessment
• Provide targeted coaching and support aligned with research-informed learning practices
• Generate personalized study schedules and academic goal-setting assistance

AI Coaching and Conversation:

• Maintain conversation context to provide coherent, ongoing educational support
• Analyze learning patterns to improve coaching effectiveness over time

Progress Monitoring and Reporting:

• Track learning progress and skill development over time
• Generate reports for students, parents, and authorized school personnel
• Identify areas where additional support or intervention may be beneficial

Safety and Well-being Monitoring

Crisis Prevention and Intervention:

• Monitor conversations for indicators of distress, wellness concerns, or safety risks
• Implement automated alerts for concerning behavioral patterns or explicit safety threats
• Escalate concerns to trained school counselors and mental health professionals

Content Filtering and Safety:

• Filter inappropriate content in AI responses and learning materials
• Block access to harmful or non-educational content

Platform Improvement and Development

Service Enhancement:

• Analyze aggregated, de-identified usage patterns to improve AI coaching effectiveness
• Conduct research on educational technology effectiveness with proper privacy protections
• Develop new features and capabilities based on student learning needs

6. Data Sharing and Disclosure

Authorized Educational Disclosures

School Personnel Access:

• Licensed school counselors and mental health professionals (for safety interventions)
• Academic advisors and teachers (for learning support coordination)
• School administrators (for compliance and oversight purposes)
• Parents/guardians (as permitted by FERPA and state law)

Required Legal Disclosures

Mandatory Reporting:

• Child abuse or neglect as required by Minnesota state law
• Imminent threats to student safety or welfare
• Court orders, subpoenas, or other valid legal process

Emergency Situations:

• Immediate threats to student safety requiring emergency response
• Medical emergencies requiring coordination with healthcare providers
• Crisis situations requiring parent/guardian notification

Service Provider and Technical Disclosures

Technology Infrastructure:

• Cloud hosting providers (with appropriate data protection agreements)
• AI/ML service providers for natural language processing (with strict data use limitations)
• Security and monitoring service providers

7. Student and Parental Rights

Access and Review Rights

Information Access:

• Students and parents may request copies of all personal information collected
• Access to conversation histories and learning profile data
• Explanation of AI decision-making processes affecting the student

Data Portability:

• Export of learning profiles and educational data in machine-readable formats
• Transfer of data to other educational platforms as technically feasible

Correction and Amendment Rights

Information Accuracy:

• Request correction of inaccurate or incomplete personal information
• Challenge AI-generated assessments or recommendations
• Supplement records with additional context or explanations

Consent Management and Withdrawal

Ongoing Consent Control:

• Modify data sharing preferences and privacy settings
• Withdraw consent for specific data uses while maintaining core educational services
• Opt-out of non-essential data collection and analysis

Account Termination:

• Close student accounts with full data deletion
• Partial service termination while maintaining essential educational records
• Transfer of data to schools upon graduation or program completion

8. Data Security and Protection Measures

Technical Safeguards

Encryption and Access Controls:

• End-to-end encryption for all data transmission
• AES-256 encryption for data at rest
• Multi-factor authentication for all administrator access
• Role-based access controls limiting data access to authorized personnel

System Security:

• Regular security audits and penetration testing
• 24/7 monitoring for security incidents and threats
• Secure software development practices and code review
• Regular backup and disaster recovery procedures

Administrative Safeguards

Staff Training and Access:

• Comprehensive privacy and security training for all personnel
• Background checks for employees with access to student data
• Strict confidentiality agreements and acceptable use policies
• Regular access reviews and privilege management

9. Data Retention and Deletion

Retention Periods

Educational Records:

• Learning profiles and academic progress data: Maintained for duration of student enrollment plus 3 years
• Conversation histories: Retained for current academic year plus 1 additional year
• Safety and intervention records: Maintained per Minnesota state requirements (7 years)

Technical and System Data:

• Authentication logs: 2 years
• Security monitoring data: 3 years
• Aggregated analytics data: 5 years (de-identified)

Deletion Procedures

Automatic Deletion:

• Scheduled deletion of expired data according to retention policies
• Immediate deletion upon account closure or consent withdrawal
• Secure overwriting of deleted data to prevent recovery

Manual Deletion Requests:

• Response to student or parent deletion requests within 30 days
• Verification procedures to prevent unauthorized deletion requests
• Documentation of deletion activities for compliance verification

10. Crisis Intervention and Safety Protocols

Automated Safety Monitoring

Risk Detection Systems:

• AI-powered analysis of conversations for indicators of self-harm, suicidal ideation, or abuse
• Behavioral pattern recognition for academic distress and mental health concerns
• Integration with validated screening tools and assessment frameworks

Human Oversight and Intervention

Escalation Procedures:

• Immediate alert to licensed school counselors for potential high-risk situations

 

Documentation and Follow-up:

• Detailed documentation of all safety interventions and decisions
• Follow-up procedures to ensure student welfare and safety
• Coordination with parents, schools, and mental health professionals

11. AI and Algorithmic Transparency

AI System Disclosure

Automated Decision-Making:

• Clear notice when AI systems make or influence educational recommendations
• Explanation of factors considered in AI-generated suggestions and assessments
• Right to request human review of AI decisions affecting the student

Algorithmic Fairness:

• Regular bias testing and fairness auditing of AI systems
• Diverse training data and ongoing bias mitigation efforts
• Transparency reports on AI system performance and fairness metrics

Model Training and Development

Training Data Sources:

• Curated educational content from approved, high-quality sources
• De-identified conversation patterns for improving response quality
• Public educational resources and curriculum materials

Data Use Limitations:

• No use of individual student data for AI model training without explicit consent
• Aggregated, de-identified data only for general platform improvement
• Strict separation between individual coaching data and model development

12. Third-Party Platform Integration Privacy

Messaging Platform Privacy

Apple Messages and WhatsApp Integration:

• End-to-end encryption maintained through messaging platform APIs
• No storage of platform-specific metadata beyond educational purposes
• Compliance with messaging platform privacy policies and terms

School System Integration

Database and API Connections:

• Secure, encrypted connections to school information systems
• Limited data access based on legitimate educational interest
• Regular auditing of data access and usage patterns

13. Breach Notification and Incident Response

Notification Procedures

Student and Parent Notification:

• Immediate notification of breaches affecting personal information
• Clear explanation of breach scope, potential impact, and remedial actions
• Free credit monitoring or identity protection services when appropriate

Regulatory and Partner Notification:

• Notification to Minnesota Attorney General within required timeframes
• Coordination with partner schools on breach response and communication
• Reporting to federal agencies as required by applicable law

Incident Response Framework

Immediate Response:

• Containment and investigation of security incidents
• Assessment of breach scope and affected individuals
• Implementation of remedial measures to prevent future incidents

14. Contact Information and Support

Privacy Questions and Concerns

Student and Parent Support:

• Email: privacy@dynamiclearner.org
• Phone: 612-964-3893

Regulatory Complaints:

• Minnesota Attorney General: https://www.ag.state.mn.us/
• U.S. Department of Education Student Privacy Policy Office: studentprivacy@ed.gov
• Federal Trade Commission: https://www.ftc.gov/complaint

15. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. We will:

• Provide at least 30 days advance notice of material changes
• Notify students, parents, and school partners through email and platform announcements
• Maintain previous versions of the Privacy Policy for reference
• Obtain new consent when required by applicable law