Skip to main content

Data Privacy for Schools

Last Updated: April 7, 2026

1

Introduction & Commitment to Educational Privacy

At B4Speak("Company," "we," "us," or "our"), protecting the privacy and security of the educational institutions, administrators, teachers, and students who use our platform is our highest priority. This Policy explains how we collect, use, disclose, and safeguard Student Data and other Personal Information when your school limits the use of our services (the "Platform").

Our infrastructure is designed to comply with comprehensive global educational privacy standards, including the Family Educational Rights and Privacy Act (FERPA), the General Data Protection Regulation (GDPR) for educational entities, and the Children’s Online Privacy Protection Act (COPPA). We act purely as a data processor and service provider for School Authorities.

2

Data Collection and Usage

We strictly limit the data we collect solely to what is necessary for providing educational services:

  • Roster Information: Names, grade levels, and school-issued email addresses provided securely by the School Coordinator.
  • Performance Data: AI-generated fluency metrics, attendance logs, and CEFR level tracking derived directly from the usage of the b4speak Platform.
  • Audio/Video Processing: Any audio or video data transmitted during AI or live sessions is processed momentarily for immediate algorithmic evaluation (e.g., pronunciation APIs) and is strictly not retained or stored permanently on our servers unless explicitly authorized by a separate data-retention agreement signed by the School.
3

Ownership of Student Data

All Student Data collected through the b4speak Platform remains the exclusive property of the contracting Educational Institution or Local Education Agency (LEA). We do not claim ownership of Student Data, and School Authorities retain full control over adding, modifying, or deleting records via the Admin Dashboards.

4

Strict Prohibition on Targeted Advertising

We unconditionally prohibit the use of Student Data for targeted advertising, marketing, or profiling for non-educational purposes. We never sell, rent, or trade student profiles or institutional data to any third-party brokers under any circumstances.

5

Data Security & Storage Architecture

Our databases are safeguarded by enterprise-grade measures including TLS 1.3 encryption in transit, AES-256 encryption at rest, regular third-party penetration testing, and role-based access control (RBAC). Data centers holding sensitive educational material are physically audited, SOC 2 compliant, and geographically aligned with institutional legal requirements (e.g., maintaining EU data inside the EU).

6

Deletion and Return of Data

Upon termination of a School Contract, or directly upon a localized administrative request, all associated Student Data and curricular configurations will be permanently and securely wiped from our live environments within thirty (30) days. Authorized administrators may request a full cryptographic export of their historical metrics prior to deletion.

Contacting Our Data Protection Officer

For legal inquiries, data processing addendums (DPA), or audits, please contact our privacy desk directly at:

Email: privacy@b4speak.com
Department: b4speak Inc., Compliance Team