π Privacy & Data Practices
SPEDGenie does not store
student information.
This is not a privacy policy written by lawyers to protect us. This is a plain-language explanation of exactly what SPEDGenie collects, processes, and deletes β written by the teacher who built it.
"SPEDGenie is designed to extract instructional insights β not to serve as a permanent repository of student records."
π« SPEDGenie never stores any of the following
β
Social Security numbers
β
Parent contact information
β
Original uploaded documents
Uploaded files are processed in your browser and deleted from memory immediately after extraction. The file you upload never persists on any server. Raw document text is cleared the moment the AI extraction completes β even if you close the tab before approving the profile.
β
What SPEDGenie may save β only with your explicit approval
β
Student code β a code you assign, such as "Student A" or "GL-7th." Never a real name.
β
Educational profile data β grade band, disability category, reading level, academic strengths, functional needs, accommodations, and IEP goal areas.
β
Saved IEP goals β goals you save from the Goal Intelligence Center, stored in your browser only.
β
Progress monitoring data β goal status entries you add manually. Stored in your browser only, never on a server.
All of the above is stored in your browser's localStorage only β on your device, not on any SPEDGenie server. Clearing your browser data removes it entirely. It cannot be accessed by SPEDGenie, Anthropic, or any third party.
How document processing works
When you upload an IEP, FIE, evaluation, or progress report, here is exactly what happens β step by step:
1
File is read in your browser
Your .docx or .txt file is opened using Mammoth.js, a JavaScript library that runs entirely in your browser. The file never leaves your device at this step.
2
PII is scrubbed before any transmission
Before the text is sent anywhere, a PII scrubber removes SSN patterns, phone numbers, email addresses, and street addresses from the text.
3
Scrubbed text is sent to Claude AI for extraction
The scrubbed text β not the original file β is sent to Anthropic's Claude API to identify educational information: strengths, needs, goals, accommodations. The AI is instructed to extract educational data only and never retain SSNs, names, addresses, or parent contacts.
4
Original document deleted from memory immediately
The moment the API responds, the raw text variable is set to empty string and the file input is cleared. The original document no longer exists in the session β even if you close the tab without approving the profile.
5
You review and approve every extracted field
The extracted educational profile is shown to you field by field. You can remove any item, add items, or edit the disability impact statement. Nothing is saved until you click "Approve & Save Profile."
6
Only your approved educational profile is saved β to your browser only
A structured JSON profile with no PII is saved to your browser's localStorage. It is never transmitted to SPEDGenie's servers. If you choose Anonymous Mode, nothing is saved at all β the data disappears when you close the tab.
Three privacy modes β you choose
SPEDGenie offers three modes depending on your district's privacy policies and your comfort level.
Anonymous Mode
Upload, extract, use. Nothing saved anywhere. Session ends, data disappears completely.
Nothing stored
Student Code Mode
Assign a code (Student A, GL-7th). Approved educational profile saved to your browser only. No PII ever.
Browser localStorage only
District Enterprise
Named students and long-term storage available under a signed DPA, Privacy Agreement, and Security Agreement.
Requires district contract
Student Intelligence Engineβ’ β what it extracts and what it does not
The Student Intelligence Engineβ’ reads existing student documents and pulls out only the educational information teachers need for instruction and IEP planning.
β
Extracts (educational data only)
β Academic and functional strengths
β Academic and functional needs
β Accommodations and modifications
β Current IEP goal areas and baselines
β Reading level and math level
β Disability category and impact statement
β Related services
β Behavior supports and transition needs
β Does not extract (never retained)
β Student name or date of birth
β Home address or school of attendance
β Social Security number or student ID
β Parent or guardian contact information
β Transportation information
β Medical insurance or Medicaid information
β Physician or medical provider details
β Original uploaded document
FERPA and SPEDGenie
Important: SPEDGenie is designed with FERPA-aligned data minimization and document processing safeguards. Final district approval, data governance, and access policies remain the responsibility of the district. SPEDGenie does not certify or guarantee FERPA compliance β that determination requires review of your district's specific policies, contracts, and authorization procedures.
FERPA (the Family Educational Rights and Privacy Act) protects student education records. Here is how SPEDGenie's design relates to FERPA principles:
- SPEDGenie is designed to avoid maintaining education records. It generates draft content that teachers use to create records β but the records themselves live in your district's IEP management system (TAMS, Frontline, SpEd Forms), not in SPEDGenie. Whether SPEDGenie qualifies as a "school official" or requires a FERPA exception depends on your district's specific use case and counsel's review.
- SPEDGenie is a teacher tool, not a student-facing product. Students never interact with SPEDGenie directly. No student accounts exist.
- Teachers are instructed to use student codes only. Every screen that accepts student input displays a FERPA reminder. SPEDGenie cannot prevent a teacher from typing a real name, but the policy and UI both direct against it. Districts should establish a written policy on acceptable use.
- A Data Processing Agreement (DPA) is available on request. Districts that require a formal DPA can request one by emailing hello@spedgenie.com. Execution of a DPA is required before enabling District Enterprise storage mode.
- User behavior matters. FERPA compliance is partly technology, partly district policy, and partly user behavior. SPEDGenie provides safeguards β district policies and training complete the picture.
The AI we use β Anthropic Claude
SPEDGenie uses Anthropic's Claude API to generate IEP language, extract educational profiles, and build symbol supports. Relevant data practices:
- Anthropic's Zero Data Retention (ZDR) policy means API inputs and outputs are not stored by Anthropic and are not used to train future AI models.
- The API call is made through a secure serverless function β your browser never connects directly to Anthropic. The API key is never exposed to your browser.
- Anthropic is SOC 2 Type II certified.
- For more on Anthropic's privacy practices, visit anthropic.com/privacy.
What teachers should not do
SPEDGenie is designed to protect student privacy β but teachers are the first line of defense. Please do not:
- Enter real student names into any SPEDGenie field. Use student codes or initials.
- Upload documents that contain sensitive medical information beyond what is needed for educational planning.
- Upload documents on a shared or public computer where the browser session is not private.
- Share a SPEDGenie URL that includes a student code with anyone not authorized to view that student's educational information.
- Use SPEDGenie on a district device if your district has not approved AI-assisted educational tools or has specific restrictions on browser-based AI processing.
Retention table β what is stored in each mode
This table shows exactly what is retained in each privacy mode. Nothing beyond this table is stored by SPEDGenie.
| Data type |
Anonymous Mode |
Student Code Mode |
Enterprise Mode |
| Original uploaded document |
β Never |
β Never |
β Never |
| Student PII (name, DOB, address, SSN) |
β Never |
β Never |
β Never |
| Parent or guardian contact information |
β Never |
β Never |
β Never |
| Approved educational profile (student code, grade, disability, strengths, needs, accommodations, goals) |
β Not saved |
Browser only
localStorage |
District server
with DPA |
| Saved IEP goals (teacher-saved from goal library) |
β Not saved |
Browser only |
District server
with DPA |
| Progress monitoring entries (teacher-entered data points) |
β Not saved |
Browser only |
District server
with DPA |
| Aggregate usage analytics (page views, feature counts β no identifiers) |
Aggregate only |
Aggregate only |
Aggregate only |
Browser localStorage means data exists only on the teacher's device in their browser. It is never transmitted to SPEDGenie servers. Clearing browser data removes it permanently.
Redaction guidance for teachers
Before uploading any document to SPEDGenie, teachers should apply basic redaction practices. SPEDGenie runs an automatic PII scrubber β but teacher-level redaction is the first and strongest line of defense.
Before uploading β redact or remove:
βοΈ Replace student name with a code or initials
βοΈ Remove or black out date of birth
βοΈ Remove parent names and phone numbers
βοΈ Remove home address and school address
βοΈ Remove student ID numbers and SSN
βοΈ Consider using the Paste Text tab for maximum control
π‘ The Paste Text tab is always the most private option. Instead of uploading a full document, paste only the sections you need β the PLAAFP paragraph, the goals, or the accommodations list. This way you never send more than you intend.
Security β current state and roadmap
SPEDGenie is a browser-based platform with a serverless backend. The following describes the current security posture and the features on the enterprise roadmap.
β
Current β in place today
βAll data transmitted over HTTPS/TLS
βAPI key stored server-side β never exposed to browser
βAI vendor Zero Data Retention policy (Anthropic)
βAutomatic PII scrubber before any AI call
βDocument deleted from memory after extraction
βTeacher review required before any data is saved
βNo student data stored server-side (Individual/Code modes)
βFERPA reminder displayed on every student input screen
π² Enterprise roadmap β planned
βEncryption at rest for Enterprise storage tier
βRole-based access controls (Teacher / Campus Admin / District Admin)
βAdmin audit log β who accessed what and when
βAutomated data deletion after configurable retention period
βSSO / district identity provider integration
βSOC 2 Type II audit (Enterprise tier)
βData residency options (US-only storage)
βBreach notification procedures (contractual)
Honest disclosure: SPEDGenie has not undergone a third-party security audit. The enterprise security features listed above are planned and not yet implemented. Districts evaluating SPEDGenie for Enterprise use should conduct their own security review and engage SPEDGenie in a DPA discussion before enabling named student storage.