Trust Center

Built for students.
Trusted by families.

Plio Academy is a nonprofit. We have no advertising business model, no data to sell, and no incentive to collect more than we need. This page explains exactly how we handle student and family data.

Request Data Deletion Privacy Summary (printable)

COPPA

Children's Online Privacy Protection

Children under 13 never create accounts directly on Plio Academy. Every student account is created and managed by a parent, guardian, or school administrator who provides verifiable consent. We apply COPPA protections to all users under 13 and extend similar care to all students on our platform regardless of age.

Children never submit PII directly — guardian owns and controls all account data.
A student profile holds a display name, an avatar, and a date of birth (used only to recommend an age-appropriate learning tier, never shown publicly or shared); no email, phone, or address.
Lesson questions a student asks the Lio AI tutor are sent to Anthropic to generate educational answers, logged, and automatically moderated for safety — never used for advertising.
No behavioral advertising, no tracking pixels, no third-party marketing on student-facing pages.
Any guardian may request full deletion of their child's data at any time — no questions asked.
We do not sell, share, or rent student data to any third party for commercial purposes.

FERPA

Educational Records Alignment

Plio Academy is designed to align with FERPA principles. When we partner with schools and districts, we act as a school official with a legitimate educational interest and handle education records accordingly.

We never sell student education records or learning data to any party.
Role-based access controls: teachers see only their students; guardians see only their children.
Audit logs record every privileged access to student data.
District data agreements available on request — contact privacy@plio.academy.
Data portability: request a full export of your student's progress by emailing privacy@plio.academy — we fulfill verified requests within 30 days.

Data Retention

Data type	Retention period
Account & profile data	Retained while active. Auto-deleted after 24 months of inactivity; guardian-requested deletions completed within 30 days of verification.
Student learning progress & SRS data	Deleted with the associated student profile (cascade)
Guardian email (waitlist / contact form)	Until enrolled or removal requested
Server access logs	30 days, then deleted
Donation records	7 years (IRS nonprofit requirement)
Audit logs (privileged access)	1 year

Accounts that go unused are cleaned up automatically: once a student profile has had no learning activity for 24 months, a monthly retention job permanently deletes it along with all of its learning data. Separately, when a guardian submits a deletion request (via our data-deletion form or by emailing privacy@plio.academy), our privacy team verifies it and completes the deletion within 30 days. Deleting a guardian account also automatically deletes every linked child profile and its data.

Security Practices

Authentication

Encryption

Database encrypted at rest (Neon/AWS AES-256). All traffic encrypted in transit (TLS 1.3). HTTPS-only — no plain HTTP.

Infrastructure

Hosted on Vercel edge network with DDoS protection. Database isolated in a private VPC. Secrets managed via environment variables, never committed to source.

Access control

Role-based permissions enforced at the database query layer. Staff access to production data requires 2FA and is fully audited.

Vulnerability management

Dependency updates automated via Dependabot. Security patches applied within 24 hours of disclosure. No unpatched critical CVEs.

Incident response

We notify affected users within 72 hours of a confirmed breach. Full post-mortems published within 30 days.

Sub-Processors

We use the following third-party services. Each is bound by a data processing agreement and may not use student data for any purpose other than providing services to Plio Academy.

Vendor	Purpose	Data received	Certifications
Clerk	Authentication & identity	Guardian email, name, password hash	SOC 2 Type II
Neon	Serverless PostgreSQL database	All platform data (encrypted at rest + in transit)	SOC 2 Type II
Resend	Transactional email delivery	Guardian email address, name	SOC 2 Type I
Backblaze B2	Compliance archive & report storage	COPPA audit-trail exports and grant reports (long-term retention)	SOC 2 Type II
Cloudflare R2	Tutor interview video storage	Tutor interview recordings (creator data — not student data)	SOC 2 Type II
Anthropic	Lio AI tutor	Lesson questions sent to generate educational responses; conversations are logged and automatically moderated for child safety	SOC 2 Type II
Upstash Redis	Short-lived session cache	Hashed session token + Clerk user ID (no child profile data)	SOC 2 Type II
Stripe	Payment processing (donations)	Donor payment information (PCI-DSS compliant; Plio never sees card numbers)	PCI DSS Level 1, SOC 1 & 2
Vercel	Edge hosting & CDN	Web traffic, standard access logs	SOC 2 Type II

Last updated: May 2026. We will update this list before adding any new sub-processor.

Compliance Documentation

For district IT officers and procurement teams: E-Rate eligibility statement, state student-privacy law compliance table (IL SOPPA, CA AB 1584, NY Ed Law 2-d, TX SB 820, WA OSPI), FERPA school-official status, COPPA operator status, and CIPA notes.

View Compliance Docs Printable Matrix

Questions or concerns?

Our privacy team responds within 2 business days. For data deletion requests, use the dedicated form — we complete all deletions within 30 days.

privacy@plio.academy Data Deletion Request

Full Privacy Policy Terms of Service

Built for students. Trusted by families.