Our Trust Pledge
Our Trust Pledge
Our Trust Pledge
Seven promises we make to every teacher, student, parent, and district that uses Ed.ai.
Ed.ai is built for math teachers by people who've sat in the classroom. That starting point shapes how we handle your students' work. These seven pledges are the line we don't cross — not because the law requires it, but because grading is sensitive ground and we know what's at stake.
Our 7 Privacy Pledges
Pledge 1 — Full transparency on what we collect and why
We tell you, in plain language, every category of data we collect and the exact purpose it serves. No hidden telemetry, no dark patterns, no "we may use your data for research" boilerplate.
Every page of our Privacy Policy tells you (a) what is collected, (b) why, and (c) how long we keep it. If you find something unclear, write to privacy@ed.ai and we will rewrite the section.
Pledge 2 — US-based hosting. Student data never leaves the United States.
All student work — scans, transcriptions, grades, analytics — is stored in Microsoft Azure US Central. There is no cross-border transfer, no "disaster recovery in another continent" clause, no offshore processing partner. When we say "US-hosted," we mean end to end.
Pledge 3 — Narrowly defined purposes. Never sold. Never used for advertising.
Student data exists on our systems for one reason: to help a teacher grade, give feedback, generate remediation, and track mastery. It is not sold. It is not shared with advertisers. It is not used to build a profile of the student. It is not repurposed for a second product line.
Pledge 4 — AI as a teaching assistant. The teacher always has the final say.
Ed.ai proposes a grade, a correction, a next exercise. The teacher validates, edits, or rejects it. No student ever receives an "AI-only" grade. Two decisions in particular are never taken autonomously by the AI:
Final grades — a grade is only finalized after the teacher has reviewed and approved it.
Distribution of graded work back to students — graded assignments are never sent back to students automatically; the teacher controls when and what is released.
No grade and no graded work reaches a student until a teacher has reviewed and released it.
Pledge 5 — Easy access, correction, export, and deletion
Every account holder can view their data, correct it, export it in open formats (CSV for tabular data, PDF for graded assignments, standard image formats or PDF for scanned student work), and delete it — directly from the product settings. No email to a privacy team required. No "contact support" gate. No waiting period beyond what the law mandates.
Pledge 6 — Deletion on request + automatic purge after 12 months of inactivity
When a teacher or district asks us to delete data, we remove it from production systems within 30 days; backups and archival systems are fully purged within 12 months. We never delete a student's work while your institution's contract is in force. When a contract ends, all associated student work is deleted from production within 90 days (backups within 12 months). No "we keep it just in case."
Pledge 7 — Portable data in open formats
You own your data. You can take it with you. Exports come in CSV for tabular data, PDF for graded assignments, and standard image formats or PDF for scanned student work. No proprietary format, no lock-in.
What makes us different
A shorter block at the bottom, four items with icons:
No model training on student work
Your students' handwritten solutions, their wrong answers, their struggle through a proof — none of it is used to train any AI model, ours or a vendor's. Period. We use enterprise LLM deployments from Microsoft Azure (Azure OpenAI, Azure Claude, Azure Mistral) and Google Cloud (Gemini), all hosted in US regions and all operating under enterprise no-training and no-retention terms: student work submitted to these models is not retained by the provider and is never used to train any model. Our 100,000+ training problems come from curated, licensed sources, not from your classroom.
Mandatory human-in-the-loop
Every grade that leaves Ed.ai passes through a teacher. Not as a pop-up, not as an opt-out — as a structural requirement of the product.
De-identification before any LLM call
Before student work is sent to a language model (Azure OpenAI, Azure Claude, Azure Mistral, and Google Gemini), our pipeline masks names, class rosters, and identifying markers with opaque white pixels. The LLM never sees who the work belongs to. See /de-identification for the full technical description.
Prepared for upcoming state AI governance laws
Colorado's AI Act, California's AB 2013, and the emerging patchwork of state AI rules affect ed-tech vendors directly. Our AI practices — human-in-the-loop, no autonomous high-stakes decisions, documented training data — align to these requirements today, not after they become enforceable.
Closing block
These seven pledges aren't marketing. They're the operating rules we hold ourselves to, and the bar we expect our customers to hold us to.
If you're a District Data Privacy Officer, a CTO, or a parent and you want to verify any of these claims in writing — or audit them on-site — write to privacy@ed.ai.