Saya operates inside real classrooms with real children. This policy is written to be read — not buried. Last updated: May 2026
Plain-language summary: We collect teacher account info and classroom transcripts. We use transcripts only to generate Saya's responses. We never sell your data, never train AI on your classroom, and students never create accounts or provide us personal data directly.
Saya is deployed inside live K–12 classrooms. We treat student data protection as a non-negotiable design requirement — not an afterthought. This platform is built in compliance with FERPA (Family Educational Rights and Privacy Act) and COPPA (Children's Online Privacy Protection Act). This policy explains exactly what we collect, why, and how it is protected — in plain language.
Teacher account data
Name, email address, school name, and a bcrypt-hashed password. We never store your password in plain text.
Session configuration
Grade level, subject, topic, persona selection, language, class culture, and class size — as entered by the teacher before each session.
Session transcripts
All messages entered during a classroom session: teacher narration, student contributions (attributed only if the teacher types a name), and Saya's responses. Student names are never collected directly from students.
Usage metrics
Token counts, provider latency, and cost estimates for internal platform monitoring. No personally identifiable information is embedded in these metrics.
Session transcripts serve one purpose: generating Saya's next classroom response and producing end-of-session analytics for the teacher.
Transcripts are sent to third-party AI inference providers (Anthropic, Groq, Google Gemini, and others) solely for response generation. Each provider processes this data under their enterprise data processing agreements and applicable GDPR/US privacy frameworks.
We do not use classroom transcripts to train or fine-tune any AI model — at any provider.
Analytics data (Bloom scores, talk time, participation metrics) is displayed only to the authenticated teacher who created the session.
Every session, message, and analytics record is cryptographically linked to the creating teacher's account. No teacher can access another teacher's sessions or student data. School administrators do not have access to individual session transcripts unless the teacher explicitly shares a session link.
Session data is retained for as long as the teacher's account remains active.
Teachers can delete individual sessions from their dashboard at any time. Account deletion removes all associated sessions, messages, and analytics permanently and irreversibly.
Deletion requests can also be submitted to privacy@saya-io.com and will be processed within 30 days.
When contracted by a school or district, Saya operates as a “school official” under FERPA — processing education records only for legitimate educational purposes and under the direction of the institution. We do not disclose education records to third parties without appropriate consent or a valid FERPA exception.
Saya accounts are created by teachers and parents — never by students. No child under 13 is asked to create an account, provide an email, or submit any personal information directly to Saya. Student contributions visible in the classroom feed are entered by their teacher and are never collected from students directly.
For privacy questions, data access requests, or deletion requests:
privacy@saya-io.com