Privacy Policy

1.1 Information Collected Automatically

Geolocation (Country-Level Only)
When you visit the Service, we detect your approximate country using your IP address (via our hosting provider, Vercel). We store your detected country code in a browser cookie (flip-country) to display the correct curriculum for your region and to apply purchasing power parity pricing. We do not store your IP address, city, or precise location.

Server Logs
Our hosting provider (Vercel) automatically collects standard server log data, including IP addresses, browser type, referring URLs, pages visited, and timestamps. These logs are maintained by Vercel in accordance with their privacy policy and are used for infrastructure security and performance monitoring.

Rate-Limit Identifiers
To prevent abuse and enforce fair usage limits, we use Upstash Redis to store hashed IP addresses and (for authenticated users) user IDs. These identifiers are used solely for rate limiting and are not linked to browsing activity or personal profiles.

Anonymous Generation Tracking
We assign a random anonymous identifier (stored in the flip-anon-id cookie) to track the number of missions generated before account creation. This identifier contains no personal information and is used solely to enforce anonymous generation limits (2 missions before sign-up is required).

1.2 Information You Provide

Mission Generation Inputs
When you generate a Mission, you provide a curriculum topic selection, an active learning methodology selection, class size (number of students), and available class time (in minutes). This information is used solely to generate your Mission and is not linked to any personal identity.

Account Information
When you create an account, we collect your name, email address, school or institution name (optional), and avatar URL. Authentication is handled via email magic link or Google single sign-on (SSO) through Supabase Auth. During registration, you may opt in to marketing communications via an explicit consent checkbox (unchecked by default in EU/EEA/UK and Brazil).

Payment Information
Payment processing is handled by Stripe. We store your Stripe customer ID and subscription status but do not store your full credit card number, bank account number, or other sensitive payment credentials on our servers. Stripe’s handling of your payment data is governed by their privacy policy.

Communications
If you contact us at legal@flipeducation.ai or through any other channel, we may collect your name, email address, and the content of your message.

Email and Marketing
We collect your email address at signup for transactional communications (account verification, billing receipts, payment failure notices). With your consent, we also send marketing emails including methodology spotlights, product updates, and educational content. You can unsubscribe from marketing emails at any time via one-click unsubscribe.

1.3 Information Stored on Your Device and in the Cloud

For anonymous (non-authenticated) users, generated Missions are stored in your browser’s local storage. This data remains on your device and is not transmitted to our servers.

For authenticated users, Missions are stored both locally in your browser and in our cloud database (Supabase). Cloud storage enables access across devices and persistence beyond browser storage. You can delete individual Missions from your account at any time.

You can clear locally stored data at any time by clearing your browser’s local storage.

We use the information we collect to:

• Provide the Service: generate Missions based on your curriculum, methodology, and classroom parameters.
• Manage your account: authenticate your identity, maintain your subscription, and sync your Missions across devices.
• Process payments: manage billing, subscriptions, and purchasing power parity pricing through Stripe.
• Improve the Service: analyze aggregated, anonymized usage patterns to enhance our AI models, expand curriculum coverage, and develop new features.
• Communicate with you: respond to your inquiries, send transactional emails (magic links, billing receipts, payment failure notices, account deletion confirmations), and (with your consent) send marketing emails.
• Ensure security: detect and prevent fraud, abuse, and technical issues through rate limiting and bot protection.
• Comply with legal obligations: meet applicable legal, regulatory, and contractual requirements.

We do not use your information to:

• Sell your personal data to third parties.
• Serve advertising or allow third-party advertising on the Service.
• Build individual behavioral profiles for marketing purposes.
• Make automated decisions that produce legal effects concerning you.

3.1 How AI Is Used

The core of our Service uses artificial intelligence (specifically, Google’s Gemini language model, accessed via the OpenRouter API) to generate Mission content. When you generate a Mission, the following non-personal information is sent to the AI model:

• Curriculum topic title, description, key questions, and standards alignment codes
• Active learning methodology name, description, and parameters
• Class size, grade level, time available, and country context

3.2 What Is Not Sent to AI

We do not send any of the following to AI providers: your name, email address, or any personal identifier; student names or any student data; school name or institution details; your IP address or device information.

3.3 AI-Generated Images, Media, and Multimodal Content

The Service may generate educational images, illustrations, diagrams, and other visual or multimedia content using AI generation models (currently accessed via the OpenRouter API). Only a text prompt describing the desired educational content is sent to the generation model. No personal data, including names, likenesses, student information, or institutional details, is included in any media generation request.

AI-generated media may be temporarily cached or logged by the AI provider in accordance with their data processing terms. Flip Education does not persistently store AI-generated media on its own servers; generated content is delivered to your browser and stored locally on your device or in your cloud account (see Section 1.3).

As we introduce new AI capabilities (which may include audio, video, interactive content, or other modalities), the same data-minimization principles apply: we send only the minimum non-personal information necessary to generate the requested content, and no personal data is included in generation requests regardless of the content type or AI model used.

3.4 Third-Party AI Providers

Our AI processing is performed by third-party providers. Data sent to these providers is subject to their own privacy policies. We select AI providers that commit to not training their models on our API inputs. However, we encourage you to review these providers’ privacy policies directly.

We may change, add, or replace AI providers over time as technology evolves. When we do, we apply the same selection criteria: providers must offer data processing terms that prohibit training on our API inputs, support encryption in transit, and comply with applicable data protection standards. We will update the service provider table in Section 5.1 to reflect material changes in our AI provider relationships.

3.5 Content Safety and AI Governance

We implement commercially reasonable content safety measures across all AI-generated outputs, including prompt-level guardrails, content filtering, and model selection criteria. These measures are designed to reduce (but not eliminate) the risk of AI-generated content that is biased, stereotypical, culturally insensitive, or otherwise inappropriate.

We maintain an internal AI governance process to evaluate new AI models and capabilities before deployment, review content safety reports submitted by users (see our Terms of Service, Section 6.5), and update our safety measures as AI best practices and regulatory requirements evolve.

If you encounter AI-generated content that you believe is inappropriate, biased, or harmful, please report it to feedback@flipeducation.ai.

4.1 Cookies We Use

4.2 Third-Party Cookies

When you consent to analytics cookies (or in countries where consent is not required by law), the following third-party cookies may be set:

• Google Analytics 4 (_ga, _ga_*): Used for aggregated web analytics. Deployed via Google Tag Manager with Google Consent Mode v2 integration.
• PostHog: Used for product analytics and session replay. PostHog data is hosted in the EU. Form inputs are automatically masked in session recordings.

Both analytics services are consent-gated in GDPR and LGPD countries. No analytics cookies are set until you provide consent.

4.3 Cookie Consent

We use a three-zone consent model:

• Essential cookies: Always active. Required for the Service to function (authentication, country detection, consent storage).
• Functional cookies: Support features like anonymous generation tracking. Not used for advertising.
• Analytics cookies: Consent-gated. Only set after you accept analytics via the consent banner.

A cookie consent banner is shown to visitors in countries with consent requirements (GDPR: GB, IE, FR, DE, ES, IT, NL, PT, SE; LGPD: BR). You can accept or decline analytics cookies. In countries without specific consent requirements, analytics run with anonymized, aggregate data collection.

We integrate with Google Consent Mode v2, which means Google tags respect your consent choices automatically.

4.4 Your Cookie Choices

You can manage your cookie preferences using the consent banner when it appears, or through your browser’s cookie settings. Note that disabling essential cookies may prevent the Service from functioning correctly.

We do not sell, rent, or trade your personal information. We may share information in the following limited circumstances:

5.1 Service Providers

5.2 Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental regulation, or if we believe in good faith that such disclosure is necessary to: (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent fraud or protect against security threats; or (d) protect the personal safety of users or the public.

5.3 Business Transfers

If Flip Education is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

Transactional Emails

We send the following transactional emails that are necessary for the operation of your account and do not include an unsubscribe option:

• Magic link sign-in emails
• Billing receipts and payment confirmations
• Payment failure notifications
• Account deletion confirmations

Marketing Emails

With your consent, we send marketing emails including methodology spotlights, product updates, and educational content. Marketing emails:

• Require your explicit consent (the marketing checkbox is unchecked by default during registration in EU/EEA/UK, Brazil, and Canada)
• Include a one-click unsubscribe link in every email
• Can be managed via the marketing consent toggle in your Account Settings
• Comply with CAN-SPAM (US), GDPR (EU/EEA/UK), CASL (Canada), and LGPD (Brazil) requirements

What data we process

For the purpose of direct marketing communications to school decision-makers, we process the following categories of personal data: full name, professional email address (institutional/school domain), job title or professional role, and school or institution name. We do not process private email addresses, phone numbers, or any data relating to students or children.

Source of data

We obtain professional contact data exclusively from official, publicly available government education directories:

• United Kingdom: Get Information About Schools (GIAS), published by the Department for Education
• France: Annuaire de l’éducation nationale, published by the Ministère de l’Éducation nationale
• Italy: Scuola in Chiaro, published by the Ministero dell’Istruzione (MIUR)
• Netherlands: DUO Open Data, published by the Dienst Uitvoering Onderwijs
• Spain: Registro Estatal de Centros Docentes no Universitarios, published by the Ministerio de Educación

Lawful basis

We process this data under GDPR Article 6(1)(f) — legitimate interests. Our legitimate interest is in marketing an educational technology product to the professionals for whom it was designed. We have conducted a Legitimate Interest Assessment confirming that this processing is necessary, proportionate, and that our interests are not overridden by the rights and freedoms of data subjects. A copy of the assessment is available upon request by contacting privacy@flipeducation.ai.

Retention

We retain outbound marketing contact data for a maximum of 3 years from the date of last interaction. If you opt out or request deletion, your data is removed from active use immediately and your email address is permanently added to our suppression list to prevent future contact.

Opt-out

Every marketing email we send includes an opt-out mechanism. You may also opt out at any time by emailing privacy@flipeducation.ai. Opt-out requests are processed within 24 hours.

International transfers

Marketing emails are delivered through Instantly.ai, a US-based email delivery service. This transfer is governed by EU Standard Contractual Clauses (SCCs). No other international transfers of outbound marketing data take place.

• Server logs: Retained by Vercel in accordance with their data retention policy.
• Browser local storage: Retained on your device until you clear it. We have no control over or access to locally stored data.
• Cloud-stored missions: Retained while your account is active. After account deletion, mission data is permanently deleted within 30 days. If you downgrade to the free tier, your saved missions remain accessible.
• Account data: Retained while your account is active. Upon account deletion, your data is deleted across all our systems (Supabase, Stripe, PostHog) within 30 days, except as required by law. Deletion is logged in an internal audit table.
• Backup retention: Database backups may contain your data for up to 30 days after deletion.
• Consent cookie: Stored for 365 days from the date of your consent choice.
• Country cookie: Session-scoped (cleared when you close your browser).
• Analytics data: Retained per provider retention policies (GA4: 14 months; PostHog: 1 year).
• Communications: Retained as needed for support and legal purposes.

We implement reasonable administrative, technical, and physical safeguards to protect your information, including encryption in transit (TLS/HTTPS) for all data transmitted between your browser and our servers, encryption in transit for all API calls to third-party AI providers, secure hosting infrastructure through Vercel, row-level security policies in our database (Supabase), and limited access to personal data on a need-to-know basis.

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

Flip Education is based in Canada. Our hosting infrastructure (Vercel) may process data in the United States and other countries. Our analytics provider PostHog hosts data in the EU. When your information is transferred internationally, we ensure that appropriate safeguards are in place, including standard contractual clauses (where applicable under GDPR), data processing agreements with service providers, and compliance with applicable cross-border transfer mechanisms.

By using the Service, you acknowledge that your information may be processed in countries other than your own, which may have different data protection laws.

9.1 Age Requirement

The Service is intended for educators and education professionals aged 16 and older. We do not knowingly collect personal information from individuals under 16 years of age. If you are under 16, please do not use the Service or provide any personal information.

If we learn that we have collected personal information from a person under 16, we will delete that information promptly. If you believe we may have collected information from a person under 16, please contact us at legal@flipeducation.ai.

9.2 Student Data

Flip Education does not collect, store, or process student data.

Our Service is designed for teachers, and all interactions occur between the teacher and the platform. Students do not have accounts, do not interact with the platform, and are not identified in any way within the Service. Missions are designed for teachers to deliver in their classrooms using physical, off-screen activities. No student information is required to generate, view, print, or deliver a Mission.

9.3 COPPA Compliance (United States)

Because we do not collect personal information from children under 13 (or any children at all), the Children’s Online Privacy Protection Act (COPPA) obligations regarding parental consent do not apply to our Service. Our architectural guarantee of zero student data collection eliminates the need for COPPA-specific mechanisms.

9.4 FERPA Compliance (United States)

Flip Education does not function as a “school official” under the Family Educational Rights and Privacy Act (FERPA) and does not access, collect, or store student education records. Teachers use Flip Education to generate instructional materials independently of any student record system.

Depending on your location, you may have specific rights regarding your personal information. We respect these rights regardless of where you are located and will make reasonable efforts to honor all valid requests.

10.1 Self-Service Privacy Controls

We provide the following self-service tools for exercising your privacy rights:

• Access and Portability: Download a copy of your data in JSON format from Account Settings, or via GET /api/account/export (rate-limited to once per 24 hours).
• Rectification: Edit your profile information (name, school, avatar) directly in Account Settings.
• Erasure: Delete your account from Account Settings. Account deletion is permanent and triggers orchestrated deletion across Supabase, Stripe, and PostHog. The deletion is logged in an internal audit table for compliance purposes.
• Objection to Analytics: Decline analytics cookies via the consent banner, or toggle marketing consent off in Account Settings.

For any privacy request that cannot be handled through self-service tools, contact us at legal@flipeducation.ai.

10.2 Rights Under Canadian Law (PIPEDA / Alberta PIPA)

If you are a Canadian resident, you have the right to access your personal information held by us, request correction of inaccurate personal information, withdraw consent for the collection, use, or disclosure of your personal information (subject to legal or contractual restrictions), and file a complaint with the Office of the Privacy Commissioner of Canada or the Alberta Information and Privacy Commissioner.

10.3 Rights Under the EU General Data Protection Regulation (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the right to: access your data; request rectification; request erasure (“right to be forgotten”); request restriction of processing; data portability; object to processing; and withdraw consent at any time.

Our legal basis for processing your data under GDPR is legitimate interest (to provide and improve the Service), contract performance (to fulfill our obligations when you use the Service), and consent (where you have given explicit consent, such as for marketing emails or analytics cookies).

To exercise your GDPR rights, use the self-service tools in Account Settings or contact us at legal@flipeducation.ai. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.

10.4 Rights Under California Law (CCPA / CPRA)

If you are a California resident, you have the right to: know what personal information we collect, use, and disclose; delete your personal information; opt-out of the sale or sharing of your personal information (we do not sell or share personal information); non-discrimination for exercising your rights; and correct inaccurate personal information.

In the preceding 12 months, we have collected the following categories of personal information: identifiers (name, email), internet activity information (server logs, analytics data), geolocation data (country-level), and commercial information (subscription status). We have not sold or shared personal information as defined by the CCPA/CPRA.

10.5 Rights Under Brazilian Law (LGPD)

If you are a Brazilian resident, you have the right to: confirm the existence of processing of your personal data; access your data; correct incomplete, inaccurate, or outdated data; anonymize, block, or delete unnecessary or excessive data; request data portability; request deletion of data processed with your consent; obtain information about entities with which your data has been shared; be informed about the possibility of denying consent and its consequences; and revoke consent.

Our legal basis for processing your data under the LGPD is legitimate interest and the performance of a contract. To exercise your LGPD rights, use the self-service tools in Account Settings or contact us at legal@flipeducation.ai.

10.6 Rights Under Indian Law (DPDP Act 2023)

If you are an Indian resident, you have rights under the Digital Personal Data Protection Act, 2023, including the right to access, correct, and erase your personal data, and the right to nominate another individual to exercise your rights. You may contact the Data Protection Board of India for complaints. To exercise your rights, use the self-service tools or contact us at legal@flipeducation.ai.

10.7 Rights in Latin America

Mexico: Under the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP), you have ARCO rights (Access, Rectification, Cancellation, Opposition). Contact us at legal@flipeducation.ai to exercise these rights.

Chile: Under Ley 19.628, you have the right to access, modify, and delete your personal data. The Consejo para la Transparencia oversees personal data protection.

Colombia: Under Ley 1581 de 2012, you have the right to access, update, rectify, and delete your personal data. The Superintendencia de Industria y Comercio (SIC) is the supervisory authority.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities as required by applicable law. Notification timelines vary by jurisdiction:

• GDPR (EU/EEA/UK): We will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in high risk to your rights and freedoms, we will also notify you without undue delay.
• LGPD (Brazil): We will notify the Autoridade Nacional de Proteção de Dados (ANPD) and affected data subjects within a reasonable timeframe as required under LGPD Article 48, considering the severity of the breach and its likely impact.
• DPDP Act (India): We will notify the Data Protection Board of India and affected individuals as required under the Digital Personal Data Protection Act, 2023, and any rules issued by MeitY (Ministry of Electronics and Information Technology).
• CCPA/CPRA (California, US): We will notify affected California residents in the most expedient time possible and without unreasonable delay.
• PIPEDA/Alberta PIPA (Canada): We will notify the Office of the Privacy Commissioner of Canada and affected individuals of any breach of security safeguards that poses a real risk of significant harm.

We maintain internal incident response procedures to detect, investigate, and contain data security incidents promptly. If you become aware of any actual or suspected breach involving your information, please contact us immediately at legal@flipeducation.ai.

In countries where cookie consent is required (GDPR and LGPD jurisdictions), analytics do not fire without your explicit consent, which effectively honors Do Not Track (DNT) and Global Privacy Control (GPC) signals. In countries without consent requirements, our analytics collect anonymized, aggregate data only. We do not engage in cross-site tracking.

The Service may contain links to third-party websites or resources. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page and update the “Last Updated” date above.

If we make material changes that significantly affect how we handle your personal information, we will provide prominent notice (such as a banner on the Service or, where we have your email address, by email) before the changes take effect.

Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have a complaint about our handling of your information, please contact us:

If you are not satisfied with our response, you may contact the relevant data protection authority in your jurisdiction:

• Canada: Office of the Privacy Commissioner of Canada (priv.gc.ca) or the Office of the Information and Privacy Commissioner of Alberta (oipc.ab.ca)
• European Union: Your local data protection supervisory authority
• United Kingdom: Information Commissioner’s Office (ico.org.uk)
• United States (California): California Attorney General (oag.ca.gov)
• Brazil: Autoridade Nacional de Proteção de Dados (ANPD) (gov.br/anpd)
• India: Data Protection Board of India