ClassCloud Privacy Policy

Welcome to ClassCloud, operated by ClassCloud, Inc. ("ClassCloud," "we," "us," or "our"). We provide K-12 schools, districts, teachers, and educational staff with online access to artificial intelligence tools designed to enhance educational outcomes and streamline administrative processes through our website, applications, browser extensions, and related services (collectively our "Services"). At ClassCloud, student safety and data privacy are our highest priorities.

This Privacy Policy describes how we collect, use, disclose, share, and otherwise process your personally identifiable information ("PII" or "personal data") when you visit our website at www.classcloud.com or use our Services. The categories of information we collect and how we use it depend on your role and interactions with our platform.

This Privacy Policy applies to all users of our Services, including educators, administrators, students, and parents. By using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to our collection, use, and disclosure of your information as described herein.

Important Notice About Student Data

When an Educational Institution makes our student-facing services available to students, ClassCloud may collect and process personal information related to identifiable students ("Student Data"). We process Student Data solely as directed by the Educational Institution and in accordance with applicable privacy laws.

If you are a teacher, school, school district, or other educational institution ("Educational Institution") that uses our student-facing Services, your use is governed by our Student Data Privacy Addendum, which provides additional protections for Student Data. For more information about how we handle Student Data, please see our Student Data Policy.

Table of Contents

1. What Data We Collect
2. How We Use the Data We Collect
3. Information Sharing and Disclosure
4. How We Protect Your Data
5. Data Retention
6. Your Data, Your Choice
7. Children's Privacy
8. International Data Transfers
9. State-Specific Privacy Rights
10. Changes to Our Privacy Policy
11. Contact Us

1. What Data We Collect

ClassCloud collects different types of personal data depending on how you interact with our Services. We are committed to data minimization and only collect information necessary to provide and improve our educational AI platform.

a. Information You Provide Directly

When you create an account, use our Services, or communicate with us, you may provide us with personal information. The specific information we collect varies by user type:

School Administrators and District Officials

When district administrators or school officials register for our Services, we collect:

• Contact Information: Full name, work email address, phone number, and school/district mailing address
• Professional Information: Job title, role within the district, administrative privileges, school or district affiliation
• Account Information: Username, password (encrypted), account preferences, and settings
• Billing Information: For districts with paid subscriptions, we collect payment card information, billing address, and purchase order details (processed securely through our third-party payment processor)
• Communication Data: Contents of support tickets, emails, feedback, and other communications with our team

Educators and School Staff

For teachers and other educational staff using our platform, we collect:

• Basic Information: Name, school email address, phone number (optional)
• Professional Details: School affiliation, grade levels taught, subject areas, teaching credentials (optional)
• Platform Usage: AI tools used, content created, lesson plans generated, assessment data, collaboration activities
• Preferences: Notification settings, preferred AI models, saved templates, custom prompts
• Professional Development: Course completions, certifications earned, training participation

Parents and Guardians

When parents access our platform (if enabled by their school), we collect:

• Contact Details: Name, email address, phone number, preferred language
• Relationship Information: Student associations, relationship to student(s)
• Communication Preferences: Notification settings, preferred communication channels
• Engagement Data: Login times, features accessed, messages sent/received

Students

We collect Student Data only as authorized by Educational Institutions and in compliance with FERPA, COPPA, and applicable state laws:

• Basic Information: First and last name, grade level, student ID (school-provided)
• Educational Data: Class enrollments, academic performance metrics, assignment submissions, assessment results
• Learning Analytics: AI interaction patterns, learning preferences, progress tracking, time spent on tasks
• Demographic Information: Only as provided by the school and necessary for educational purposes

b. Information We Collect Automatically

When you access or use our Services, we automatically collect certain technical information through cookies, web beacons, and similar technologies:

Device and Browser Information

• Technical Data: IP address, browser type and version, operating system, device type and identifiers
• Location Data: General geographic location derived from IP address (city/state level only)
• Connection Information: Internet service provider, referring website, exit pages

Usage and Analytics Data

• Activity Logs: Pages visited, features used, buttons clicked, time spent on pages
• Performance Data: Load times, error logs, crash reports, feature performance metrics
• Search Queries: AI prompts entered, tools accessed, content generated
• Engagement Metrics: Session duration, frequency of use, feature adoption rates

Cookies and Similar Technologies

We use various types of cookies to enhance your experience:

• Strictly Necessary Cookies: Required for core functionality, authentication, and security
• Functional Cookies: Remember your preferences, settings, and personalization choices
• Performance Cookies: Help us understand usage patterns and improve our Services
• Analytics Cookies: Provide aggregated insights about how our Services are used

You can manage cookie preferences through your browser settings, though some features may not function properly without cookies.

c. Information from Third-Party Sources

We may receive information about you from other sources:

Integrated Services

With proper authorization from your Educational Institution:

• Google Workspace for Education: Name, email, calendar data, Drive files (for AI processing)
• Microsoft 365 Education: Profile information, OneDrive content, Teams data
• Student Information Systems: Enrollment data, schedules, grades (via secure APIs)

Educational Partners

• Other educational technology providers your school has authorized to share data
• Assessment platforms and learning management systems
• District-approved third-party educational tools

2. How We Use the Data We Collect

We use personal data to provide, maintain, and improve our AI-powered educational platform. Our data use is guided by principles of transparency, purpose limitation, and educational benefit.

Educational Purposes

Our primary use of data is to support teaching and learning:

• AI-Powered Tools: Generate personalized lesson plans, create differentiated materials, provide writing assistance, develop assessments, and offer curriculum recommendations based on your needs and preferences
• Learning Analytics: Analyze student progress, identify learning gaps, track skill development, measure engagement, and provide actionable insights to educators
• Personalization: Customize AI responses based on grade level, subject area, learning objectives, and individual student needs (with appropriate permissions)
• Collaboration: Enable secure communication between teachers, students, and parents; facilitate resource sharing among educators; support group projects and peer learning

Platform Operations and Improvements

• Account Management: Create and maintain user accounts, authenticate users, manage permissions and access controls
• Service Delivery: Process your requests, generate AI content, save your preferences, maintain your created materials
• Customer Support: Respond to inquiries, troubleshoot issues, provide technical assistance, deliver training and professional development
• Platform Enhancement: Analyze usage patterns to improve features, develop new tools based on educator feedback, optimize AI model performance, fix bugs and technical issues
• Communications: Send service updates, security alerts, product announcements (with consent), professional development opportunities

Safety, Security, and Compliance

• Security Measures: Detect and prevent fraud, unauthorized access, and misuse; monitor for suspicious activities; maintain platform integrity
• Legal Compliance: Comply with FERPA, COPPA, state privacy laws, and other applicable regulations; respond to lawful requests from law enforcement (with appropriate legal process); maintain required records and audit logs
• Safety Monitoring: Ensure appropriate use of AI tools, prevent generation of harmful content, protect student welfare

Research and Development

With appropriate consent and de-identification:

• Improve our AI models' educational effectiveness
• Develop new features based on educator needs
• Conduct educational research (in partnership with institutions)
• Create aggregated reports on educational trends

Important Note: We NEVER use Student Data for product development, marketing, advertising, or any non-educational purpose.

3. Information Sharing and Disclosure

We share personal information only as necessary to provide our Services and as permitted by law. We never sell personal data, and we never share Student Data for advertising or marketing purposes.

Sharing Within Educational Communities

Information is shared within your educational ecosystem as authorized:

Within Schools and Districts

• Authorized Access: School administrators can access teacher and student data within their institution
• Teacher Collaboration: Educators can share resources and insights with colleagues as permitted by their school
• Parent Access: Parents can view their child's educational information as authorized by the school
• Student Access: Students can access their own learning data and materials

Educational Purpose Sharing

• Progress reports shared with authorized school personnel
• Learning insights provided to teachers and administrators
• Academic data accessible to guidance counselors and support staff
• Aggregated, de-identified data for district-wide analytics

Third-Party Service Providers

We work with carefully vetted service providers who assist in delivering our Services:

Infrastructure and Technical Services

• Amazon Web Services (AWS): Cloud hosting and data storage with enterprise-grade security
• CloudFlare: Content delivery services and information security infrastructure and services.
• Authentication Services: Secure single sign-on and identity verification

Operational Services

• Payment Processors: Stripe and similar services for secure payment handling (administrative accounts only)
• Customer Support Tools: Help desk and ticketing systems for user support
• Analytics Providers: Tools to understand usage patterns and improve services (privacy-compliant)
• Email Services: Transactional and service-related communications

All service providers are:

• Contractually bound to protect your data
• Prohibited from using your data for their own purposes
• Required to comply with applicable privacy laws
• Subject to regular security assessments

AI Technology Partners

ClassCloud utilizes AI models and APIs from leading providers to power our educational tools:

Key AI Partners and Protections

• Model Providers: We use APIs from providers such as OpenAI, Anthropic, Google, and others
• Critical Privacy Protections:
  
  • No AI provider has the right to train their models on any data processed on ClassCloud's behalf
  • Student PII is filtered and protected before any AI processing
  • Data sent through AI APIs is retained by providers for a maximum of 30 days solely for security and abuse monitoring
  • All AI providers are contractually bound to our strict privacy standards
  • We maintain the right to audit AI provider compliance

Data Processing Safeguards

• Implementation of data minimization techniques
• Use of privacy-preserving AI techniques where applicable
• Regular review of AI provider practices and policies
• Immediate action if any provider violates our standards

Legal and Safety Disclosures

We may disclose personal information when required by law or to protect safety:

• Legal Requirements: Response to subpoenas, court orders, or other legal process; compliance with applicable laws and regulations; cooperation with law enforcement when required
• Safety and Rights Protection: Prevention of physical harm or financial loss; investigation of suspected illegal activity; protection of our rights, property, or safety; enforcement of our Terms of Service and policies

Business Transfers

In the event of a corporate transaction:

• Continuity of Protection: Any successor entity must honor this Privacy Policy
• Advance Notice: We will notify you before any transfer that affects your data
• Consent for New Uses: Material changes to data use require your consent
• Data Portability: You may request your data before any transfer

Important Limitations on Data Sharing

ClassCloud maintains strict limitations on data sharing:

• No Sale of Data: We NEVER sell personal information to any third party
• No Advertising Use: We NEVER use student data for advertising or marketing
• No Data Mining: We NEVER mine student data for commercial purposes
• No Behavioral Profiling: We NEVER create commercial profiles of students
• No Unauthorized Sharing: We NEVER share data beyond what's necessary for educational purposes

4. How We Protect Your Data

Security is fundamental to our mission. We implement multiple layers of protection to safeguard your personal information from unauthorized access, alteration, disclosure, or destruction.

Technical Security Measures

Encryption

• Data at Rest: All stored data is encrypted using AES-256 encryption
• Data in Transit: All communications use TLS 1.3 or higher encryption
• Key Management: Encryption keys are managed using industry best practices
• End-to-End Encryption: Available for sensitive communications

Access Controls

• Multi-Factor Authentication (MFA): Required for administrator accounts, available for all users
• Role-Based Access Control (RBAC): Granular permissions based on user roles
• Single Sign-On (SSO): Integration with school identity providers
• Session Management: Automatic timeouts and secure session handling

Infrastructure Security

• Network Security: Firewalls, intrusion detection/prevention systems, DDoS protection
• Vulnerability Management: Regular security scans, penetration testing, patch management
• Monitoring: 24/7 security monitoring, real-time threat detection, automated alerts
• Isolation: Data segregation between different schools and districts

Organizational Security Measures

Personnel Security

• Background Checks: All employees undergo comprehensive background screening
• Security Training: Regular privacy and security training for all staff
• Access Restrictions: Principle of least privilege for employee data access
• Confidentiality Agreements: All employees sign strict confidentiality agreements

Policies and Procedures

• Information Security Policy: Comprehensive security guidelines and procedures
• Incident Response Plan: Detailed procedures for security incident handling
• Business Continuity: Disaster recovery and backup procedures
• Vendor Management: Security requirements for all third-party providers

Compliance and Certifications

• FERPA Compliance: Full compliance with Family Educational Rights and Privacy Act
• COPPA Compliance: Adherence to Children's Online Privacy Protection Act requirements
• SOC 2 Type II: Annual third-party security audits and certification
• State Privacy Laws: Compliance with all applicable state student privacy laws
• Regular Assessments: Ongoing security reviews and improvements

Incident Response

In the unlikely event of a security incident:

1. Immediate Containment: Isolate affected systems to prevent further impact
2. Rapid Assessment: Determine scope and nature of the incident
3. Timely Notification: Notify affected users within 72 hours (or as required by law)
4. Thorough Investigation: Conduct comprehensive forensic analysis
5. Remediation: Implement fixes and improvements to prevent recurrence
6. Transparent Communication: Keep affected users informed throughout the process

5. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with our legal obligations.

Retention Periods

Active Account Data

• Duration: Retained for the length of our service agreement with your school or district
• Post-Termination: Data is retained for 90 days after contract termination to allow for data export
• Deletion: After the retention period, data is securely and permanently deleted

Student Records

• Educational Records: Retained as directed by the Educational Institution
• Compliance: Retention complies with state and federal education record requirements
• Parent/Student Rights: Parents and eligible students can request records through their school

Backup and Archive Data

• Backup Retention: Automated backups retained for 90 days for disaster recovery
• Deletion from Backups: Deleted data is removed from backups within the retention cycle
• Archive Requests: Extended retention available upon school request

Other Data Categories

• Security Logs: 2 years for security analysis and compliance
• Financial Records: 7 years as required by tax and financial regulations
• Legal Hold: Data preserved as required for litigation or investigations
• Aggregated Data: De-identified data may be retained indefinitely for research

Data Deletion Practices

When data reaches the end of its retention period:

• Secure Deletion: Use of industry-standard secure deletion methods
• Verification: Confirmation that data has been removed from all systems
• Certificate of Deletion: Available upon request
• Cascading Deletion: Removal from all backups and connected systems

6. Your Data, Your Choice

We believe you should have control over your personal information. This section outlines your rights and how to exercise them.

Access and Portability Rights

You have the right to:

• Access Your Data: Request a copy of personal information we hold about you
• Data Portability: Receive your data in a structured, commonly used format
• Understand Usage: Learn how we collect, use, and share your information

How to Request Access

• Email: privacy@classcloud.com
• Include: Your name, school affiliation, and specific data requested
• Response Time: Within 30 days of verified request

Correction and Deletion Rights

• Update Information: Correct inaccurate or incomplete personal data
• Delete Data: Request deletion of your personal information (subject to legal requirements)
• Restrict Processing: Limit how we use your data in certain circumstances

Important Notes on Deletion

• Some data must be retained for legal compliance
• Active student records cannot be deleted during the school year
• Deletion requests should typically come through your school administrator

Communication Preferences

Marketing Communications

• Administrator Only: We only send marketing emails to school/district administrators
• Opt-Out: Unsubscribe link in every marketing email
• Preference Center: Manage communication preferences in account settings

Service Communications

• Essential Notices: Security alerts and service updates cannot be opted out
• Notification Settings: Customize which notifications you receive
• Communication Channels: Choose between email, in-app, or SMS (where available)

For Students and Parents

Parent Rights

• Access: View your child's educational information through the school's authorized channels
• Correction: Request corrections through your school administrator
• FERPA Rights: Exercise rights under the Family Educational Rights and Privacy Act

Student Rights

• Access Own Data: Students can view their own learning data and progress
• Privacy Education: We provide age-appropriate privacy information
• Voice and Choice: Students can make certain privacy choices as appropriate

Cookie and Tracking Preferences

• Cookie Settings: Manage cookie preferences through browser settings
• Do Not Track: We honor Do Not Track browser signals
• Analytics Opt-Out: Disable analytics tracking in account settings
• Essential Cookies: Some cookies required for Service functionality

How to Exercise Your Rights

1. Submit Request: Email privacy@classcloud.com with your specific request
2. Verification: We verify your identity to protect your privacy
3. Processing: We respond within 30 days (or as required by law)
4. Appeals: If denied, we explain why and provide appeal options

7. Children's Privacy

Protecting children's privacy is paramount to our mission. We take special care with information from users under 18 and comply with all applicable children's privacy laws.

COPPA Compliance (Under 13)

For users under 13, we follow strict Children's Online Privacy Protection Act (COPPA) requirements:

Parental Consent

• School Consent: Schools may provide consent on behalf of parents for educational purposes
• Direct Consent: Required for any use beyond educational context
• Verification: We verify school authority to provide consent

Limited Collection

• Minimal Data: We collect only information necessary for educational purposes
• No Behavioral Advertising: Never use children's data for advertising
• No Social Features: Limited social features with teacher supervision only

Special Protections

• Enhanced Security: Additional security measures for young users
• Content Filtering: Age-appropriate AI responses and content
• No Third-Party Sharing: Except as necessary for educational services

Teenage Users (13-17)

For users aged 13-17:

• Privacy Education: Age-appropriate privacy information and controls
• Limited Sharing: Enhanced restrictions on data sharing
• Parental Access: Parents maintain rights to access student information
• Graduated Autonomy: Age-appropriate privacy choices

School Responsibilities

Educational Institutions using our Services must:

• Obtain Consent: Ensure proper parental consent where required
• Inform Parents: Notify parents about ClassCloud use
• Honor Rights: Facilitate parent and student privacy rights
• Maintain Compliance: Follow applicable privacy laws

Additional Safeguards

• Age-Appropriate Design: Interface and features designed for student safety
• Content Moderation: AI outputs reviewed for appropriateness
• No Profiling: No commercial profiling of students
• Transparent Practices: Clear information for parents and students

8. International Data Transfers

ClassCloud is headquartered in the United States and primarily serves U.S. educational institutions. However, we recognize that education is global and address international data considerations.

U.S. Data Processing

• Primary Operations: All data processing occurs in the United States
• U.S. Legal Framework: We operate under U.S. privacy and education laws
• Data Localization: Data remains in U.S.-based secure facilities

Limited International Services

We do not actively market or provide services outside the United States. However, if accessed internationally:

• Consent to Transfer: By using our Services, you consent to U.S. data processing
• Security in Transit: All international data transfers are encrypted
• Applicable Laws: We comply with applicable international data transfer requirements
• Access Restrictions: Some features may be limited outside the U.S.

International User Rights

If you access our Services from outside the United States:

• Privacy Rights: We respect privacy rights regardless of location
• Data Access: You maintain rights to access and control your data
• Support: Contact privacy@classcloud.com for international privacy questions

9. State-Specific Privacy Rights

We comply with all applicable state privacy laws. This section outlines additional rights for residents of states with comprehensive privacy legislation.

California Residents (CCPA/CPRA)

The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide California residents with additional rights:

Your Rights Include:

• Right to Know: Request information about personal data we collect, use, disclose, and sell
• Right to Delete: Request deletion of personal information (with exceptions)
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: Opt-out of "sale" of personal data (Note: We do NOT sell personal data)
• Right to Limit Use: Limit use and disclosure of sensitive personal information
• Right to Non-Discrimination: Not be discriminated against for exercising privacy rights

Categories of Personal Information We Collect:

• Identifiers: Name, email, IP address, device ID
• California Customer Records: Name, address, phone number, education records
• Internet Activity: Browsing history, search history, interaction with our Services
• Geolocation Data: General location from IP address
• Professional/Employment Information: Employer, job title (educators)
• Education Information: Student records, grades, progress data
• Inferences: Preferences and characteristics derived from other data

How We Use Personal Information:

See Section 2 of this Privacy Policy for detailed use cases. We use data for educational purposes, service delivery, security, and legal compliance.

Sources and Sharing:

• Sources: Directly from you, your school, integrated services, automatic collection
• Sharing: With service providers, within educational communities, for legal requirements
• No Sale: We DO NOT sell personal information

California "Shine the Light":

We do not share personal information with third parties for their direct marketing purposes.

To Exercise Your California Privacy Rights:

• Email: privacy@classcloud.com
• Toll-Free: 1-888-602-5683
• Verification: We verify identity before processing requests
• Response Time: 45 days (with possible 45-day extension)

Colorado Residents (CPA)

The Colorado Privacy Act provides Colorado residents with rights to:

• Access: Obtain a copy of personal data
• Correction: Correct inaccuracies in personal data
• Deletion: Delete personal data (subject to exceptions)
• Portability: Obtain portable copy of personal data
• Opt-Out Rights:
  
  • Opt-out of sale of personal data (we don't sell data)
  • Opt-out of targeted advertising (we don't do targeted advertising)
  • Opt-out of profiling for decisions with significant effects

Appeal Rights:

If we deny your request, you may appeal within 30 days. We'll respond to appeals within 45 days.

Connecticut Residents (CTDPA)

Connecticut residents have similar rights under the Connecticut Data Privacy Act:

• Access, correct, and delete personal data
• Data portability
• Opt-out of sale and targeted advertising (not applicable to our Services)
• Appeal denied requests

Virginia Residents (VCDPA)

Virginia Consumer Data Protection Act rights include:

• Access personal data
• Correct inaccuracies
• Delete personal data
• Obtain portable copy
• Opt-out of sale/targeted advertising (we don't engage in these)
• Appeal decisions

Texas Residents (TDPSA)

When the Texas Data Privacy and Security Act becomes effective, Texas residents will have rights to:

• Access and correct personal data
• Delete personal data
• Data portability
• Opt-out rights
• Non-discrimination for exercising rights

Universal Opt-Out Mechanisms

We honor universal opt-out preferences:

• Global Privacy Control (GPC) signals
• Do Not Track browser settings
• Similar privacy preference signals

Other States

We monitor privacy law developments and comply with all applicable state laws. As new state privacy laws become effective, we update our practices accordingly. Contact privacy@classcloud.com for information about your specific state's privacy rights.

10. Changes to Our Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, and other factors. We're committed to transparency in these changes.

Notification of Changes

• Effective Date: Updated at the top of this Privacy Policy
• Email Notice: Sent to account administrators for material changes
• In-App Notice: Displayed to all users for significant updates
• Advance Notice: 30 days for material changes (when feasible)

Types of Changes

Non-Material Changes:

• Clarifications and formatting improvements
• Contact information updates
• Minor procedural adjustments require no additional notice required beyond posting

Material Changes:

• New data uses or collection practices
• Changes to data sharing practices
• Updates to user rights
• Significant security updates Require advance notice and may require consent

Your Options When We Make Changes

• Review Changes: We highlight what's changed in our notices
• Accept or Decline: Continued use constitutes acceptance
• Data Export: Export your data before changes take effect
• Account Closure: Close your account if you disagree with changes

Historical Versions

We maintain an archive of previous Privacy Policy versions. Contact privacy@classcloud.com to request prior versions.

11. Contact Us

We're committed to addressing your privacy questions and concerns promptly and thoroughly.

Privacy Team Contact Information

Email: privacy@classcloud.com
Phone: +1-888-602-5683
Hours: Monday-Friday, 8 AM - 6 PM CT

Mailing Address:
ClassCloud, Inc.
Attn: Privacy Team
270 Trace Colony Park, Suite B
Ridgeland, MS 39157

Data Protection Officer

Email: dpo@classcloud.com
For privacy rights requests, data protection questions, and compliance matters

Additional Contacts

Security Issues: security@classcloud.com
General Support: support@classcloud.com
Sales Inquiries: sales@classcloud.com

Response Times

• General Inquiries: 2-3 business days
• Privacy Rights Requests: 30 days (as required by law)
• Security Issues: 24 hours for initial response
• Urgent Matters: Same business day when possible

Tips for Contacting Us

To help us serve you better:

• Include your name and school affiliation
• Specify your role (teacher, administrator, parent, student)
• Clearly describe your request or concern
• Reference specific sections of this Privacy Policy if applicable
• Provide any relevant documentation

We also welcome feedback on how we can improve our privacy practices and better serve the educational community.

Incident Response Overview

We maintain a comprehensive incident response plan to address any potential security or privacy incidents:

Response Timeline

1. Detection & Initial Response (0-4 hours)
   
   • Identify and assess the incident
   • Implement immediate containment measures
   • Activate incident response team
2. Investigation & Assessment (4-24 hours)
   
   • Determine scope and impact
   • Identify affected individuals and data
   • Collect forensic evidence
3. Notification & Communication (24-72 hours)
   
   • Notify affected individuals as required by law
   • Inform relevant authorities and regulators
   • Provide clear guidance to affected users
4. Remediation & Recovery (Ongoing)
   
   • Implement security improvements
   • Restore affected services
   • Monitor for related issues
5. Post-Incident Review (Within 30 days)
   
   • Analyze root causes
   • Update security measures
   • Improve response procedures
   • Document lessons learned

Transparency Commitment

In the event of a privacy or security incident:

• We provide clear, timely communications
• We explain what happened and what data was affected
• We outline steps we're taking to address the issue
• We offer guidance on protective measures you can take
• We remain available for questions and support

For more details about our incident response procedures, contact security@classcloud.com.

Version History
June 1, 2025: Initial publication