← Back to Home

Privacy Policy

Last updated: February 2026

1. What We Collect

When you use School Chat, we collect:

  • Account information: Your name and email address (via Clerk authentication).
  • Canvas LMS data: When you connect your Canvas account, we sync your courses, assignments, grades, modules, announcements, discussion topics, pages, and planner items. This data is stored in our database to provide AI-powered academic advising.
  • Canvas Personal Access Token: Your Canvas PAT is encrypted using AES-256-GCM before storage. We never store it in plaintext.
  • Chat messages: All messages between you and your AI advisor are stored to maintain conversation history and improve your experience.
  • Preferences: Your advisor name, personality settings, education goals, and career goals.

2. How We Use Your Data

  • To provide personalized AI academic advising based on your real course data.
  • To sync and display your Canvas LMS information (courses, assignments, grades, etc.).
  • To maintain your chat history across sessions.
  • To improve the relevance and accuracy of AI responses.

3. Third-Party Services

Your chat messages and Canvas data summaries are sent to Anthropic (Claude AI) to generate advisor responses. Anthropic processes this data according to their privacy policy. Anthropic does not use API-submitted data to train their models.

We also use:

  • Clerk for authentication and session management.
  • Neon for database hosting (PostgreSQL).
  • Vercel for application hosting.
  • Sentry for error monitoring (no personal data is intentionally sent).

4. Data Security

  • Canvas tokens are encrypted at rest using AES-256-GCM.
  • All data is transmitted over HTTPS.
  • Database connections use SSL.
  • Authentication is handled by Clerk with industry-standard session management.

5. FERPA Considerations

School Chat is not a school official or institutional service. We access your Canvas data solely through your personal access token, which you generate and provide voluntarily. You control what data is shared by choosing to connect your Canvas account. We recommend reviewing your institution's policies regarding third-party access to your educational records.

6. Data Retention & Deletion

Your data is retained as long as your account is active. You can delete your account and all associated data at any time from the Settings page. Account deletion is permanent and removes:

  • Your user profile and preferences
  • All chat conversations and messages
  • All synced Canvas data (courses, assignments, grades, etc.)
  • Your encrypted Canvas token

7. Your Rights

You have the right to:

  • Access your data (visible in the app).
  • Delete your account and all data (via Settings).
  • Disconnect your Canvas integration at any time (via Settings).
  • Contact us with questions or concerns about your data.

8. Cookies

We use only essential cookies for authentication and session management (via Clerk). We do not use analytics or advertising cookies.

9. Contact

For questions about this privacy policy or your data, contact us at hello@school.chat.