📍Visit us at Bett Show 2026 — London ExCeL, 21-23 January 2026
CONTACT USGET A DEMO
Book a Consultation

Get deeper insights and a personalised action plan

Privacy Notice

Last updated: December 28, 2025

Mindapt, Inc. ("Mindapt," "we," "us," or "our") is committed to protecting your privacy. This Privacy Notice explains how we collect, use, disclose, and safeguard your information when you use our AI-powered educational platform and related services (the "Services"). We are especially committed to protecting student data and complying with applicable education privacy laws.

1. Introduction

This Privacy Notice applies to all users of our Services, including students, teachers, school administrators, and parents. As a provider of educational technology, we take our responsibility to protect personal information seriously, particularly when it comes to student data.

Our Core Privacy Commitments: We do not sell personal information. We do not use student data for advertising. We collect only what is necessary for educational purposes. We maintain strict security standards.

Data Controller: Mindapt, Inc. is the data controller for information collected through our Services. For student data provided through school accounts, the school or district may also be a data controller under applicable law.

2. Information We Collect

A. Information You Provide

  • Account Information: Name, email address, school or district affiliation, role (student, teacher, administrator), and grade level.
  • Profile Information: Profile photo (optional), display name, and preferences.
  • Communications: Messages you send us for support or feedback.

B. Learning & Assessment Data

  • Assessment Responses: Answers to quizzes, assessments, and learning activities.
  • Progress Data: Course completion, scores, achievements, and learning milestones.
  • AI Interaction Logs: Conversations with AI educational tools within the platform.
  • Time and Engagement: Time spent on activities and engagement patterns.

C. Automatically Collected Information

  • Device Information: Device type, operating system, browser type, and unique device identifiers.
  • Usage Data: Pages visited, features used, and interactions with the Services.
  • Log Data: IP address, access times, and referring URLs.
  • Cookies: Information collected through cookies and similar technologies (see Section 12).

3. How We Use Your Information

We use the information we collect for the following purposes:

PurposeDescription
Provide Educational ServicesDeliver learning content, assessments, and AI-powered educational experiences.
Personalize LearningAdapt content difficulty and recommendations based on student progress.
Generate ReportsProvide teachers and administrators with student progress and class analytics.
Improve Our PlatformAnalyze usage patterns to enhance features and fix issues.
CommunicateSend service-related notifications and respond to inquiries.
Ensure Safety & SecurityDetect and prevent fraud, abuse, and security threats.
Comply with LawMeet legal obligations and respond to lawful requests.

We do NOT: Sell personal information to third parties. Use student data for targeted advertising. Share data with data brokers. Use student data to train AI models.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and other jurisdictions requiring a legal basis, we process personal data under the following grounds:

  • Contract Performance: Processing necessary to provide the Services you or your school have requested.
  • Legitimate Interests: Processing for our legitimate business interests, such as improving our Services and ensuring security, where these interests are not overridden by your rights.
  • Legal Obligation: Processing required to comply with applicable laws and regulations.
  • Consent: Where required, we obtain your consent before processing (e.g., for certain cookies or marketing communications).

For student data, processing is typically based on the contract between Mindapt and the educational institution, which acts in accordance with its legal authority to consent on behalf of students.

5. Children's Privacy

We are committed to protecting the privacy of children and comply with the Children's Online Privacy Protection Act (COPPA) and similar laws worldwide.

Children Under 13

  • We do not knowingly collect personal information from children under 13 without verifiable parental consent or school authorization.
  • Schools using our Services represent that they have obtained necessary parental consents or are acting as the parent's agent under COPPA.
  • We collect only information necessary for educational purposes from children under 13.

Parental Rights

Parents have the right to:

  • Review their child's personal information.
  • Request deletion of their child's personal information.
  • Refuse further collection or use of their child's information.
  • Contact us at [email protected] to exercise these rights.

6. Student Data Protection

We comply with the Family Educational Rights and Privacy Act (FERPA), Student Online Personal Information Protection Act (SOPIPA), and applicable state student privacy laws.

Our Student Data Commitments

  • No Sale: We never sell student personal information.
  • No Advertising: We do not use student data for behavioral advertising or build advertising profiles.
  • Limited Use: Student data is used only for educational purposes authorized by the school.
  • School Control: Schools maintain control over student data and can request access, correction, or deletion.
  • No Third-Party Sharing: We do not share student data with third parties except as necessary to provide Services or as required by law.
  • Security: We implement industry-standard security measures to protect student data.

FERPA Compliance

Under FERPA, Mindapt acts as a "school official" with a legitimate educational interest in accessing student education records. We use student data solely to provide the Services contracted by the school and maintain strict confidentiality.

7. Data Sharing & Disclosure

We may share your information in the following circumstances:

With Schools and Districts

We share student data with authorized school personnel, including teachers and administrators, to support educational purposes. This includes progress reports, assessment results, and usage analytics.

Service Providers

We work with trusted service providers who help us operate our Services, including:

  • Cloud hosting and infrastructure providers
  • Analytics providers (for product improvement, not advertising)
  • Customer support tools
  • Email service providers

All service providers are contractually bound to protect personal information and use it only for specified purposes.

Legal Requirements

We may disclose information when required by law, court order, or government request, or when necessary to protect our rights, users, or the public.

Business Transfers

If Mindapt is involved in a merger, acquisition, or sale of assets, we will notify affected users and ensure the acquiring entity honors this Privacy Notice.

8. Data Retention

We retain personal information only as long as necessary to fulfill the purposes described in this Notice:

Data TypeRetention Period
Student Learning DataDuration of school subscription + 1 year, or as directed by the school
Account InformationDuration of account activity + 3 years
Usage AnalyticsAggregated and anonymized after 2 years
Support Communications3 years from last interaction

Schools may request earlier deletion of student data. Upon termination of a school's subscription, we will delete or return student data as directed by the school.

9. Your Rights

Rights for All Users

AccessRequest a copy of your personal data
CorrectionRequest correction of inaccurate data
DeletionRequest deletion of your data
PortabilityReceive your data in a portable format

Additional Rights Under GDPR (EU/UK Users)

  • Object: Object to processing based on legitimate interests.
  • Restrict: Request restriction of processing in certain circumstances.
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Complain: Lodge a complaint with your local data protection authority.

California Privacy Rights (CCPA/CPRA)

California residents have additional rights:

  • Know: Request disclosure of the categories and specific pieces of personal information collected.
  • Delete: Request deletion of personal information.
  • Opt-Out: Opt out of the sale or sharing of personal information. (Note: We do not sell personal information.)
  • Non-Discrimination: Receive equal service regardless of exercising your rights.
  • Limit Sensitive Data: Limit use of sensitive personal information.

To exercise your California rights, visit our Do Not Sell or Share My Personal Information page or contact us at [email protected].

How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected]. We will respond within the timeframes required by applicable law (typically 30-45 days). We may need to verify your identity before processing your request.

For student data requests, please contact your school administrator, who can submit requests on your behalf or direct you to the appropriate process.

10. International Data Transfers

Mindapt is based in the United States. If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

For transfers from the EEA, UK, or Switzerland, we use appropriate safeguards including:

  • Standard Contractual Clauses (SCCs): EU-approved contractual protections for data transfers.
  • EU-US Data Privacy Framework: Where applicable, reliance on adequacy decisions.
  • Additional Safeguards: Technical and organizational measures to protect data in transit and at rest.

By using our Services, you consent to the transfer of your information to the United States and other countries as described in this Notice.

11. Security Measures

We implement industry-standard security measures to protect your personal information:

  • Encryption: Data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
  • Access Controls: Role-based access ensures users only access data they need. Administrative access requires multi-factor authentication.
  • Infrastructure: Our systems are hosted on SOC 2 Type II certified cloud infrastructure.
  • Monitoring: We maintain continuous monitoring for security threats and anomalies.
  • Audits: Regular security assessments and penetration testing.
  • Incident Response: Documented procedures for detecting, responding to, and reporting security incidents.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. If you have questions about our security practices, contact us at [email protected].

12. Cookies & Tracking Technologies

We use cookies and similar technologies to provide, protect, and improve our Services.

Types of Cookies We Use

CategoryPurpose
EssentialRequired for the Services to function (authentication, security, preferences).
FunctionalRemember your preferences and settings.
AnalyticsHelp us understand how the Services are used to improve them.

Managing Cookies

You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features of our Services. We do not use advertising or tracking cookies.

13. Changes to This Notice

We may update this Privacy Notice from time to time. When we make material changes:

  • We will update the "Last updated" date at the top of this page.
  • We will notify you by email (for account holders) or through prominent notice on our Services.
  • For schools and districts, we will provide advance notice as required by our agreements.

We encourage you to review this Notice periodically. Your continued use of the Services after changes are posted constitutes your acceptance of the updated Notice.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Notice or our data practices, please contact us:

Mindapt, Inc.

Privacy Inquiries: [email protected]

Security Concerns: [email protected]

General Support: [email protected]

Data Subject Requests: [email protected]

For EU/UK residents, you also have the right to lodge a complaint with your local data protection supervisory authority.