How we treat your kids' data.

PageUp is operated by PageUp LLC, a U.S. company. We make one product: a reading-incentivization platform for elementary schools. We are not an ad network. We do not have an “ad tech” division because we do not have ads.

This policy applies to www.pageupreading.com, the PageUp web and tablet apps, and any data your school sends us in connection with using PageUp.

For students, we collect the minimum personal information required to run the program: first name, last initial, a school-issued student ID, grade level, classroom assignment, and their reading activity inside PageUp (books finished, quizzes taken, points earned, badges).

For staff (teachers, librarians, principals, district admins) we collect: name, work email, role, school assignment, and the actions you take in the staff dashboard.

For website visitors we collect standard, non-identifying logs (timestamp, IP, page, browser) for security and analytics. We do not run third-party ad pixels.

We use student and staff data to:

• Run the reading program (assign books, grade quizzes, award points and badges).
• Show teachers, librarians, and admins reporting on reading progress.
• Maintain logins, classroom rosters, and access controls.
• Provide support to school staff who contact us.
• Aggregate, de-identified product analytics so we can improve PageUp.

We never sell, rent, lease, or transfer student personal information to a third party for that party's use.

We never serve advertising of any kind to students. We never use student data to build profiles for marketing or to target third-party ads.

We never share student data with a third party except with strictly scoped subprocessors who help us run the service (see below), or when legally required.

We never send student personal information to third-party AI models. AI features (such as quiz question generation) operate on book content only.

PageUp operates as a “school official” under FERPA with a legitimate educational interest in student records, on behalf of your school. That means:

• Your school directs how PageUp uses student data — we don't make those decisions independently.
• We only use student data for the purposes your school authorizes when it sets up an account.
• We support FERPA-aligned access controls, audit logs, and on-request deletion.
• If a parent or student exercises a FERPA right with the school, the school can ask us to act on it.

PageUp is built to align with COPPA for the protection of children under 13. We collect the minimum information needed to operate the program, and we obtain parental consent through the school-consent mechanism that COPPA permits: the school contracts with us and acts as the parents' agent, so long as the data we collect is used solely for educational purposes and not commercial gain. We comply with that limit.

If a parent prefers to give consent directly rather than through the school, contact us at privacy@pageupreading.com and we'll work with the school on a path that fits.

PageUp uses a small, audited set of service providers (subprocessors) to run the platform. Each is bound by contract to handle data in line with this policy and applicable law. Typical categories include:

• Cloud hosting, encrypted storage, and backups
• School-managed sign-in (identity providers)
• Transactional email to teachers and administrators
• Public marketing-site form processing (no student data)

We maintain an up-to-date list of specific subprocessors and provide it to Schools on request. We notify customer contacts in advance of new subprocessors that would handle Student Data.

Schools using PageUp can, at any time:

• Export their data in machine-readable format.
• Request correction of specific records.
• Request deletion of individual students or the full school account.
• Receive an audit log of access to student records on request.

Parents and students with FERPA rights should contact their school first; the school can ask us to act on those requests. We typically fulfill data-deletion requests within 30 days.

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Access is scoped by role; staff cannot see students outside their school. We rotate credentials, require 2FA for our own team, and run annual penetration tests.

Data location: Student Data is stored and processed in the United States unless the School agrees otherwise in writing.

Retention: Default retention for Student Data is the current school year plus 30 days for close-out. Encrypted backups may persist up to 30 additional days on a rolling basis. Upon School request we export the data and delete it within 30 days, and we can provide a deletion certificate.

If you believe you've found a security issue, email security@pageupreading.com — we respond within one business day.

We'll update this page when our practices or subprocessors change. Material changes are announced by email to admin contacts at least 30 days before they take effect. The effective date is shown at the top of this page.

Privacy questions, FERPA requests, deletion requests, anything: email privacy@pageupreading.com.

For sales or general questions, use the contact form or write to hello@pageupreading.com. A real person reads every email.

Mailing address:
PageUp LLC
732 S 6th St #5205
Las Vegas, NV 89101