Privacy Policy

Students, parents or guardians, teachers, and school administrators who use PageUp’s quiz and reading-incentive platform for School-approved purposes.

We collect only what is needed to run quizzes and show progress.

We do not sell personal data and we do not use targeted advertising.

For children under 13, the School provides consent under COPPA. Student Data is treated as an education record under FERPA.

Parents can review, receive a copy of, or request deletion through the School or by contacting us at the email above.

A. Account and identity

Student: first name or initial, classroom alias or ID, grade, School email or unique ID.

Teacher: name and School email.

Classroom rosters and assignments.

B. Assessment data

Book and quiz identifiers, selected answers, scores, attempts, time-on-task, teacher feedback.

C. Authentication

We support School-managed sign-in methods. Depending on what the School enables, we receive the identifiers needed to authenticate users, such as a user ID from the School’s chosen identity provider. We do not use authentication identifiers for advertising or profiling unrelated to education.

D. Device and technical

Log data used for security and troubleshooting: IP address, browser version, device type, timestamps.

Essential cookies for session management. We do not use third-party advertising cookies.

E. De-identified or aggregate data

Statistics that cannot reasonably identify a student, such as quiz counts by grade.

Provide core features: sign-in, quizzes, scoring, dashboards, class reports.

Secure the service, prevent fraud or abuse, and fix bugs.

Improve educational effectiveness using de-identified analytics.

Fulfill School requests and comply with law.

We do not use Student Data for targeted advertising, building marketing profiles, or sale of data.

FERPA: The School remains the owner of Student Data. We act as a “school official” with a legitimate educational interest and process Student Data only under the School’s direction.

COPPA (under 13): The School may consent on parents’ behalf for collection and use for educational purposes. Parents can exercise their rights through the School or by contacting us.

With the School and authorized personnel for educational use.

With service providers who help us host, support, or secure the platform. They are bound to use data only to provide services to us.

To comply with law or protect safety and security.

In a business transfer, with advance notice to the School and continued protections.

We do not sell Student Data. We do not share it for cross-context behavioral advertising.

We use strictly necessary session cookies.

If a School enables analytics, we use de-identified measures only and will not combine analytics with Student PII.

Default retention for Student Data is the current school year plus up to 30 days for close-out.

Encrypted backups may persist up to 30 additional days on a rolling basis.

Upon School request, we export Student Data and delete it within 30 days, and we can provide a deletion certificate.

Encryption in transit (TLS 1.2+) and at rest (AES-256).

Role-based access control with least privilege.

Logging and monitoring, vulnerability management, secure deletion processes.

Teachers and admins should follow School MFA policies when federated login is enabled.

Student Data is stored and processed in the United States unless the School agrees otherwise in writing.

The platform may link to third-party resources such as book previews. Those services have their own policies.

PageUp was built with AI tools. We do not input Student PII into model prompts for training purposes. If we use AI features in the product, they operate within the boundaries set in this policy and the School agreement.

Parents or guardians: may review, receive a copy of, correct, or request deletion of their child’s information through the School or by contacting us. We coordinate with the School to verify identity and respond within 10 business days.

Teachers and staff: may access Student Data only for students they teach or administer.

We honor applicable state student-privacy laws that provide additional rights.

PageUp LLC, 732 S 6th St #5205, Las Vegas, NV 89101

hello@pageupreading.com

We will notify the School before material changes take effect and will update the Effective Date at the top.

We maintain an up-to-date list at [URL]. Typical categories include hosting or CDN, cloud storage or compute, and authentication providers.

Students: first name or initial, classroom ID, grade, School email or UID. Purpose: identify student and tie assessments to class. Retention: school year + 30 days.

Teachers: name, School email. Purpose: classroom management and reporting. Retention: active employment + 30 days.

Assessments: quiz ID, book ID or title, answers, score, attempts, time-on-task. Purpose: reading comprehension and progress. Retention: school year + 30 days.

Auth and logs: Google or Clever UID, timestamps, IP, user agent. Purpose: security and troubleshooting. Retention: 12 months.

Backups: encrypted point-in-time copies. Purpose: disaster recovery. Retention: rolling 30 days.