Privacy Policy

1. Our Commitment to Privacy

At Grade Orbit, we take data privacy seriously. This Privacy Policy explains how we handle your data and, crucially, how we do not handle student data. Our architecture is built from the ground up to ensure we remain a “Service Provider” rather than a “Data Processor” of student Personally Identifiable Information (PII).

2. Student Data & PII Protection

To ensure compliance with GDPR and UK GDPR:

• Client-Side Redaction: All redaction of student names, IDs, and signatures happens entirely within your browser. The unredacted image never leaves your device.
• Anonymous Data Transfer: Only anonymous, redacted data is sent to our servers and AI providers (Google Gemini). Students are identified only by generic placeholders (e.g., “Student 1”) or your own local reference systems that we cannot decrypt.

3. Data We Collect

We collect only the minimum data necessary to provide our service to you (the teacher/school):

• Account Information: Your email address and encrypted password.
• Usage Data: Anonymous statistics about feature usage to help us improve the platform (handled via our Cookie Policy).
• Content: The grading criteria, exam board specifications, and reference texts you upload to configure the AI.
• Redacted Student Work: The anonymous image data and text transcriptions generated after you have performed redaction.

4. Your Roles & Responsibilities

Data Controller: You (the School or Teacher) act as the Data Controller. You are responsible for ensuring you have the legal basis to process student work.

Service Provider: Grade Orbit acts as a Service Provider. We provide the tools for you to process data, but we do not see or control the underlying personal data.