Privacy Policy for Edutools Net
Last updated: 28 March 2026
This Privacy Policy explains how the Edutools Net mobile application ("the App", "we", "our", "us") collects, uses, stores, and protects information when you use our services. This policy applies to all users of the App on iOS, Android, and web platforms.
1. Overview
Edutools Net is a teacher productivity application that helps educators manage classes, student information, attendance, behaviour records, grades, SEN (Special Educational Needs) notes, safeguarding records, lesson planning, reports, timetables, memos, school logos, and other school workflow tasks.
This Privacy Policy describes what information is processed when you use the App, how that information is stored and synced, how sign-in and authentication work, how AI features process content, how Google Drive backup works, and what choices you have.
2. Information We Collect
2.1 Account Information
When you create an account or sign in, we collect:
- Email address — used for authentication (magic link sign-in or Google OAuth sign-in) and to identify your account.
- Name — your teacher/display name, which you enter voluntarily in the App for use in reports, profiles, and support communications.
We do not collect passwords. Sign-in is handled via passwordless email links or Google OAuth.
2.2 Information You Enter in the App
Depending on how you use the App, you may enter or generate information such as:
- School details and logo
- Class names and configurations
- Student names and records
- Attendance records
- Behaviour and conduct logs
- Grades and assessment data
- SEN (Special Educational Needs) notes
- Safeguarding notes and incident records
- Lesson plans and educational content
- Timetable and calendar data
- Voice memos and transcriptions
- Reports and summaries
- Teacher profile information
- App settings and preferences
You control what information you enter into the App. Some of this information may contain personal or sensitive data about students or school staff. Users should only input information they are authorised to manage under their school's policies and applicable laws.
3. How We Use Your Information
We use information processed through the App to:
- Operate educational workflow features (attendance, grades, behaviour tracking, reports, timetables, etc.)
- Generate AI-assisted reports, summaries, and text content
- Transcribe voice recordings into text
- Sync and back up data to Google Drive when you enable that feature
- Maintain your settings and preferences
- Secure account access via authentication
- Manage subscriptions and in-app purchases
- Send notifications and reminders you configure
- Respond to support requests
We do not sell personal information. We do not use student data for advertising, marketing, or profiling purposes.
4. AI Features and Data Processing (OpenAI)
The App uses AI-powered features for:
- Voice transcription: Audio recordings you make are sent to OpenAI's API for speech-to-text conversion.
- Report generation: Student data and notes you provide are sent to OpenAI's API to generate structured reports, summaries, and educational write-ups.
- Text generation: Content such as lesson ideas, observation notes, and other educational text may be processed through OpenAI.
Important: AI data is processed but never stored by OpenAI. The App is configured so that all OpenAI API requests are sent with data storage disabled for supported endpoints. This means:
- Your prompts, voice recordings, transcriptions, and generated content are not retained by OpenAI after processing.
- OpenAI processes your data solely to deliver the requested result (transcription, report, etc.) and does not use it to train its models.
- No student data, voice recordings, or educational records are stored on OpenAI's servers through the App's configuration.
If you choose to save a generated report, transcript, or other AI output within the App, that saved content becomes part of your local app data and may be included in Google Drive backups if you have enabled that feature. AI features are intended to assist with formatting, summarising, and drafting. They do not replace professional judgement. Users are responsible for reviewing and verifying all AI-generated content before using it in any school, safeguarding, reporting, or student-record context.
5. Data Storage
5.1 Local Storage
App data is primarily stored locally on your device using on-device storage mechanisms. This includes all classes, student records, attendance, behaviour logs, grades, SEN data, safeguarding notes, timetable data, voice memos, school logo images, teacher profile information, settings, and related records. Local data persists between sessions on your device. If you uninstall the App or clear app data, locally stored information will be lost unless you have enabled Google Drive backup or exported your data manually.
5.2 Secure Storage
Sensitive credentials such as authentication tokens, Google Drive access tokens, and refresh tokens are stored using encrypted on-device storage (SecureStore), separate from regular app data.
6. Google Drive Backup and Sync
The App offers an optional Google Drive backup and sync feature. This section explains exactly how it works.
6.1 What We Access
When you choose to connect your Google account for Drive backup, the App requests access to the Google Drive Application Data folder (appDataFolder) scope only. This is a restricted, app-specific folder on your Google Drive that: Only this App can read and write to; No other apps, users, or services can see or modify data stored there; Is not visible in your regular Google Drive file browser. We do not have access to your Google Drive files, folders, documents, photos, or any other content. The App acts solely as a bridge between your device and your own Google Drive appDataFolder. We cannot see, access, or retrieve your backup data from our end.
6.2 What Is Synced
When Google Drive sync is enabled, the App stores a single JSON backup file containing your app data: classes, student records, attendance, behaviour logs, grades, SEN notes, safeguarding notes, timetable data, school logo images (encoded within the backup), teacher profile information, and app settings.
6.3 How Sync Works
- Sync is automatic and event-driven: changes you make in the App trigger an automatic upload to Google Drive within seconds.
- The App compares local data timestamps with the remote backup to determine whether to upload local changes or download remote updates.
- If multiple backup files are detected (e.g., from syncing across devices), the App keeps the most recently modified version and removes older duplicates.
- Auto-sync runs in the background without requiring manual action after the initial connection.
6.4 Persistent Connection
The App uses OAuth 2.0 with refresh tokens to maintain your Google Drive connection. Once connected, the connection remains active indefinitely — you will not be asked to sign in again unless you: Explicitly disconnect Google Drive from the App settings; Revoke the App's access from your Google Account settings (myaccount.google.com); The refresh token is invalidated by Google for security reasons. Access tokens are automatically refreshed (typically every 45 minutes) using the stored refresh token, without any user interaction required.
6.5 Disconnecting
You can disconnect Google Drive at any time from the App's Data Backup settings. Disconnecting: Removes stored access tokens and refresh tokens from your device; Stops all automatic syncing; Does not delete backup data already stored on your Google Drive — you can manage that directly through Google Drive
7. Authentication and Account Security
7.1 Sign-In Methods
The App supports the following sign-in methods: Passwordless email sign-in (Magic Link): A one-time sign-in link is sent to your email address. No password is created or stored. Google Sign-In (OAuth 2.0): Uses Google OAuth through Supabase as the authentication provider. Your Google account email identifies your session. Guest Mode: Allows limited access without an account. Guest sessions are temporary and last only for the current app session. Guest mode does not support Google Drive sync or other account-linked features.
7.2 Biometric Authentication
The App supports biometric authentication (Face ID, Touch ID, or device passcode) as an optional lock screen. You can configure auto-lock timing in settings. Biometric data is processed entirely on your device and is never transmitted to us or any third party.
7.3 Session Security
Authentication tokens and session data are stored securely on your device using encrypted storage. Sessions are managed through Supabase infrastructure.
8. Data Syncing Across Devices
If you enable Google Drive backup and sign in on multiple devices with the same Google account, your data can be synced across those devices through Google Drive. The App: Uploads local changes when your local data is newer; Downloads remote data when the Google Drive backup is newer (e.g., updated from another device); Takes no action when timestamps match (data is already in sync). School logo images are encoded and included in the backup data so they transfer correctly across devices.
9. In-App Purchases and Subscriptions
The App offers optional premium features through in-app subscriptions managed by RevenueCat. Subscription and purchase processing is handled entirely through Apple App Store or Google Play Store infrastructure. We do not directly process payment information. RevenueCat may process anonymised purchase and subscription status data to manage entitlements.
10. Notifications
The App may send local notifications for reminders, alerts, and scheduled events you configure (e.g., timetable reminders, behaviour log prompts). Notification scheduling is handled on-device. You can manage notification permissions in your device settings.
11. Permissions
The App may request access to the following device capabilities, only when needed for a feature you choose to use:
- Microphone — for voice recording and transcription features
- Photo Library — for selecting images (e.g., school logo, student photos)
- Notifications — for reminders and scheduled alerts
- Google Drive (appDataFolder scope) — for cloud backup and sync
- Biometric Sensors — for app lock (Face ID / Touch ID / Passcode)
- Files/Documents — for import and export workflows
You can manage all app permissions in your device settings. Denying certain permissions may limit specific features. The App does not request or use: Location data, Camera (direct capture), Contacts, Call logs, SMS.
12. Data Sharing with Third Parties
Information may be shared with service providers only as needed to deliver the App features you use:
| Service | Purpose | Data Shared |
|---|---|---|
| OpenAI | Voice transcription and AI-generated text | Audio recordings and text prompts (processed only, never stored by OpenAI) |
| Google Drive API | Cloud backup and sync | App backup data stored in your own Drive folder. We do not have access to your Drive. |
| Supabase | User authentication and session management | Email address and authentication tokens |
| RevenueCat | Subscription management | Anonymised purchase/subscription status |
| Email providers | Support and sign-in links | Email address, message content |
We do not sell, rent, or share personal information or student data with any third party for advertising, marketing, analytics, or profiling purposes.
13. Children and Student Data
The App is intended for use by educators, schools, and authorised adults only — not by children directly. If you use the App to manage student information, you are responsible for ensuring that your use complies with your school's data protection policies, applicable privacy laws (e.g., GDPR, FERPA, COPPA), and any required data processing agreements. Student data entered into the App may be included in Google Drive backups if that feature is enabled.
14. Data Retention
Local data: Remains on your device until you edit, delete, or uninstall the App. Google Drive backup: Persists in your Google Drive appDataFolder until you delete it from Google Drive or disconnect the service. AI processing: Transient — data is processed to generate the requested result and is not retained by OpenAI. Authentication tokens: Stored on your device for the duration of your session. Account data: Maintained through Supabase for the duration of your account's existence.
15. Security
We use technical measures including encrypted on-device storage (SecureStore), OAuth 2.0 for Google Drive, biometric authentication app lock, and passwordless authentication. No method of electronic storage or transmission is completely secure. Users should exercise care when handling sensitive records.
16. Your Rights and Choices
You have control over your data: choose what info to enter; enable/disable backup; review AI outputs; manage permissions; edit/delete records; export data; disconnect services; sign out; revoke access via Google Account settings. Contact us with any privacy questions or data requests.
17. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of the App after changes constitutes acceptance of the updated policy.
18. Contact Us
For privacy questions, data requests, or concerns, contact us at:
Email: support@edu-tools.net
Website: https://edu-tools.net
19. App Store and Google Play Compliance
For store disclosure purposes, this App includes: Educational records; optional AI-processed voice recordings (not stored by AI provider); AI-generated reports (not stored by OpenAI); Google Drive cloud backup via appDataFolder restricted scope; email/name collection for auth; Google Sign-In (OAuth 2.0); biometric auth; subscription management; local notifications; support via email. The App requests the Google Drive appDataFolder scope solely for retrieving its own backup data and is not used to access other content on the user's Google Drive.