Reedlet

Privacy Policy

Last updated: February 2026

1. Overview

Reedlet ("we," "our," or "the Service") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. This policy applies to all users, including teachers, students, and administrators.

2. Information We Collect

Account Information

When you create an account, we collect your email address, name (optional), and profile picture (if you sign in with Google). For teachers, we also store your role and any teacher-created student accounts.

Content and Conversations

We store agent configurations (instructions, settings), uploaded training materials (PDFs, documents, presentations), and conversation transcripts between students and agents. This data is necessary to provide the core Service functionality.

Usage Data

We collect usage information such as message counts, agent counts, and feature usage for billing and analytics purposes.

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers on our servers. We receive and store Stripe customer IDs and subscription status for billing management.

3. How We Use Your Information

  • Service delivery: To operate agents, store conversations, and provide educational features
  • AI processing: Uploaded materials and messages are sent to our AI provider’s API to generate AI responses. Our AI provider does not use this data to train models.
  • Billing: To manage subscriptions, enforce usage limits, and process payments
  • Analytics: To provide teachers with insights about student engagement and agent usage
  • Security: To detect and prevent abuse, including plagiarism detection features
  • Communication: To send transactional emails (account verification, password reset, billing notifications)

4. Third-Party Services

We use the following third-party services to operate Reedlet:

  • Supabase — database, authentication, and file storage (hosted on AWS)
  • AI model provider — Third-party AI service for agent responses
  • Stripe — payment processing
  • Vercel — application hosting and deployment

Each of these providers has their own privacy policies and data processing agreements. We only share the minimum data necessary for each service to function.

5. Data Retention

We retain your data for as long as your account is active. Conversation data is stored for the duration of the school term or until deleted by the teacher. When you delete your account, we remove your personal data within 30 days, except where retention is required by law.

6. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS/HTTPS) and at rest
  • Row-Level Security (RLS) policies in our database
  • Role-based access controls
  • Regular security reviews

7. Children’s Privacy (COPPA)

Reedlet is designed for educational use. Students under 13 may use the Service under the supervision of their teacher or school, who acts as the responsible party. Teachers should obtain necessary parental consents as required by their institution’s policies and applicable law.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate information
  • Deletion: Request deletion of your data
  • Portability: Receive your data in a machine-readable format
  • Opt-out: Decline non-essential data processing

To exercise these rights, contact us through our contact page.

9. FERPA Compliance

For schools subject to FERPA (Family Educational Rights and Privacy Act), Reedlet acts as a "school official" with a "legitimate educational interest." We only use student education records for the purpose of providing the contracted educational service.

10. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies. You can manage cookie preferences through your browser settings.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes via email or in-app notification at least 30 days before they take effect.

12. Contact Us

For privacy-related questions or data requests, please contact us at our contact page.

Privacy Policy | Reedlet