privacy
policy.

We collect institutional data (school name, contact information), identity data (name, email, role), and operational data (attendance records, grades, session logs). We do not collect biometric data.

Data is used exclusively to operate and improve the LUCY system. We do not sell data to third parties, use data for advertising, or process is for non-educational purposes.

Each institution's data is stored in a cryptographically isolated schema within a shared PostgreSQL cluster. Row-Level Security enforces that no query can cross institutional boundaries.

Active institution data is retained for the duration of the subscription. Upon termination, data is purged within 30 days unless a data export has been requested. Audit logs are retained for 7 years.

We use OpenAI for AI features (data is not stored by OpenAI beyond the session), Supabase for auth, Vercel for hosting, and Gmail SMTP for email dispatch. All third-parties are contractually bound to our privacy standards.

Institutions have the right to export their data at any time via the Director dashboard or API. Individual users may request deletion of their personal record by contacting institutional administrators.

We enforce AES-256 encryption at rest, TLS 1.3 in transit, mandatory MFA for admin accounts, append-only audit logs, and regular penetration testing.

For privacy inquiries, data export requests, or incident reports, contact: privacy@lucyos.io — or open a support case through your institutional dashboard.