Privacy Policy

Last updated: March 2026

1. Introduction

The Gospel Academy, operated by Veritas AI Solutions ("Company," "we," "us"), is committed to protecting the privacy of our students, parents, and users. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform.

2. Information We Collect

We collect the following types of information:

Account Information

Name, email address, password (hashed), role (parent/student), and billing information processed through Stripe.

Student Information

Student name, grade level, date of birth, learning pathway, scheduling preferences, and academic records (grades, assessments, progress).

Usage Data

Lesson progress, tutor session conversations, assessment responses, time spent on lessons, and platform interaction data.

Technical Data

IP address, browser type, device information, and cookies necessary for authentication and platform functionality.

3. How We Use Your Information

  • Providing and personalizing the educational experience
  • AI tutor interactions (conversations are stored to maintain session context)
  • Grading assessments and tracking academic progress
  • Communicating with parents about student performance
  • Processing payments through Stripe
  • Improving our platform and curriculum
  • Complying with legal obligations

4. AI Tutor Data

Conversations with the AI Master Tutor are stored in our database to provide session continuity and improve the learning experience. These conversations are:

  • Accessible only to the student, their parent, and platform administrators
  • Not shared with or sold to third parties
  • Not used to train external AI models
  • Subject to content safety filters and rate limiting

5. Data Sharing

We do not sell your personal information. We share data only with:

  • Stripe — for payment processing (Stripe's privacy policy applies)
  • Supabase — for authentication and database hosting
  • Google (Gemini AI) — for AI tutor responses (no student PII is sent to the AI model)
  • Law enforcement — only when required by law

6. Children's Privacy (COPPA)

We comply with the Children's Online Privacy Protection Act (COPPA). Student accounts for children under 13 are created and managed by parents or legal guardians. We do not knowingly collect personal information from children under 13 without parental consent. Parents may review, modify, or delete their child's information by contacting us.

7. Data Security

We implement industry-standard security measures to protect your data, including encrypted connections (SSL/TLS), hashed passwords, secure authentication tokens, and access controls. Our database is hosted on Supabase with PostgreSQL encryption at rest. However, no method of electronic transmission or storage is 100% secure.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Academic records (grades, assessments) are retained for the duration of enrollment plus two years. You may request deletion of your account and associated data at any time by contacting us.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you or your child
  • Correct inaccurate information
  • Request deletion of your data
  • Export your data in a portable format
  • Opt out of non-essential communications

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the platform. The "Last updated" date at the top reflects the most recent revision.

11. Contact

For privacy questions or data requests, contact us at support@thegospelacademy.com.