FeedbackFlow
Get StartedStart

Privacy Policy

Last updated: April 20, 2026

As teachers ourselves, we understand that the privacy of your data—and especially your students' data—is paramount. We built FeedbackFlow.AI (Feedback Flow) to save you time, not to harvest your information.

This policy outlines exactly what we collect, why we need it, and how we keep it under lock and key.

Our Core Promise to You

We do not sell your data. Ever. FeedbackFlow.AI is funded by subscriptions that provide an estimated monthly marking allowance for our tools. We have zero interest in selling, trading, or sharing your personal information or your students' work with advertisers or third-party marketers. Your data is yours, full stop.

For school and trust reviews, read the Privacy and Governance Summary.

Data Controller & Processor Roles

FeedbackFlow.AI (Daniel) is the Data Controller for account, billing, and platform usage data.

For student work uploaded by schools, schools act as the Data Controller and FeedbackFlow.AI acts as the Data Processor on their behalf. Our Data Processing Agreement is available at this link.

What We Collect (and What We Don't)

We strictly limit data collection to what is absolutely necessary for the tools to function:

Teacher Account Information

  • Email address (required) - to manage your account, subscription, and marking allowance
  • Password (securely hashed, never stored in plain text)
  • Profile details - name, role, school or organisation, subject, and optional teaching phase/level
  • Optional profile details - phone, country, timezone, teaching experience, curriculum, referral source, and marketing preference
  • Consent record - timestamps and versions for terms/privacy acceptance, student-data acknowledgement, and marketing preference

Student Data (Minimal)

We only store:

  • Student names you input (so you know whose work is whose)
  • Uploaded essays (PDF files of handwritten work)
  • Transcribed text (AI-generated from handwriting)
  • Grades and feedback you create or generate
  • Teacher notes about students (target grades, working grades, notes)

When Feedback Flow sends text prompts to AI services, the app replaces known student names with temporary placeholders before the request is sent, then restores them inside the app where needed. File upload display names are also replaced with generic names before AI upload.

What We Do NOT Collect

  • Student dates of birth, addresses, or photos
  • Demographic data beyond what's in essays
  • Browsing history or tracking data
  • No third-party analytics (no Google Analytics, Facebook Pixel, or similar)

Legal Basis for Processing

Under GDPR, we process your data based on the following legal grounds:

For Teacher Data

Contract: Processing your account information is necessary to provide you with our service. Without your email, authentication details, and core profile, we could not create or maintain your account.

Consent: We rely on consent for optional marketing emails and to record acceptance of terms, privacy information, and student-data handling acknowledgements shown during account creation.

For Student Data

School-determined lawful basis: Schools are the Data Controller for student work uploaded to Feedback Flow and must determine the appropriate lawful basis for their setting. For routine classroom marking and feedback, this may commonly be public task or official authority for public-sector schools, legitimate interests where available, or another lawful basis selected by the school.

Feedback Flow acts as the Data Processor for student work and processes it only on the school's instructions to provide transcription, marking support, feedback workflows, and storage.

Important: By using this service, you confirm that you have authority from your school or institution to upload student work. Where your institution's policy requires pupil or parent consent, permission, or notice for this use, please complete that process before uploading student work.

Where Your Data Lives & How It's Secured

We take security seriously, using industry-standard infrastructure to keep your data safe.

Hosted in the EU: All data is stored on secure servers located in European Union data centers via Supabase (PostgreSQL database and file storage).

Security Measures

  • Encrypted in transit: All data transmission uses HTTPS (TLS 1.2+)
  • Encrypted at rest: Database and file storage are encrypted
  • Access control: Row Level Security ensures teachers only see their own data
  • Authentication: JWT tokens with 1-hour expiry and refresh token rotation
  • Rate limiting: Protection against brute force attacks (30 login attempts per 5 minutes per IP)
  • Local storage: Data is also cached in your browser's IndexedDB for offline access (encrypted by your browser)

Third-Party Data Sharing

To make FeedbackFlow.AI work, we share specific data with exactly these secure partners:

Google Gemini API (AI Processing)

What we share: Student essay PDFs or images, transcribed text, and marking prompts where AI transcription or marking support is used

Why: To provide AI-powered transcription and essay marking (core service functionality)

Name minimisation: Feedback Flow anonymises known student names before AI API calls wherever technically possible. Known student names are removed from AI text prompts and replaced with temporary placeholders before requests are sent. Uploaded files are also given generic display names rather than original filenames.

Google's policy: For billing-enabled Gemini API use, Google states that prompts, files, and responses are not used to improve Google products or models. Google may keep limited logs for abuse detection, safety, and legal or regulatory purposes under its paid-service terms.

Location: Google Cloud (may involve international data transfer outside EU)

How Feedback Flow reduces student identifiers before AI processing

Feedback Flow is designed so schools can use AI transcription and marking support without routinely sending student names in prompts, file names, or scanned work pages.

API prompt anonymisation

Before AI requests are sent, the app checks known student names and replaces them in text prompts with temporary placeholders such as [STUDENT_NAME]. Responses are then restored inside the app where needed.

QR cover sheet workflow

Teachers can use Feedback Flow QR cover sheets to identify and sort work. This means student names do not need to be written on scanned work pages for the app to match the response to the correct student.

Important boundary: If a student's name is still written, printed, or visible inside an uploaded PDF or image, that visible file content may be sent to Google's Gemini API during AI processing. Schools should use QR cover sheets and avoid visible names in scanned work wherever possible. We use secure transmission, billing-enabled Gemini API terms state that prompts, files, and responses are not used to improve Google products or models, and Standard Contractual Clauses are used for relevant international transfers.

Stripe (Payment Processing)

What we share: Email (optional), purchase amount, user ID

Why: To process subscriptions and billing securely

Security: Stripe is PCI-compliant. We never see or store your credit card details

GDPR: Stripe has Standard Contractual Clauses and is GDPR-compliant

Supabase (Infrastructure)

What we share: All application data (hosted infrastructure)

Location: EU data centers

GDPR: EU-hosted with Data Processing Agreement

Cloudflare (Hosting)

What we share: HTTP requests and function execution logs

Why: To host the application and run serverless functions

GDPR: Cloudflare has Standard Contractual Clauses

No Analytics Tracking: We do not use Google Analytics, Facebook Pixel, or any third-party analytics. The only tracking we perform is internal usage monitoring so your monthly marking allowance can be applied fairly.

Your Rights

It's your data. Under GDPR, you have comprehensive rights to control your personal information:

Right to Access

You can review your account and synced profile data via the product's Profile and My Data pages, and export your data in JSON format.

Right to Rectification

Update your synced account profile at any time through Profile. Changes are written back to your Supabase-backed account record.

Right to Erasure ("Right to be Forgotten")

You can submit an account deletion request from Profile. An administrator reviews and completes the request. Once processed:

  • Your profile and settings are removed
  • All student data (names, grades, notes) is deleted
  • All uploaded essays and transcriptions are erased
  • All classes, folders, and mark schemes are removed
  • Deletion request records may be retained only as needed to demonstrate compliance handling

Note: Data previously sent to Google Gemini for AI processing cannot be automatically deleted through our system. If you need to request deletion from Google, please contact us for assistance.

Right to Data Portability

Export all your data in JSON format via the Profile page. The export includes your synced profile, consent metadata, students, classes, folders, essays, and associated teaching records.

Right to Restrict Processing

Contact us to temporarily restrict processing while we investigate any concerns you have.

Right to Object

You can object to processing based on legitimate interest. We will cease processing unless we have compelling legitimate grounds.

How to Exercise Your Rights

Most rights can be exercised directly via your Profile page, including profile updates, data export, and account deletion requests. For other requests or assistance, email [email protected]. We respond within 30 days as required by GDPR.

Data Retention

We only keep your data as long as necessary:

  • Active accounts: Data retained while your account is active and in use
  • Deleted items: Retained in archive for 30 days, then permanently deleted where archive applies
  • Inactive accounts: Automatically deleted after 2 years of no login activity (we'll email you before deletion)
  • Usage logs: Retained for 1 year for billing and support purposes
  • Payment records: Retained for 7 years (legal requirement for tax/accounting)
  • Deletion request records: Retained only as long as reasonably necessary to administer and evidence GDPR request handling

Cookies & Local Storage

We use minimal cookies, all strictly necessary for the service to function:

Strictly Necessary Cookies

  • Authentication cookies (Supabase Auth) - to keep you logged in
  • Session management - to maintain your session state
  • Local storage (IndexedDB) - to cache data for offline functionality

No Tracking: We do not use analytics cookies, marketing cookies, advertising cookies, or share data with ad networks.

Read our full Cookie Policy.

You can disable cookies through your browser settings, but this may affect functionality (e.g., you won't stay logged in).

International Data Transfers

Your data is primarily stored in EU data centers. However, some data is processed by Google Gemini (US-based company) for AI functionality.

We protect international transfers using:

  • Standard Contractual Clauses (SCCs) - EU-approved contract terms
  • Data Processing Agreements with all processors
  • Encryption in transit and at rest
  • Access controls limiting who can access data

Children's Data

This service is designed for teachers to mark student work. Students may include minors (under 16 in most EU countries).

By using this service, you confirm:

  • You are a teacher/educator with authority to process student work
  • Your school or institution has determined the lawful basis for using Feedback Flow
  • Any pupil or parent consent, permission, or notice required by your institution has been handled before upload

If you are unsure about lawful basis, consent, or notice requirements for processing student data, please consult your school's data protection officer or administration before using this service.

Data Breach Notification

We have security measures in place to prevent data breaches. However, if a breach occurs affecting your data:

  • We will notify the relevant supervisory authority within 72 hours
  • We will notify you without undue delay if there's high risk to your rights and freedoms
  • We will document all breaches internally and take steps to prevent recurrence

Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or for legal reasons.

  • We will notify you of significant changes via email
  • The "Last Updated" date at the top will always reflect the most recent version
  • Continued use of the service after changes constitutes acceptance
  • We recommend reviewing this policy periodically

Your Right to Complain

If you're unhappy with how we handle your data:

  1. Contact us first: [email protected] - We'll do our best to resolve your concerns
  2. Lodge a complaint: You have the right to lodge a complaint with your data protection supervisory authority:

Contact Us

Questions about this policy? Want to exercise your rights? Need help with data deletion?

Data Controller: FeedbackFlow.AI (Daniel)

Contact: [email protected]

Response time: Within 30 days (usually much faster)