Skip to content
ClassOSClassOS
Log inStart free

Privacy Policy

Last updated: February 20, 2026

ClassOS is a student-facing academic productivity tool. We take your privacy seriously — especially when it comes to your educational records. This policy explains exactly what we collect, how we use it, and your rights.

FERPA Notice

ClassOS is not a school official and does not act as an agent of your educational institution. We are a third-party tool that operates under your explicit authorization. By connecting your Canvas account, you are using your own student credentials to access your own educational records — no different from logging into Canvas yourself.

We do not share your educational records with your institution, other students, employers, or any third party for any purpose other than operating the service as described below. We do not use your academic data for advertising, data brokerage, or any commercial purpose beyond providing ClassOS features to you.

If you believe your FERPA rights have been violated, you may file a complaint with the U.S. Department of Education: studentprivacy.ed.gov.

What We Collect

Account Information

Email address and display name provided during signup. Used to identify your account.

Canvas Credentials

Your Canvas personal access token. This token is encrypted with AES-256 before storage and is never logged, never shared, and never transmitted except to your school's Canvas server on your behalf.

Academic Data

Course names, grades, assignment details, due dates, and announcements fetched from Canvas via your token. This data is stored in your personal account and used only to power your ClassOS dashboard.

Usage Data

Standard server logs (page views, error events) for debugging and improving the service. This data does not include academic content.

How We Use Your Data

  • Display your grades, deadlines, and GPA on your dashboard
  • Power Scout AI features (study plans, grade coaching, deadline alerts)
  • Send you deadline reminder notifications (if enabled)
  • Improve the ClassOS product based on aggregate, de-identified usage patterns

We will never:

  • Sell your personal or academic data
  • Share your data with advertisers
  • Provide your data to your school or institution
  • Use your academic records for any purpose beyond operating ClassOS for you

Data Storage & Security

Your data is stored on Supabase infrastructure with row-level security enabled — meaning your data is only accessible to your account. Canvas tokens are encrypted before storage. All data is transmitted over HTTPS. We do not store Canvas passwords; only the personal access token you generate.

Third-Party Services

Supabase — database and authentication hosting

Vercel — web application hosting

Anthropic — powers Scout AI features (only relevant context is sent; your full academic record is never transmitted)

Stripe — payment processing for paid plans (ClassOS never sees your card number)

No academic data is shared with any service except Supabase (storage) and Anthropic (Scout AI, when you use it). We do not use data brokers or ad networks.

Your Rights

  • Access: Request a copy of all data we hold on your account
  • Deletion: Request permanent deletion of your account and all associated data
  • Correction: Update or correct inaccurate information in your account
  • Portability: Export your data in a standard format on request
  • Revoke access: Disconnect your Canvas token at any time from Settings

We will process all requests within 30 days. To exercise your rights, email privacy@classos.ai.

Data Retention

We retain your data for as long as your account is active. If you delete your account, all personal data including Canvas credentials and academic records is permanently deleted within 30 days. Backups are purged on the same schedule.

Contact

Questions about privacy or data? We respond to all requests.

Email: privacy@classos.ai