Security, Privacy & Compliance

CompliancePrivacy

CircleRAM AI - FERPA Compliance

Last updated: 9/8/2025

1. Our FERPA Commitment

CircleRAM AI is built to protect student education records and give schools full control of their data. We follow the Family Educational Rights and Privacy Act (FERPA), which means:

  • Schools remain the owners of all student data.
  • CircleRAM AI acts as a school official, using data only for educational purposes.
  • We do not sell, rent, or share student information with advertisers or unrelated third parties.

2. What Data We Process

Depending on how your school uses CircleRAM AI, we may store:

  • Student names, contact details, guardianship information
  • Enrollment records, class schedules, grades, attendance
  • Teacher and staff information (limited to school operations)
  • Payment and billing data (when you use our payment features)

We only process this data on your school’s behalf.

3. Data Security

We protect education records using:

  • Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access Controls: Schools manage who can see what. Teachers only access their assigned students.
  • Audit Logs: Every data change and access is logged.
  • Isolation: Each school’s data is separated logically from others.

4. School Rights

Schools can:

  • Access or export student data at any time.
  • Correct or delete records upon request.
  • Request account deletion - we will securely erase your data from our systems.

We respond within 5 business days.

5. Third-Party Services

CircleRAM AI uses trusted sub-processors (e.g., Stripe, Zoom) who comply with privacy standards and sign data processing agreements.

5. Breach Notification

If there is unauthorized access to student data, we notify affected schools within 72 hours with details and remediation steps.

Contact Us

Privacy concerns? Data access request? Email us at privacy@circleram.ai and we will help.

CircleRAM AI - COPPA Compliance

Last updated: 9/8/2025

CircleRAM AI is committed to protecting the privacy of children under 13 in accordance with the Children’s Online Privacy Protection Act (COPPA). Our platform is designed to provide educational services safely, giving parents full control over their child’s information.

1. Parental Consent

  • Before collecting any personal information from children under 13, CircleRAM AI requires verifiable parental consent.
  • Parents or guardians must authorize accounts for their children prior to use.
  • Consent records are securely maintained to ensure compliance.

2. Data We Collect

CircleRAM AI collects only information necessary for educational purposes:

  • Child’s name, date of birth, and contact information
  • Parent/guardian contact details
  • Enrollment records, class schedules, attendance
  • Grades, assignments, and learning progress

We do not collect personal information for marketing, advertising, or any other non-educational purposes.

3. Parent Rights

Parents and guardians can:

  • Review the personal information collected about their child
  • Request corrections to the data
  • Request deletion of their child’s account and associated data

Requests submitted via privacy@circleram.ai are answered within 5 business days.

4. Data Security

  • All data encrypted in transit and at rest
  • Access is restricted to authorized school personnel and CircleRAM AI staff who require it to provide services
  • Audit logs track all access and modifications to child data

5. Age Verification

  • During account registration, users must enter their date of birth
  • Accounts for children under 13 are activated only after parental consent is verified

6. Third-Party Services

  • Trusted integrations (e.g., Zoom, Stripe, Google Workspace) are contractually bound to comply with COPPA
  • Third-party providers only process the data necessary to deliver their services

7. Breach Notification

  • In the unlikely event of unauthorized access to child data, parents and schools will be notified within 72 hours
  • Notifications include details of the incident and steps to remediate

Contact Information

For questions, access requests, corrections, or deletion requests:

Email: privacy@circleram.ai

This version is complete, dedicated to COPPA, and formatted to give parents and school administrators confidence that CircleRAM AI fully complies.

CircleRAM AI - GDPR Compliance

Last updated: 9/8/2025

CircleRAM AI is committed to protecting personal data in accordance with the General Data Protection Regulation (GDPR). Our platform is designed to provide educational services while ensuring privacy, transparency, and control for students, parents, and staff in the European Union (EU) and European Economic Area (EEA).

1. Lawful Basis for Data Processing

CircleRAM AI processes personal data only for educational purposes, based on either:

  • Contractual necessity: to provide services requested by the school or institution
  • Consent: obtained from users or, for children under 16, from parents/guardians

2. Data We Collect

Depending on the institution’s use of CircleRAM AI, we may collect:

  • Student and parent names and contact information
  • Enrollment records, class schedules, attendance, grades, and assignments
  • Teacher and staff information required for school operations
  • Payment and billing information (if using tuition features)

We only collect what is strictly necessary to deliver our educational services.

3. User Rights

Under GDPR, users (or parents/guardians for children under 16) have the following rights:

  • Access: Request a copy of the personal data CircleRAM AI holds
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion (“Right to be Forgotten”): Request permanent deletion of data
  • Portability: Receive personal data in a structured, machine-readable format
  • Restriction: Request temporary suspension of processing in specific circumstances
  • Objection: Object to processing for purposes not strictly necessary for education

Requests submitted via privacy@circleram.ai are answered within 5 business days.

4. Data Security

  • All personal data is encrypted in transit and at rest
  • Access is limited to authorized school personnel and CircleRAM AI staff
  • Audit logs track all access and changes
  • Our System designed with privacy by design principles

5. Data Retention

  • Personal data is stored only as long as necessary to fulfill educational purposes or as required by law
  • Schools can request data deletion at any time, and CircleRAM AI will permanently erase the records

6. Third-Party Services

  • Trusted third-party integrations (e.g., Zoom, Stripe, Google Workspace) are bound by contracts to comply with GDPR
  • Third-party providers only process the data necessary to provide their services

7. Breach Notification

  • CircleRAM AI will notify affected schools and users within 72 hours of any unauthorized access to personal data
  • Notifications include incident details and remediation steps

Contact Information

For GDPR-related questions, access, corrections, or deletion requests:

Email: privacy@circleram.ai