A practical guide for scholars, families, educators, and schools.
Start with context
School use and family use are different
School-Authorized Use
The school controls its education records. The Scholar's Ascent processes only the information needed to deliver the school-authorized service and follows the applicable school agreement. A parent or eligible student should normally begin an education-record request with the school so the school can verify identity and direct the response.
Direct-to-Family Use
The parent, guardian, or adult account holder controls the account relationship. For a child under 13, the account must remain restricted until the adult receives the required direct notice and provides legally sufficient consent, unless a properly authorized school is acting as the parent's agent for a school-only educational purpose. The direct-family under-13 production flow remains gated while its parent-verification steps are finalized.
A teacher clicking “Sign in with Clever” is not, by itself, our evidence that a school authorized under-13 data collection. Production classroom activation requires the authority and notices applicable to that school context.
Data map
What the Assessment Center may process
Identity & Classroom
Clever role and provider identifiers are received during authorization; the current integration converts provider IDs to keyed opaque mappings instead of persisting the raw IDs or OAuth token
Selected-section label, subject/grade when supplied, roster count, membership links, and synchronization state
The current Clever integration does not persist teacher or student names, emails, profile photos, or demographic fields
Scholar alias and tenant-scoped classroom links
Learning Evidence
Answers, scores, attempts, mastery, misconceptions, feedback, retakes, and regrades
Uploaded or photographed work, including handwriting or names a user puts into an image
Teacher comments and notifications
Supports
Educator-selected functional settings such as extended time, reduced question count, text or speech support, bilingual support, or alternate setting
Google generative-AI grading is not enabled in the company Assessment Center
We do not request Clever API v3.1 disability, Section 504, IEP, gifted, FRL, home-language, or attendance fields for the Library integration
Integrity & Family Links
Tab/fullscreen events, paste events, response length, aggregate typing cadence, keystroke counts/bursts, network-address hashes, and generated risk indicators during applicable assessments
Guardian name, email, account link, consent record, and related security metadata where family features are used
Application Security
Company-hosted teacher and student assessment routes use Firebase App Check with reCAPTCHA Enterprise to confirm requests come from the registered application
Google may process browser/device, interaction, network, necessary-cookie, and security-risk signals for abuse prevention; these signals are not used for grading, discipline, advertising, or student evaluation
Aliases reduce exposure, but they do not make every record anonymous. A school can connect an alias to a student, and provider identifiers, guardian links, uploads, or user-entered text may identify a person. We therefore treat these records as protected student information.
Disabled in minor-accessible workflows
Where generative AI is—and is not—used
Google generative AI is disabled in student-facing, student-triggered, and other minor-accessible company Assessment Center workflows. Clever data, student responses, student work images, accommodations, integrity evidence, and teacher classroom data are not sent from the application to Google generative AI. Assessment delivery and supported auto-scoring use deterministic rules.
Some static educational or marketing content may have been developed with AI assistance and is reviewed by a person before publication.
A separate adult-only teacher authoring service is not active.
Any future adult-only authoring service must accept no student personal information and pass written provider, counsel, security, and notice review.
An integrity event is not proof of cheating or misconduct; an authorized educator makes the final instructional, grading, and discipline decision.
Google Cloud's current Generative AI Service terms prohibit using those services in a website or customer application directed toward or likely to be accessed by people under 18. Moving to Vertex AI does not remove that restriction.
Delete with purpose
Product-specific retention
Record
Ordinary Schedule
Assessment responses, scores, feedback, accommodations, uploads, and integrity records
The applicable July–June school year, then deleted or de-identified unless the controlling school directs a shorter or otherwise lawful schedule.
Verified individual deletion request
Completed within 30 days after verification and school coordination when the school controls the record, unless a shorter period applies.
School service termination
Returned or deleted within 60 days unless the agreement requires a shorter period.
Clever identity and roster links
While the authorized integration is active, then through the applicable deletion window.
Child and parent contact collected only to seek consent
Deleted if legally sufficient parental consent is not completed within a reasonable time.
Billing, contract, and security evidence
Only as needed for accounting, dispute, fraud-prevention, audit, or legal obligations; student content is not retained merely for billing.
Backups
Removed from ordinary access when source data is deleted and permitted to age out only under a verified backup lifecycle. A numeric maximum has not yet been verified and external school student-data processing remains gated on that verification.
Requests & controls
Review, correct, delete, or appeal
For a school account, contact the school first for access, correction, deletion, or a challenge to AI/integrity evidence. We will support the school's verified instruction. For a direct-family or adult account, email info@thescholarsascent.org with the subject “Privacy request.” Do not email student records, passwords, PINs, or access tokens.
Texas residents may also appeal a decision by replying with the subject “Texas privacy appeal.” If an appeal is denied, we will explain how to contact the Texas Attorney General. We do not discriminate against anyone for exercising a privacy right.
Optional Public-Site Analytics
Firebase Analytics is off unless you choose to allow it. It is not enabled for authenticated dashboards, the Assessment Center application, or student assessment routes. Your choice is stored in this browser and can be changed here.