How Guiden collects, uses, protects, and shares your information
Guiden is an AI-powered tutoring platform operated by Color Coded Kids LLC, a Missouri limited liability company located in St. Louis, Missouri ("Company," "we," "us," or "our"). Guiden provides AI-assisted academic tutoring services to Kβ12 students through partnerships with schools and educational institutions ("School Partners").
For privacy inquiries, contact us at: privacy@colorcodedkids.com
This Privacy Policy applies to all users of the Guiden platform, including:
This policy does not apply to third-party websites or services linked from our platform. We are not responsible for the privacy practices of those third parties.
| Full Name | Used for identification within the platform; displayed to teachers |
| Email Address | Used for authentication, account recovery, and administrative communications |
| Password | Stored as a bcrypt hash β we never store plaintext passwords |
| Grade Level | Used to calibrate AI tutor language and difficulty (students only) |
| School Name | Used to associate accounts with School Partner institutions |
| Role | Student, Teacher, or Admin β determines platform access permissions |
| Interests | Optional; used to personalize bot interactions (students only) |
| Chat Messages | Full text of conversations between students and AI tutor bots |
| Assignment Submissions | Student work submitted for AI grading, including all chat history |
| AI Grades & Feedback | Scores (0β100), rubric breakdowns, and written feedback generated by AI graders |
| Session KPIs | Computed metrics: hints used, message count, session duration, reasoning scores |
| Chat Behavior KPIs | AI-analyzed metrics: reasoning depth, confidence, persistence, misconceptions (teacher-facing only) |
| Login Timestamps | Last login date/time for security and activity monitoring |
| Usage Counters | Daily message counts, chat counts β used for rate limiting only |
When you use Guiden, we automatically collect limited technical data necessary for the platform to function:
We do not collect device fingerprints, behavioral tracking data, advertising identifiers, or geolocation data.
If you submit a pilot application through our public website, we collect: your name, school name, email, phone number (optional), city, state, role, approximate student count, and any message you provide. This data is used solely to evaluate and respond to pilot program inquiries.
We use collected information for the following purposes and no others:
| Providing AI Tutoring | Student chat history is sent to our AI provider (OpenAI) to generate tutor responses. See Section 6. |
| AI Grading | Submitted chat history is sent to OpenAI to generate rubric-based grades and feedback. |
| Analytics & KPI Generation | Chat history is analyzed by AI to generate teacher-facing student insights (reasoning depth, misconceptions, etc.) |
| Teacher Visibility | Teachers can view full chat histories, grades, and KPI data for students enrolled in their classrooms. |
| Authentication | Email and password hash used to verify identity at login. |
| Safety & Moderation | All student messages are screened by an internal content safety classifier before reaching the AI. |
| Platform Administration | Usage counters enforce rate limits set by School Partners. No usage data is sold or shared. |
| Communications | We may email account holders about critical security issues or service changes. We do not send marketing emails to students. |
For users located in the European Economic Area or United Kingdom, we process personal data under the following legal bases:
| Contract Performance | Processing necessary to provide the tutoring service you or your school has contracted for |
| Legitimate Interest | Security logging, fraud prevention, and platform abuse prevention |
| Legal Obligation | Compliance with COPPA, FERPA, and applicable data protection laws |
| Consent | Cookie consent where required; email marketing if opted in (teachers/admins only) |
Guiden uses OpenAI's API to power tutor bot responses, AI grading, and student KPI analysis. When a student sends a message or submits an assignment, the following data is transmitted to OpenAI:
We do not transmit student names, email addresses, school names, or any other directly identifying information to OpenAI. OpenAI processes this data under its API data processing agreement and does not use API inputs to train its models. See OpenAI's API data usage policy.
| Database Hosting | PostgreSQL database hosted on a reputable cloud provider with encryption at rest and in transit |
| Application Hosting | Next.js frontend and NestJS backend hosted with SOC 2 compliant infrastructure providers |
These providers act as data processors under our direction and may not use your data for any independent purpose.
We do not sell, rent, license, or otherwise transfer personal information to third parties for monetary or other valuable consideration. This prohibition applies specifically to student data and is maintained regardless of any future changes to our business model. Any future change to this policy will require affirmative opt-in consent and 60 days' advance notice.
When a student accesses Guiden through a School Partner, the school has access to that student's data including chat history, grades, and KPI analytics. This access is granted by and through the school's administrative account and is consistent with the school's role as an educational institution with legitimate educational interest under FERPA.
We may disclose personal information if required by law, court order, or governmental authority, including to comply with FERPA-mandated reporting obligations. We will notify affected users of any such disclosure to the extent permitted by law.
We limit data collection from children under 13 to what is strictly necessary for the educational service:
We do not collect home addresses, phone numbers, photographs, social media identifiers, or any persistent identifiers tied to advertising for children under 13.
Parents and legal guardians of children under 13 have the right to:
To exercise these rights, contact your child's school administrator or email us directly at privacy@colorcodedkids.com with your child's name, school name, and your relationship to the child. We will respond within 10 business days.
We do not engage in behavioral advertising, interest-based advertising, or targeted marketing directed at children under 13 under any circumstances. We do not permit third-party advertising networks on the student-facing portions of our platform.
Guiden qualifies as a "school official" under the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. Β§ 1232g, and its implementing regulations at 34 CFR Part 99. We access student educational records under the "school officials with legitimate educational interest" exception.
| Legitimate Educational Interest | Providing AI-assisted tutoring, grading, and learning analytics directly in support of the student's education |
| Scope of Access | Limited to data necessary to provide the contracted tutoring service |
| Re-disclosure Prohibition | We do not re-disclose FERPA-protected student records to third parties without school authorization |
| Data Security | All student educational records are encrypted at rest (AES-256) and in transit (TLS 1.3) |
Schools retain full control over student educational records and may request deletion or export at any time. Contact privacy@colorcodedkids.com to exercise school-level data rights.
| Active Account Data | Retained for the duration of the account's active status |
| Chat History & Grades | Retained for 3 years after the student's last login, then permanently deleted |
| KPI Analytics Data | Retained for 3 years; deleted with the associated session data |
| Server Access Logs | Retained for 30 days, then automatically deleted |
| Pilot Application Data | Retained for 2 years or until explicitly requested for deletion |
| Deleted Accounts | All personal data deleted within 30 days of account deletion request |
| Backup Copies | Removed from encrypted backups within 90 days of account deletion |
Schools may request immediate deletion of a student's data at any time regardless of the above schedule.
All users have the right to: access their personal data, correct inaccurate data, request deletion, request restriction of processing, and receive a copy of their data in a portable format. To exercise these rights, email privacy@colorcodedkids.com.
California residents have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:
Student data is further protected under California Education Code Β§ 49073.1 (SOPIPA). We do not use student data for any commercial purpose unrelated to the student's education.
We implement technical and organizational measures appropriate to the sensitivity of the data:
Our services are operated from the United States. If you access Guiden from outside the United States, your data will be transferred to and processed in the United States. For EEA/UK users, such transfers are subject to appropriate safeguards including Standard Contractual Clauses where applicable.
We will notify users of material changes to this Privacy Policy by email (for account holders) and by posting a notice on our website at least 30 days before the changes take effect. For changes affecting children's data, we will notify School Partners with at least 30 days' notice and provide schools with the opportunity to terminate the service relationship before the new policy takes effect.
| Privacy Inquiries | info@colorcodedkids.com |
| General Contact | info@colorcodedkids.com |
| Mailing Address | Color Coded Kids LLC, St. Louis, MO |
| Response Time | We respond to all privacy requests within 10 business days |