Privacy Policy
Last updated: November 24, 2025
Introduction
Frizzle, Inc. ("we," "us," or "our") is committed to protecting the privacy of educators and school administrators who use our platform, as well as the student data entrusted to us by schools. This Privacy Policy explains how we collect, use, store, and protect personal information in compliance with FERPA, COPPA (as applicable), SOPPA, NY Ed Law 2-d, and other relevant student data privacy regulations.
1. Information We Collect
Educator and School Staff Information We collect personal information from educators and school staff who create accounts, including: • Name • Email address • School affiliation • Authentication information (e.g., Google Sign-In) • Account usage data Student Information (Uploaded by Schools) We do not collect information directly from students. Frizzle does not allow students to create accounts or interact with the platform. Any student data in the platform is: • Uploaded or entered by educators • Provided under the school's authority • Limited to what is necessary for grading, feedback, and instructional support. (e.g. assignment images, performance data)
2. How We Use Information
We use personal information solely to deliver and improve our educational services, comply with legal obligations, and provide support to educators and schools. We do not sell, share, or use data for advertising.
3. Compliance with FERPA
Frizzle acknowledges that student data uploaded by educators may be protected by the Family Educational Rights and Privacy Act (FERPA). We act as a "School Official" under FERPA, meaning we process student data only for authorized educational purposes, with ownership and control remaining in the hands of the school. Frizzle does not disclose student data except as directed by the school. We will enter into Data Privacy Agreements (DPAs) as required.
4. Compliance with COPPA
Students do not create accounts or access Frizzle directly. Therefore, Frizzle does not knowingly collect personal information directly from children under the age of 13. We rely on the school's authorization to process data regarding students, in compliance with the Children's Online Privacy Protection Act (COPPA). When student data is uploaded by educators, the school is the consenting authority, consistent with COPPA's "School Consent" mechanism.
5. Compliance with SOPPA, NY Ed Law 2-d, and SDPC
We support school compliance with SOPPA, NY Ed Law 2-d, and SDPC frameworks by providing: clear data governance, breach notification within legally mandated timelines, data deletion on request, transparency into subprocessors, no sale or secondary use of student data, secure data handling and destruction, and school-specific DPAs upon request.
6. Google User Data
If you log in via Google, we may access certain Google account information such as your name, email address, and profile picture. This data is used solely for educator authentication, account setup, and communication. Frizzle does not request, access, or store any additional Google account data (e.g., calendar, contacts, or drive files) unless explicitly stated and authorized by you. We do not use your Google data for advertising, nor do we sell or share it with third parties. All Google-related data is encrypted both in transit and at rest and protected using industry-standard security protocols. You may disconnect your Google account at any time by updating your account settings.
7. Data Sharing
We do not sell or share student information. We may share data only with trusted third-party service providers (subprocessors) under strict contract to help deliver our services (e.g., secure hosting providers). These subprocessors may not use the data for machine learning, model training, or any purpose outside of delivering services to Frizzle. These providers are bound by the same confidentiality and security obligations as Frizzle and may not use the data for any other purpose.
8. Security, Encryption, and Data Retention
We implement industry-standard security controls, including: • Encryption in transit and at rest • Access controls and authentication • Monitoring and audit logs • Secure storage systems Student data is retained only as long as needed for educational purposes and is deleted upon: • Contract termination • School request
9. User Consent
We collect personal information from educators and administrators only with explicit consent at account creation. Any student information is provided by the school, which assumes responsibility for obtaining appropriate permissions in accordance with their local laws and school policies.
10. Privacy Reviews and Internal Audits
Frizzle regularly reviews and updates its privacy and security controls to maintain compliance and industry best practices.
11. Rights and Choices
Schools, educators, or authorized parents (via the school) may access, correct, or request deletion of data. Requests should be sent to support@frizzle.com. Authorized parents may exercise rights only through their school, in accordance with FERPA.
12. Changes to This Policy
We may update this policy periodically to reflect changes in our practices or laws. We will notify schools and educators when material changes occur.
13. Contact
Frizzle, Inc. support@frizzle.com frizzle.com