IEP
IEP Says

Privacy Policy

Last updated: February 2026

1. FERPA Awareness

IEP documents contain educational records that may be protected under the Family Educational Rights and Privacy Act (FERPA). We process these documents solely to provide you with analysis and plain-language summaries. We do not share uploaded documents or their contents with schools, school districts, or any third parties.

2. Data Collection

We collect: (a) account information (email, name, state); (b) child profile information (name, grade, disability categories, school) as provided by you; (c) uploaded documents and images for processing; (d) usage data to improve the service. We collect only information necessary to provide our services.

3. Data Storage & Security

All documents and data are encrypted at rest and in transit. Documents are stored in secure cloud storage with access restricted to your account only. We implement industry-standard security measures to protect your information.

4. Children's Privacy

We collect child information (name, grade level, disability category, school information) only as provided by parents or legal guardians for the purpose of tailoring IEP analysis and recommendations. Children do not create accounts or directly interact with IEP Says. All child data is managed exclusively by the parent/guardian account holder.

5. AI Processing

Your documents are processed by AI models to generate summaries and analysis. Document content sent to AI providers is not used to train AI models. We use Anthropic's Claude API for document analysis, which has a zero-retention data policy for API usage.

6. Data Sharing

We do not sell, rent, or share your personal information or document contents with third parties for marketing purposes. We may share data only with: (a) service providers necessary to operate the platform (hosting, AI processing); (b) as required by law or valid legal process.

7. Data Retention & Deletion

You can delete individual documents, child profiles, or your entire account at any time from the Settings page. Upon account deletion, all associated data — including uploaded documents, analysis results, child profiles, and meeting notes — will be permanently deleted within 30 days.

8. Your Rights

You have the right to: access your data, correct inaccuracies, delete your data, export your data, and withdraw consent for data processing. To exercise these rights, visit Settings or contact support@iepsays.com.

Contact

For privacy-related questions or concerns, contact us at privacy@iepsays.com.