Privacy Policy

Overview

TYay ("we", "our", or "the Service") is an educational tool designed to help independent science educators grade lab reports efficiently while providing AI-powered feedback to students. This Privacy Policy explains how we collect, use, and protect information when you use our Service.

Information We Collect

Google Account Information

When you sign in with Google, we collect:

• Your email address
• Your name
• Your Google profile information

Google Drive and Docs Access

We request access to:

• Google Drive files: Only the specific files you choose to use with our Service (lab report templates and student submissions)
• Google Docs: To read lab report content, place comments, and create snapshots for grading purposes

We use the most restrictive scopes possible (drive.file) to only access files you explicitly use with our Service.

How We Use Your Information

We use the information we collect to:

• Authenticate your identity and manage your account
• Create and distribute lab report assignments
• Copy lab templates to student Google accounts
• Read and extract answers from student lab reports
• Generate AI-powered feedback and grades
• Place anchored comments in Google Docs
• Create snapshots of student submissions for academic integrity

Data Storage and Retention

Student Lab Reports: Lab report content is processed temporarily for grading purposes. We do not permanently store student lab report content on our servers. All student documents remain in Google Drive under the teacher's account control.

Snapshots: When students register or submit their labs, we create snapshots (copies) in teacher-controlled Google Drive folders. These snapshots are stored in your Google Drive, not on our servers.

Metadata: We store assignment information, submission status, and grading metadata in our database to manage the grading workflow. This includes assignment titles, student emails, document IDs, and grading status.

AI Processing: When we send student work to OpenAI for grading, we use API settings that prevent OpenAI from storing or using student data for training purposes.

Data Sharing and Third Parties

We share data with the following third-party services necessary to operate the Service:

• Google APIs: To access Google Drive and Docs on your behalf
• OpenAI: To generate AI-powered feedback (with data protection settings enabled)

We do not sell, rent, or share your personal information or student data with any other third parties for marketing or advertising purposes.

FERPA Compliance

For teachers in the United States, we understand the importance of compliance with the Family Educational Rights and Privacy Act (FERPA). Student education records are:

• Stored in teacher-controlled Google Drive folders
• Processed only for legitimate educational purposes (grading and feedback)
• Not shared with unauthorized third parties
• Under the control of the educational institution through the teacher's Google account

Your Rights and Choices

You have the right to:

• Access: Request information about the data we store about you
• Revoke Access: Remove our access to your Google account at any time through your Google Account settings
• Delete: Request deletion of your account and associated data
• Export: All your documents remain in your Google Drive and can be exported at any time using Google Takeout

Security

We implement industry-standard security measures to protect your information:

• Encrypted connections (HTTPS) for all data transmission
• OAuth 2.0 for secure Google account authentication
• Minimal access scope requests (only files you explicitly use)
• Secure token storage and API key management

Children's Privacy

Our Service is designed for use by teachers and their students in an educational setting. We collect student data only as directed by teachers for legitimate educational purposes. We do not knowingly collect personal information from children except as part of the educational services provided through their teacher's account.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes by updating the "Last Updated" date at the top of this page.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us.