Privacy Policy
Last Updated: April 1, 2026
Effective Date: April 1, 2026
GradeVine ("we," "us," or "our") is a mobile application developed by Moses Harding that helps teachers digitize, transcribe, and grade handwritten student assignments using AI-powered technology. This Privacy Policy explains how we collect, use, store, share, and protect information when you use the GradeVine app ("Service").
We take the privacy of student information seriously. Please read this policy carefully. By using GradeVine, you agree to the practices described below.
1. Information We Collect
1.1 Information You Provide
Teacher Account Information
- Your Apple ID / iCloud account is used to sync data across your devices. We do not separately collect your name, email, or password for app access.
- If you connect Google Drive for export, we receive your Google account name, email address, and profile photo for authentication purposes only.
Student Information
- Student names as entered by you
- Alternate names or nicknames you provide for student matching
- Course enrollments and section assignments
- Student archive status
Assignment and Grading Data
- Assignment titles, questions, point values, keywords, and rubrics
- Scanned images of student handwritten work (captured via your device camera or photo library)
- AI-transcribed text from student handwriting
- Grades, scores, and teacher-provided feedback
- Keyword matching results and confidence scores
1.2 Information Collected Automatically
Usage Analytics (if you have not opted out)
- App feature usage events (e.g., assignments created, scans processed)
- Screen views and navigation patterns
- Session duration and frequency
- Performance metrics and error events
- Device type and operating system version
Analytics events do not include student names, assignment content, grades, or any student-identifiable information.
Technical Data
- Anonymous device identifiers for analytics
- App crash reports
- iCloud account availability status
1.3 Information We Do NOT Collect
- Student email addresses, phone numbers, physical addresses, or Social Security numbers
- Student dates of birth or demographic information
- Biometric data (fingerprints, face scans, voice recordings)
- Location data
- Contacts, calendars, or other device data unrelated to scanning
2. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Data Used |
|---|
| AI Transcription & Grading | Student handwriting images, assignment questions, keywords, student roster names |
| Student Matching | Student names, alternate names, roster data |
| Cloud Sync | All assignment, student, course, scan, and grade metadata (synced to your personal iCloud account) |
| Google Drive Export | Student names, scan images, transcripts, grades, feedback (exported at your request to your Google Drive) |
| Subscription Management | Anonymous user identifier, purchase history |
| Product Improvement | Aggregated, non-identifying usage analytics |
| Technical Support | Error logs and crash reports |
We do not use student information for:
- Advertising or marketing
- Building student profiles for non-educational purposes
- Selling or renting to third parties
- Training AI models (see Section 3.1)
3. Third-Party Services
GradeVine uses the following third-party services to provide its functionality. Each service receives only the data necessary for its purpose.
3.1 Google Gemini AI (AI Transcription & Grading)
- What is sent: Images of student handwriting, assignment question content, keywords, and student roster names (for name matching)
- Purpose: Optical character recognition (OCR), text transcription, student name extraction, and AI-assisted grading
- Data retention by Google: On the paid API tier that GradeVine uses, prompts and responses are not used for model training. Google retains API logs for up to 55 days for abuse monitoring, after which they are deleted. Google takes steps to disconnect data from API keys before any human review.
- Google's data policy: Google Gemini API Data Logging Policy
3.2 Apple CloudKit (iCloud Sync)
- What is synced: Course, student, assignment, scan, and grade metadata, as well as scan images — stored in your private iCloud database
- Purpose: Sync your data across your Apple devices signed into the same iCloud account
- Encryption: Apple encrypts CloudKit data in transit and at rest
- Control: Data is in your personal iCloud account. Deleting data in GradeVine also removes it from iCloud.
3.3 Google Drive (Optional Export)
- What is sent: Student names, scan images, transcribed text, grades, feedback, and AI analysis results — organized by course, assignment, and student
- Purpose: Export graded work to your Google Drive at your request
- When: Only when you explicitly initiate an export
- Control: Exported files are in your Google Drive account. You can delete them at any time through Google Drive.
- Scope: GradeVine requests access to your Google Drive to create and manage export files
3.4 Firebase Analytics (Google)
- What is collected: App usage events, screen views, session data, and device/OS metadata
- What is NOT collected: Student names, grades, assignment content, or any student-identifiable information
- Purpose: Understand how the app is used to improve features and fix issues
- Opt-out: You can disable analytics at any time in Settings. When disabled, we stop collecting analytics data and clear locally stored analytics events.
- Data retention: Analytics data is retained for 2 months
3.5 RevenueCat (Subscription Management)
- What is shared: An anonymous app user identifier (not your name or email), subscription status, and purchase history
- Purpose: Manage Pro subscriptions and credit purchases
- Privacy: RevenueCat does not receive any student data
- RevenueCat's privacy policy: revenuecat.com/privacy
3.6 Firebase Authentication (Google)
- What is used: An anonymous authentication token
- Purpose: Secure access to backend services
- Privacy: No personal information is associated with the anonymous token
4. Data Storage and Security
4.1 Local Storage
- All student data, assignments, scans, and grades are stored locally on your device in the app's private sandbox
- Scan images are stored as JPEG files on your device and synced to your personal iCloud account
- Local storage is protected by iOS file-system encryption, which is tied to your device passcode
4.2 Cloud Storage
- All data — including metadata and scan images — is synced to your personal iCloud account via Apple CloudKit
- CloudKit data is encrypted in transit (TLS) and at rest by Apple
- Your iCloud data is accessible only to devices signed into your Apple ID
4.3 Security Measures
- All network communications use HTTPS/TLS encryption
- API authentication uses industry-standard OAuth 2.0 (Google) and API key authentication (Gemini)
- Subscription identifiers are stored in the iOS Keychain
- We do not maintain our own servers or databases with your data — data resides on your device, in your iCloud account, or in your Google account
5. Children's Privacy
GradeVine is a tool for teachers, not a service directed at children. However, we recognize that teachers use GradeVine to process student work, which may include work from children under 13.
5.1 What We Collect About Students
GradeVine collects student information as entered by teachers: names, alternate names, scanned images of handwriting, and grades. Students do not interact with GradeVine directly and do not have accounts.
5.2 Teacher Responsibility
Teachers are responsible for:
- Ensuring they have appropriate authorization from their educational institution to use GradeVine with student data
- Complying with their institution's student data privacy policies
- Obtaining any required parental or institutional consent before processing student information through GradeVine
- Complying with applicable laws including FERPA, COPPA, and state student privacy laws
5.3 Our Commitments
- We do not use student data for advertising, marketing, or non-educational profiling
- We do not sell student data to any third party
- We minimize data collection to what is necessary for the educational service
- Student data sent to Google Gemini for AI processing is not used to train AI models (paid API tier)
- We will delete student data upon teacher request (see Section 7)
5.4 COPPA Notice
If you are a teacher of students under 13, please ensure you have obtained the necessary consent from your educational institution or from parents/guardians before using GradeVine to process student work. GradeVine does not knowingly collect personal information directly from children under 13. If you believe a child's personal information has been collected inappropriately, please contact us at [email protected] and we will promptly delete it.
6. Data Retention
| Data Type | Retention Period |
|---|
| Student records, assignments, grades | Retained until you delete them within the app or reset the app |
| Scan images | Retained on your device until you delete them, archive them, or reset the app |
| CloudKit synced data | Retained in your iCloud account until deleted through the app |
| Google Drive exports | Retained in your Google Drive until you delete them |
| Analytics data | 2 months |
| Gemini API logs | Up to 55 days (retained and managed by Google) |
| RevenueCat subscription data | Per RevenueCat's retention policy |
We do not impose a maximum retention period on educational data you actively use. You have full control to delete data at any time.
7. Your Rights and Choices
7.1 Data Access and Export
- View: All student data, grades, and transcripts are viewable within the app at any time
- Export: You can export grade data as CSV files or export complete records (images, transcripts, grades) to Google Drive
7.2 Data Deletion
GradeVine provides two levels of data deletion:
- Free Up Space: Removes orphaned files and cached data while preserving your courses, students, and grades
- Reset App: Complete deletion of all data — local files, CloudKit records, and cached data. Requires typing "DELETE" to confirm. This action is irreversible.
7.3 Analytics Opt-Out
You can disable analytics collection at any time in the app's Settings. When disabled:
- Analytics collection stops immediately
- Locally stored analytics events are cleared
- No further data is sent to Firebase Analytics
7.4 Google Account
You can disconnect your Google account at any time in Settings, which revokes GradeVine's access to your Google Drive. Previously exported files remain in your Google Drive under your control.
7.5 California Residents
If you are a California resident and the California Consumer Privacy Act (CCPA/CPRA) applies, you may have additional rights including the right to know, delete, and correct your personal information, and the right to opt out of the sale or sharing of personal information. We do not sell or share personal information as defined by the CCPA. To exercise your rights, contact us at [email protected].
8. Data Sharing
We do not sell, rent, or share student data or teacher data with third parties for their own commercial purposes.
We share data with third-party services only as described in Section 3 above, and only to the extent necessary to provide the Service. Specifically:
- Google (Gemini AI): Student handwriting images and assignment content for AI processing
- Apple (CloudKit): All data including scan images for cloud sync to your iCloud account
- Google (Drive): Graded work for export to your Google Drive, at your request
- Google (Firebase): Anonymous usage analytics (if not opted out)
- RevenueCat: Anonymous subscription management data
We may also disclose information if required by law, legal process, or government request, or to protect the rights, property, or safety of GradeVine, our users, or others.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy within the app
- Updating the "Last Updated" date at the top of this policy
- For material changes, providing in-app notification
Your continued use of GradeVine after changes become effective constitutes acceptance of the updated policy.
10. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
If you believe student data has been handled inappropriately, please contact us immediately at [email protected] and we will investigate and respond promptly.
11. Definitions
- Personal Information: Information that identifies, relates to, or could reasonably be linked to a particular individual
- Student Data: Personal information about students collected through the Service, including names, handwriting images, transcribed text, and grades
- Teacher: The individual user of GradeVine who enters student data and uses the Service for grading
- Service: The GradeVine mobile application and all associated features
Back to home