🛡️

Privacy Policy

Last updated: February 20, 2026

The short version:

✅ We never sell your data
✅ We never serve advertising
✅ We comply with COPPA and FERPA for student data
✅ You can request deletion of all your data at any time
✅ Birth data is encrypted and used only for learning personalization

🏠

1. Who We Are

JyoLing Academy ("Academy," "we," "us") is an educational platform operated by JyoLing LLC, a company registered in the State of Texas, United States. Academy is accessible at academy.jyoling.com and is part of the JyoLing family of products.

This Privacy Policy explains how we collect, use, store, and protect your information when you use Academy. By using our Services, you consent to the practices described here.

📋

2. Information We Collect

2.1 Account Information

When you sign in using Google or Apple (OAuth), we receive your name, email address, and a unique account identifier. We do not receive or store your Google or Apple password.

2.2 Birth Details

To create your personalized learning profile (cognitive archetype profiling), we ask for your date of birth, time of birth (optional), and place of birth. This information is used solely to generate your cognitive archetype and personalize your educational experience. We do not sell or share this data with third parties for any purpose.

2.3 Learning Data

We collect information about your learning activity, including:

Course progress and completion rates
Quiz and mastery assessment answers
Credit earning and spending history
Concept question responses (used for verification and earning)
Content creation submissions (videos, visuals, analyses)
Session duration and frequency

2.4 Sathi Conversations

Free-tier users: Sathi conversations are processed in real-time and not stored beyond the current session.

Paid-tier users: Sathi conversations may be stored to provide session memory (Sathi remembers previous interactions within a course). This data is encrypted, never shared with third parties, and deletable at any time.

2.5 Technical Data

We automatically collect:

Device type and browser information
IP address (used for security and approximate location)
Session timestamps and page views
Typing patterns (anonymized, used for anti-gaming verification only)

2.6 What We Do NOT Collect

Social Security numbers or government IDs
Financial account information (payments processed by third-party providers)
Photos, videos, or biometric data (unless voluntarily submitted as creation content)
Location data beyond what's needed for the cognitive archetype profiling

⚙️

3. How We Use Your Information

We use your information for the following purposes:

Personalization: Generating your cognitive archetype profile and adapting Sathi's teaching style to match
Learning Delivery: Providing course content, quizzes, mastery assessments, and progress tracking
Token Economy: Managing token balances, verifying original thinking, processing creation earnings
Verification: Anti-gaming detection to ensure genuine learning (response timing, vocabulary consistency, paste detection)
Improvement: Analyzing aggregate, anonymized patterns to improve teaching effectiveness and content quality
Communication: Sending service-related notifications (never marketing without explicit consent)
Security: Protecting accounts, detecting fraud, and maintaining platform integrity

🔗

4. How We Share Information

4.1 We Never Sell Your Data

JyoLing LLC does not sell, rent, or trade personal information to third parties. Period.

4.2 AI Service Providers — Privacy by Design

Sathi uses AI language models from Anthropic (Claude). The AI layer receives only three things: the course ID, the concept ID, and the student's message. It cannot identify your child.

No name. No email. No age. No location. No school. No birth data. The authentication token identifies the user on our backend — it never reaches the AI layer. This is not a policy. It is the architecture.

Each system only sees what it needs:

• AI (Sathi): course, concept, and question only. Cannot identify the student.
• Stripe: handles payment. Cannot see learning data or birth details.
• Google OAuth: provides sign-in identity only. Cannot see learning data or payment info.
• Birth data: stored separately, encrypted. Never sent to AI. Never shared with third parties.

No single system — including our own without explicit authorized access — can link all pieces of a student's data together. Privacy isn't a feature. It's the architecture.

4.3 Infrastructure Providers

We use Amazon Web Services (AWS) for data storage and processing. Your data is stored in encrypted databases in the United States.

4.4 Payment Processors

Token purchases are processed by third-party payment providers. We do not store credit card numbers or bank account details on our servers.

4.5 Educational Institutions

For students using Academy through a school, the institution may receive aggregate, anonymized engagement metrics (e.g., class-level Reward Pool depletion rates). Schools do not receive individual Sathi conversations or personal learning data without explicit student/parent consent.

4.6 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or if necessary to protect the rights, safety, or property of JyoLing LLC, our users, or the public.

🎓

5. Student Data Protection (COPPA & FERPA)

Academy primarily serves students aged 14–18. We take student data protection seriously and comply with applicable laws:

5.1 COPPA Compliance

For users under 13 (where applicable), we require verifiable parental consent before collecting personal information. Our standard target audience is 14+, but younger students may access Academy through institutional accounts with parental consent arranged by the school.

5.2 FERPA Compliance

When Academy is used in an educational setting, student records are treated as education records under FERPA. We provide data processing agreements to schools and act as a "school official" with legitimate educational interest.

5.3 No Advertising to Students

Academy does not serve advertisements. We do not use student data for targeted advertising. We do not share student data with advertisers or data brokers.

ℹ️

For Parents: You have the right to review your child's data, request corrections, and request deletion at any time. Contact privacy@jyoling.com.

🔒

6. Data Security

We protect your data through multiple layers of security:

Encryption at rest: All personal data stored in encrypted databases (AES-256)
Encryption in transit: All data transmitted over HTTPS/TLS
Access controls: Strict role-based access — only authorized personnel can access personal data
OAuth-only authentication: We never store passwords — authentication is delegated to Google and Apple
Regular security reviews: We regularly assess and update our security practices

No system is 100% secure. If we discover a data breach affecting your personal information, we will notify affected users and relevant authorities as required by law.

🗄️

7. Data Retention

We retain your data for as long as needed to provide our Services:

Account data: Retained while your account is active. Deleted within 90 days of account termination.
Learning progress: Retained while your account is active to allow resumption of learning at any time.
Sathi conversations (free tier): Not stored beyond the current session.
Sathi conversations (paid tier): Retained while the course is active. Deletable at any time by the student.
Creation content: Retained while your account is active. Removed from peer display within 30 days of deletion request.
Anti-gaming signals: Anonymized typing and response patterns retained for 90 days for verification purposes only.
Inactive accounts: Accounts inactive for 24+ months may be flagged for deletion with 30 days notice.

🍪

8. Cookies & Similar Technologies

Academy uses cookies and similar technologies for essential functionality. For full details, see our Cookie Policy.

In summary:

Necessary cookies: Authentication sessions, CSRF protection, language preferences
Analytics cookies: Anonymized usage patterns to improve the learning experience (can be declined)
No advertising cookies: Academy does not use advertising or tracking cookies

✋

9. Your Rights

You (and your parent/guardian if under 18) have the right to:

Access: Request a copy of all personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data ("right to be forgotten")
Export: Request your data in a portable, machine-readable format
Withdraw consent: Withdraw consent for optional data processing at any time
Object: Object to specific processing activities

To exercise any of these rights, contact privacy@jyoling.com. We respond to all requests within 30 days.

ℹ️

California Residents: Under the CCPA, you have additional rights including the right to know what data is collected, the right to delete, and the right to opt-out of data sales (we do not sell data). EU/UK Residents: Under GDPR, you have the additional right to data portability and the right to lodge a complaint with a supervisory authority.

📝

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Academy interface and, where possible, via email. We provide 30 days notice before material changes take effect.

Continued use of Academy after changes are posted constitutes acceptance of the updated policy.

✉️

11. Contact Us

For privacy-related questions or to exercise your rights:

Privacy inquiries: privacy@jyoling.com
General support: support@jyoling.com

← Back to Academy

Terms Cookies