Potato Class Privacy Policy

Effective Date: April 2, 2026

Potato Class is operated by Growing Standard LLC (“we,” “our,” or “us”). We are committed to protecting the privacy of children and all users of our educational math and reading application. This policy describes what information we collect, how we use it, and the choices available to parents, guardians, and school administrators.

Information We Collect

Account Information

Users may sign in with Google or Apple to enable cloud sync and classroom features. When signed in, we receive their name and email address as provided by the sign-in provider. Users may also use the app anonymously without signing in — in anonymous mode, data is stored locally in the browser and is not transmitted to any server.

Educational Progress Data

We collect information about a student’s learning activity, including grade level, math skills practiced, questions answered, accuracy rates, stars earned, and assessment results. Math assessment data includes per-domain proficiency across 4 math domains, math placement level (grade equivalent), per-domain grade-level placement, assessment response times (for rush detection), testing window history, and reliability metrics. Reading assessment data includes reading level (across Fountas & Pinnell, Lexile, DRA, and Grade Equivalent systems), per-skill reading proficiency across 16 skill areas, assessment response times, and testing window history. For signed-in users, this data is synced to our cloud database (Google Firebase Firestore) to enable cross-device access and classroom features. For anonymous users, this data is stored only in browser localStorage.

Reading Activity Data

We collect information about a student’s reading activity, including current book selection, library browsing history, and reading tool annotations (highlights and notes). For signed-in users, this data is synced to the cloud. For anonymous users, it remains in browser localStorage only.

Profile Customization

Users create a display name (max 20 characters), select a US state, and customize a potato character. Multiple profiles can be created under a single sign-in for family use, each with their own progress and character. Optional 4-digit PINs (stored as SHA-256 hashes) protect individual profiles. For signed-in users, this data is synced to the cloud. For anonymous users, it remains in browser localStorage only.

Language Preference

Users may select from 11 supported languages (English, Spanish, Chinese, Arabic, Vietnamese, Ukrainian, Portuguese, French, Hindi, Korean, Japanese). This preference is stored per profile to personalize the interface and AI voice assistant language.

Information We Do NOT Collect

We do not collect precise geolocation, photos, contacts, browsing history, device identifiers for advertising, or biometric information. We do not use cookies or tracking pixels. We do not allow third-party advertising. Text input fields include automatic on-device filtering to prevent entry of email addresses, phone numbers, and other personally identifiable information.

How We Use Information

• To provide and personalize the educational experience across math and reading
• To track learning progress aligned with Virginia Standards of Learning (math) and the Science of Reading research framework (reading)
• To compute math placement levels and reading levels with estimated percentile rankings against preliminary grade-level norms
• To detect potential rushing behavior during math and reading assessments (using response time data) to ensure assessment validity
• To compute measurement quality metrics (split-half reliability, KR-21) for assessment validity reporting
• To enable classroom features where teachers can view student progress, math domain proficiency, reading levels, and growth data
• To generate age-appropriate text-to-speech audio in 11 languages for accessibility
• To provide AI voice guidance through our assistant, AiPa
• To sync progress across devices when signed in
• To support multiple student profiles under a single family sign-in

Reading Assessment Data

Reading assessment data is collected up to three times per school year during designated testing windows (Fall, Winter, Spring). This data includes:

• Reading level results across four measurement systems (Fountas & Pinnell, Lexile, DRA, Grade Equivalent)
• Per-skill proficiency scores across 16 reading skill areas based on the Science of Reading Big Five framework
• Assessment response times (used solely for rush detection to ensure assessment validity — not for behavioral profiling)
• Growth data comparing results across testing windows

Teachers in classrooms can view their students’ reading assessment results, including rush detection indicators, and may initiate retakes of specific skill areas where rushing was detected. Reading tool annotations (highlights, notes) are stored per-profile and per-book, and are not shared externally.

Math Assessment Data

Math assessment data is collected up to three times per school year during designated testing windows (Fall, Winter, Spring). This data includes:

• Per-domain proficiency across 4 math domains (Number & Number Sense, Computation & Estimation, Measurement & Geometry, Probability & Statistics) with independent grade-level placement per domain
• Overall math placement level (grade equivalent) with estimated percentile ranking against preliminary norms
• Assessment response times (used solely for rush detection to ensure assessment validity — not for behavioral profiling)
• Measurement quality metrics (split-half reliability, KR-21 reliability estimate) computed per assessment
• Growth data comparing results across testing windows

Teachers in classrooms can view their students’ math assessment results, including per-domain proficiency levels and rush detection indicators.

Anonymized Assessment Analytics

When a student completes a math or reading assessment, an anonymized data record is stored in our database for the purpose of building empirical percentile norms. This record contains enrolled grade level, assessed level, per-domain scores, whether rushing was detected, and per-item correctness with pre-calibrated difficulty estimates.

This data contains no student names, email addresses, account identifiers, or any personally identifiable information. It cannot be linked back to any individual student. It is used solely to improve the accuracy of percentile rankings and assessment quality over time.

Payment Information

Potato Class offers optional one-time purchases (Teacher Pro upgrade, Potato Pass cosmetics). We do not collect, store, or have access to credit card numbers, bank account details, or payment credentials.

Payments are processed by Stripe via a secure Cloudflare Worker proxy. All payment information is handled by Stripe — we receive only a session confirmation. No financial data touches our servers.

Purchase status is stored in our database and linked to the user’s signed-in account. Purchases are shared across all profiles under the same sign-in. No financial details are stored by Growing Standard LLC.

Third-Party Services

Google Firebase (Authentication + Firestore)

We use Firebase Authentication for sign-in (Google and Apple) and Firestore for cloud data storage. Firebase is certified under SOC 1, SOC 2, and SOC 3. Data is encrypted in transit and at rest.

Cloudflare (Workers + DNS)

We use Cloudflare Workers as a secure proxy for API calls, including text-to-speech and payment processing. Cloudflare does not store request content beyond immediate processing.

OpenAI (via Cloudflare Workers)

We use OpenAI’s text-to-speech API (model: gpt-4o-mini-tts) to convert pre-authored text into spoken audio for our AI assistant, AiPa. This is a speech synthesis service — it reads aloud the exact text provided and does not generate, interpret, or respond to content. Each request sends developer-written educational text (math questions, reading prompts, and help content) along with a short voice-style instruction that controls AiPa’s tone (e.g., age-appropriate warmth). No student-generated content is sent. No student names, emails, or personally identifiable information is transmitted. All requests are routed through our Cloudflare Worker proxy. Responses are cached so repeated phrases do not generate additional API calls. OpenAI’s API data is not used to train models (per OpenAI’s API data usage policy).

Stripe (via Cloudflare Workers)

The web app uses Stripe for payment processing, routed through our Cloudflare Worker proxy. All payment information is handled by Stripe. We receive only a session confirmation — no financial data touches our servers.

Vercel

The web app is hosted on Vercel for static file serving and CDN. Vercel serves application files and performs no user data processing. No analytics, tracking, or advertising services are used.

We do not sell, rent, or share personal information with any third party for marketing, advertising, or profiling purposes.

Children’s Privacy (COPPA Compliance)

Potato Class is designed for children in grades K through high school. We comply with the Children’s Online Privacy Protection Act (COPPA).

• We collect only the minimum information necessary for the educational service
• Schools may consent on behalf of parents for educational use, as permitted under COPPA
• We do not condition participation on disclosure of unnecessary personal information
• Parents may review, request deletion of, and refuse further collection of their child’s data
• We do not engage in behavioral or targeted advertising directed at children
• Our AI assistant (AiPa) uses text-to-speech only — all spoken content is pre-authored by the developer. No student-generated text is sent to any external service. Speech is synthesized via OpenAI’s text-to-speech API, routed through our Cloudflare Worker proxy. This is a speech synthesis service that reads aloud the exact text provided — it does not generate, interpret, or respond to content.
• Text input fields include automatic on-device filtering to prevent entry of personally identifiable information.
• Profile PINs are stored as SHA-256 hashes — the actual PIN digits are never stored or transmitted.
• Math and reading assessment response times are used solely for academic integrity purposes (rush detection) and are not used for behavioral tracking or profiling.
• Anonymized assessment analytics contain no personally identifiable information and cannot be linked to individual students.
• The application collects no information regulated under COPPA when used anonymously. When signed in, the same educational data protections apply.

Data Security

• All data transmitted over HTTPS (TLS 1.2+)
• API keys stored server-side in encrypted secrets, never on device
• Firestore data encrypted at rest using AES-256
• Authentication via Google and Apple OAuth 2.0 protocols
• Profile PINs hashed with SHA-256 before storage
• Web app anonymous data stored in browser localStorage (domain-scoped, inaccessible to other sites); signed-in data stored in Firestore
• Reading assessment mid-test save data stored in the same secure profile storage and automatically cleared upon assessment completion
• Regular security practice reviews

Compliance & Certifications

Potato Class is built to meet the data privacy standards required by schools, districts, and families. We comply with or align to the following regulations and frameworks:

• COPPA(Children’s Online Privacy Protection Act) — We collect only the minimum data necessary for the educational service. No advertising, no tracking, no data sales. Parents retain full rights to review, delete, and control their child’s data. Schools may consent on behalf of parents for educational use.
• FERPA(Family Educational Rights and Privacy Act) — Student education records are protected. Parents and eligible students have the right to inspect, request correction of, and request deletion of educational records. Schools acting as the parent’s agent for COPPA consent are responsible for notifying parents. We will enter into data privacy agreements with schools upon request.
• Student Data Privacy Consortium— Our practices align with the Student Data Privacy Consortium principles: data minimization, purpose limitation, no secondary use, no advertising, transparent data practices, and providing data portability (export and deletion).
• SOC 1/2/3 Certified Infrastructure— Student data is stored in Google Firebase (Firestore), which holds SOC 1, SOC 2, and SOC 3 certifications. All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

For data privacy agreements, compliance documentation, or district onboarding, contact privacy@potatoclass.com.

Data Retention and Deletion

Self-service deletion:Users can delete all their progress data directly from the app at any time via Settings → Data → “Delete All Progress Data.” This removes all progress, stars, accessories, and assessment data from the active account on both the device and cloud storage (if signed in). Deleted data is retained in a recovery state for 30 days, during which users can restore their progress via Settings → Data → “Restore Progress.” After 30 days, the data is permanently and irreversibly deleted from all systems.

Signed-in users: Educational progress data (including math progress, math assessment history, reading levels, reading assessment history, and reading tool annotations) is retained while the account is active. Anonymized assessment analytics (containing no PII) are retained indefinitely for norm development. Users or parents may also request deletion of all personal data by contacting us. Verified deletion requests are fulfilled within 30 days. Schools may request bulk deletion when students leave the district or when use of Potato Class ends.

Anonymous web users: All data is stored locally in the browser and can be cleared by the user at any time by clearing browser data or using the in-app delete option. No server-side data exists to delete for anonymous users.

Parental Rights (FERPA Compliance)

For students using Potato Class through a school, the school acts as the parent’s agent for consenting to data collection under COPPA. Parents retain all FERPA rights: to inspect and review educational records, request corrections, and request deletion. Contact your child’s school or contact us directly to exercise these rights.

Changes to This Policy

We may update this policy from time to time. Changes will be posted in the app and at potatoclass.com/privacy. Material changes to how we handle children’s data will include prominent notice and any required consent.

Contact Us

If you have questions about this policy or wish to exercise your data rights, contact:

Growing Standard LLC
Email: privacy@potatoclass.com
Website: potatoclass.com