Privacy Policy
Last updated: February 2026
1. Information We Collect
Thalia collects minimal data necessary to provide the tutoring service. When you use our platform, we may collect: your institutional email (used only for authentication), conversation history with the AI tutor, and basic usage analytics. We do not collect unnecessary personal information.
2. How We Protect Your Data
Student identifiers are SHA-256 hashed before storage — we never store raw emails or names in our analytics database. All data is encrypted in transit (TLS) and at rest. Our infrastructure is hosted on secure, SOC 2 compliant providers.
3. FERPA Compliance
Thalia is designed to comply with the Family Educational Rights and Privacy Act (FERPA). We act as a “school official” under FERPA and maintain appropriate agreements with educational institutions. Student education records are protected and never shared with third parties for non-educational purposes.
4. GDPR Compliance
For users in the European Economic Area, we comply with the General Data Protection Regulation (GDPR). You have the right to access, correct, delete, or export your personal data. Contact us at any time to exercise these rights.
5. Data Retention
Conversation data is retained for the duration of the academic term plus a reasonable period for analytics. Institutions can request data deletion at any time. Anonymized, aggregated analytics may be retained longer for service improvement.
6. Third-Party Services
We use OpenAI and Google AI services to power our tutoring agents. Conversation data sent to these services is governed by their respective privacy policies and data processing agreements. We do not sell your data to any third party.
7. Contact
For privacy-related questions or requests, contact us at privacy@thalia.ai.