Privacy Policy

Last Updated: February 2026

1. Introduction

Arcline, Inc. (“Arcline,” “we,” “us,” or “our”) provides an AI-powered data analytics platform designed for K-12 school districts. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our platform and services (collectively, the “Service”).

This policy applies to all users of the Service, including district administrators, school personnel, and any other authorized users. We are committed to protecting student privacy and complying with all applicable federal and state privacy laws, including FERPA and COPPA.

2. Information We Collect

We collect the following categories of information:

Account Information. When district personnel register for the Service, we collect names, email addresses, job titles, and district affiliation.

District Data. Through integrations with Student Information Systems (SIS), assessment platforms, and other district-authorized sources, we process student records and educational data at the direction of the school district. This data may include student demographics, enrollment records, assessment scores, attendance data, and other education records as defined by FERPA.

Usage Data. We collect information about how authorized users interact with the Service, including pages visited, features used, queries submitted, and session duration.

Cookies and Similar Technologies. We use strictly necessary cookies to maintain session state and authentication. We do not use third-party advertising or tracking cookies.

3. How We Use Information

We use collected information for the following purposes:

  • Operating and delivering the Service to districts
  • Generating analytics, reports, and insights at the direction of the district
  • Providing technical support and responding to inquiries
  • Improving the Service, including performance, reliability, and security
  • Complying with legal obligations

We never use district data or student information for advertising purposes. We never sell data to third parties.

4. Student Data & FERPA Compliance

Arcline acts as a “school official” with a “legitimate educational interest” under the Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g. Our access to student education records is governed by our agreements with each school district.

  • Student data is used solely at the direction of the contracting school district.
  • We do not use student data for targeted advertising or any commercial purpose unrelated to the Service.
  • Districts retain full ownership and control over all student data at all times.
  • We do not disclose student data to any third party except as directed by the district or as required by law.

5. COPPA Compliance

The Children's Online Privacy Protection Act (COPPA) applies to the online collection of personal information from children under 13. Arcline does not knowingly collect personal information directly from children under 13 outside of the school context authorized under FERPA. When student data of children under 13 is processed through the Service, it is done solely at the direction of and with the consent of the school district, which acts as the agent of the parent for COPPA purposes.

6. Data Sharing

We share data only in the following limited circumstances:

  • With the district that owns the data, including authorized district personnel.
  • With sub-processors necessary for service delivery, including cloud infrastructure providers (AWS) and authentication providers. All sub-processors are contractually bound to equivalent data protection obligations.
  • As required by law, such as in response to a valid subpoena, court order, or government request.

We never sell, rent, or trade personal information or student data to any third party.

7. Data Security

We implement rigorous technical and organizational measures to protect data, including:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • SOC 2 Type II audit currently in progress
  • Regular penetration testing by third-party security firms
  • Role-based access controls ensuring personnel access only the data necessary for their function
  • Isolated tenant environments preventing cross-district data access

8. Data Retention & Deletion

We retain district data only for the duration of the active service agreement with the school district. Upon termination or expiration of the agreement, or upon written request from the district, we will delete all district data within 30 calendar days. Districts may request data export in a standard machine-readable format prior to deletion.

9. Your Rights

Authorized district personnel and, where applicable, parents and eligible students (through the district) have the following rights:

  • Access — Request a copy of the data we process on behalf of the district.
  • Correction — Request correction of inaccurate data.
  • Deletion — Request deletion of data in accordance with applicable law.
  • Data Portability — Request data in a standard machine-readable format.

To exercise any of these rights, please contact us at privacy@arcline.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify affected school districts at least 30 days in advance of the changes taking effect. We encourage districts to review this policy periodically. Continued use of the Service after changes become effective constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Arcline, Inc.
San Francisco, CA
privacy@arcline.com