Privacy notice
What ClassroomLens collects, what it doesn't, where everything lives, and how long it stays there.
Last updated: 6 June 2026 · Effective: immediately on use · Aligned with UAE PDPL (Federal Decree-Law No. 45 of 2021) and EU GDPR principles
The short version. By default, your teacher and student observation data stays on the device you're using it on, and our server never sees it. Our licence server holds only what's needed to verify your licence and enforce the device cap: a one-way reference to your licence key, a one-way device identifier, your IP address, and timestamps. If you switch on optional cross-device sync (off by default), an encrypted copy of your observation data is stored against your licence so your other licensed devices can open the same picture — you choose this, only devices on your licence can read it, and you can delete it anytime. We never sell or share anything.
1. What stays on your device by default
By default — with cross-device sync switched off — ClassroomLens does not transmit any of the following to our servers; it all lives only on the device you're using:
- Teacher names, ratings, or observer comments from your sheet
- Student names or any student-level data in your sheet
- Lesson observation notes, plans, or coaching content
- Your school's name, logo, branding, goals, action plans, or evidence-vault entries
- Any spreadsheet content you upload, type, or paste into the app
- Backup or export files you download from the app (those always stay on your device)
With sync off, we never see this data and there is no server-side copy of it. If you switch on optional cross-device sync, your observation data and the workspace items above (goals, actions, evidence links and branding) are stored as an encrypted copy against your licence so your other devices can read them — exports and backups always stay local, and you can delete the cloud copy anytime (see section 4).
2. What our licence server receives
When you activate a licence — and on periodic re-checks while the app is in use — the app sends our licence server a small set of technical data so we can verify the licence and enforce the device cap on it:
- A one-way cryptographic reference to your licence key (the original key cannot be reconstructed from it)
- A one-way technical identifier of the device, used only to enforce the per-licence device cap
- Activation timestamp and most-recent verification timestamp
- Your IP address, used for abuse detection and to satisfy security logging requirements
- The app version you're running
- The web domain the app is loaded from
This information is held only for as long as your licence is active, plus a limited audit period afterward. It is held under our account on the infrastructure listed in our sub-processors section below.
3. Transactional emails we send
We send a small number of operational emails to our own founder — not to schools — covering:
- Administrative sign-in notifications when the admin dashboard is accessed
- Notifications when new devices activate or when a device is rejected because the cap is reached
- A daily summary of administrative activity
These are operational alerts that help us monitor the service. They are not marketing emails to schools. We do not maintain a marketing subscriber list and we do not send promotional messages.
4. Where your observation data lives
The app's working state — your uploaded sheet, branding, goals, action items, evidence vault links, coaching plans, custom mappings, and reconciliation history — is stored on the device you're using, using your browser's built-in local storage. This means:
- Closing your browser does not delete it.
- By default, switching devices means starting fresh (or restoring from a backup file you've exported).
- Clearing your browser's site data will delete the local copy.
- You can export everything to a single file from Settings → Export, and re-import it the same way.
Optional cross-device sync (off by default). If you turn it on in Settings → Cross-device sync, an encrypted copy of your observation data is stored against your licence on our infrastructure, so your other licensed devices can open the same picture. Only devices activated on your licence can read it. We keep up to 8 recent snapshots; older ones are automatically removed. You can turn sync off and delete the cloud copy at any time from the same Settings panel (Delete cloud copy), or request a full erasure (section 8). With sync off, we hold no copy.
5. Data retention schedule
How long each category of data is held:
| Data | Where | Retention |
|---|---|---|
| Your observation data, goals, actions, evidence, mappings, branding | Your device (always) | Indefinite (until you delete or clear browser data) |
| Cloud copy of the above — only if you enable cross-device sync | Our infrastructure | Up to 8 recent snapshots; oldest auto-removed. Deleted when you turn sync off and delete, or on an erasure request |
| Soft-deleted items pending recovery | Your device only | Short recovery window, then permanently removed |
| Licence activation record + technical identifiers | Our infrastructure | Lifetime of licence + a limited audit period |
| Administrative audit log | Our infrastructure | Several months, then automatically purged |
| Short-lived operational counters (rate limits, notification dedupe) | Our infrastructure | Minutes to hours, then automatically expired |
| Disaster-recovery snapshots of licence records | Our infrastructure | A limited number of recent snapshots, oldest auto-purged |
| Transactional email delivery records | Email sub-processor | Per the sub-processor's policy |
If you need precise retention figures for a specific compliance audit, email our team and we'll share the specific values under NDA.
6. Cookies and tracking
The public landing pages and this privacy notice use no cookies, no analytics scripts, no Google Analytics, no advertising trackers, no third-party fingerprinting beyond what the licence-activation flow described above requires.
The administrative dashboard (used only by ClassroomLens staff) sets a short-lived authentication cookie scoped to its own URL. That cookie is never set on, or sent from, school-facing pages.
7. Sub-processors
We use a small number of established service providers to deliver ClassroomLens. Each processes a narrow slice of data on our behalf under written terms appropriate to its category:
- Infrastructure provider — hosts the licence verification server, stores the licence records, hosts the public website and app, stores disaster-recovery snapshots, and (only if you enable cross-device sync) stores the encrypted cloud copy of your observation data.
- Transactional email provider — delivers the operational emails listed in section 3.
We engage no other categories of sub-processor — no analytics, no error tracking, no CRM, no marketing tooling, no advertising. If we add a sub-processor category in the future, this list is updated and the "Last updated" date at the top changes.
The current identity of each provider, alongside its privacy policy, certifications and standard contractual clauses, is shared with school IT and procurement teams under NDA on request as part of a security review or DPA process — email our team to receive it.
8. Your rights under UAE PDPL and GDPR
Both the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021) and the EU General Data Protection Regulation give you these rights with respect to the small amount of personal data we hold on our licence server:
- Right to know — what data we hold about your licence activations and any administrative actions affecting you
- Right to a copy — receive that data in a structured, machine-readable form (portability)
- Right to correction — fix any inaccurate licence-record fields
- Right to erasure — request deletion of the licence record (subject to legitimate business records retention)
- Right to restrict processing — pause our use of the data while a complaint is investigated
- Right to object — object to specific processing activities
- Right to withdraw consent — terminates the licence and its activation record
- Right to lodge a complaint with the UAE Data Office (for UAE residents) or the supervisory authority in your jurisdiction (for EU residents)
To exercise any of these rights, email our team. We respond to verified requests within 7 working days, and complete them within 30 days for routine requests (60 days maximum for complex ones, with interim communication).
9. Lawful basis for processing
We process the licence-server data described in section 2 on the basis of contractual necessity (we cannot deliver the licensed software without verifying that the licence is valid and within its device cap) and legitimate interests (preventing abuse of the licensing system, which would harm both us and our other school customers). The transactional emails in section 3 are sent on the legitimate-interests basis, to our own founder.
10. Children's data
ClassroomLens is a tool for school leaders and is not directed at children. We do not ask for or use student-level data. By default it stays on the school's device and is never transmitted to us. If a school enables optional cross-device sync, whatever columns its observation sheet contains — including any student-level data the school has chosen to include — would form part of the encrypted cloud copy; we therefore recommend schools keep student-identifiable data out of synced sheets, or leave sync off. Schools remain responsible for any consent or notice required under local law (for example, parental consent under UAE PDPL Article 6) before processing such data with our tool.
11. International transfers
Our infrastructure providers route traffic globally for performance and reliability. UAE PDPL Article 22 permits cross-border transfers of personal data where adequate protection is in place — our sub-processors offer standard contractual clauses and certifications consistent with these requirements. By default, the only personal data transferred is the limited licence-server metadata described in section 2; your observation data is not transferred because it stays on your device. If you enable optional cross-device sync, the encrypted cloud copy of your observation data (section 4) is also stored on this infrastructure under the same protections.
12. Security
We protect the licence-server data with a layered defence including, at minimum:
- HTTPS enforced on every connection to our services
- Multi-factor authentication required for our administrative dashboard
- Rate limiting and automatic lockout on suspicious authentication patterns
- An immutable audit log of every administrative action
- Content security controls limiting what may execute inside our administrative dashboard
- Real-time alerts to our founder on administrative sign-ins from new IP addresses
- Regular reviews of access controls and credential rotation
The specific configurations, key lengths, lockout thresholds, and version pinning are not published here — that information is held internally and shared with school IT teams under NDA on request as part of a security review.
13. Data breach notification
If we become aware of a security incident likely to result in a risk to your rights, we will notify the relevant supervisory authority within 72 hours of becoming aware (UAE Data Office for UAE-based incidents, equivalent EU authority for GDPR-scope incidents). Affected schools will be notified directly and promptly, with a description of the incident, the data categories affected, the likely consequences, and the remedial steps taken.
14. Changes to this notice
If we change this notice, we update the "Last updated" date at the top and post a brief note in the app on next launch. Material changes (for example, new categories of data we'd collect, new sub-processors, or new data uses) require your explicit consent before they take effect for you. Minor edits (wording clarifications, regulatory reference updates) take effect on publication; substantive material changes follow a 30-day consent window.
15. Data Processing Agreement
Schools who need a formal Data Processing Agreement (DPA) for their procurement or compliance records — for example to satisfy UAE PDPL Article 14 or GDPR Article 28 — can request one by emailing our team. We aim to return a signed DPA within 5 working days of a verified request.
16. Security reviews and technical detail
Detailed technical information about our security and data handling architecture — exact retention figures, configuration specifics, dependency inventory, threat model documentation — is provided to school IT and procurement teams under a non-disclosure agreement on request. Email our team to start a security review.
17. Contact
For any privacy question, data subject request, sub-processor enquiry, or concern: email our team. We aim to respond within 2 working days, and complete routine data subject requests within 7 working days.