At REDMARKER, we are committed to protecting your privacy and the privacy of students whose work is processed through our application. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

1. Information We Collect

1.1 Information You Provide

• Account Information: We generate an anonymous token to identify your account. This token is stored locally on your device and used to track your subscription tier and usage.
• Worksheet Images: When you use REDMARKER to check homework, you capture and upload images of math worksheets. These images may contain student names, class information, and handwritten or printed math problems.
• Student Information: Our AI may automatically detect and extract student names and class names from worksheets to help organise your content. This information is stored locally on your device.
• Usage Data: We track the number of worksheets processed, subscription tier, and quota usage to provide our service.

1.2 Information Collected Automatically

• Device Information: We collect your device platform (iOS or Android) to optimise the app experience.
• Usage Statistics: We track how many worksheets you process, accuracy data, and progress information to provide the service and improve our algorithms.

2. How We Use Your Information

We use the information we collect to:

• Provide Our Service: Process worksheet images using AI to validate math problems and identify incorrect answers.
• Organise Content: Automatically organise worksheets by student name and class for easier management.
• Track Progress: Generate progress charts and statistics to help you monitor student improvement over time.
• Manage Subscriptions: Track your subscription tier, usage limits, and credit purchases.
• Improve Our Service: Analyze usage patterns to enhance our AI accuracy and app functionality.
• Customer Support: Respond to your inquiries and provide technical support when needed.

3. Third-Party Services

3.1 OpenAI

We use OpenAI's GPT-4o Vision API to process worksheet images and validate math problems. When you submit a worksheet image, it is sent to OpenAI for analysis. OpenAI's use of your data is governed by their Privacy Policy. We do not share any personal information with OpenAI beyond the worksheet images necessary for processing.

3.2 Data Storage

Worksheet images and processing results are stored locally on your device. We use Upstash Redis to store minimal metadata (subscription tier, usage counts, and credit balances) associated with your anonymous token. We do not store worksheet images or student information on our servers.

4. Children's Privacy

REDMARKER is designed for use by parents, teachers, and tutors to check student homework. While our service processes images that may contain information about children, we:

• Do not knowingly collect personal information directly from children under 13
• Store all worksheet data locally on the user's device
• Use anonymous tokens instead of personal identifiers
• Comply with applicable children's privacy laws, including COPPA

If you are a parent or guardian and believe your child's information has been collected, please contact us immediately at support@redmarker.app.

5. Data Security

We implement appropriate technical and organisational measures to protect your information:

• Local Storage: Worksheet images and student data are stored exclusively on your device, not on our servers.
• Encryption: All data transmitted between your device and our servers is encrypted using industry-standard protocols.
• Anonymous Tokens: We use anonymous tokens instead of personal identifiers to minimize data exposure.
• Access Controls: Our servers are protected with appropriate access controls and security measures.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Data Retention

Local Data: Worksheet images and processing results stored on your device remain there until you delete them using the app's delete functionality.

Server Data: We retain minimal metadata (subscription tier, usage counts, credit balances) associated with your anonymous token for as long as your account is active. If you regenerate your token, the old token's data is no longer associated with your device.

Usage Statistics: Monthly usage statistics are reset each month as part of our quota system. Historical data is not retained on our servers.

7. GDPR and Data Controller Responsibilities

7.1 Joint Controller Relationship

Under the General Data Protection Regulation (GDPR) and similar data protection laws, REDMARKER and you (the user) act as joint controllers with respect to personal data processed through the Service. This means both parties have responsibilities for ensuring compliance with applicable data protection laws.

7.2 REDMARKER's Responsibilities as Data Controller

REDMARKER acts as a data controller for the following aspects of data processing:

• Service Provision: Processing worksheet images through our API and third-party AI services (OpenAI)
• Metadata Storage: Storing subscription tier, usage counts, and credit balances on our servers
• Technical Infrastructure: Operating and maintaining the Service, including data transmission and security measures
• Service Improvement: Analyzing aggregated usage patterns to improve the Service

As a data controller, REDMARKER is responsible for:

• Implementing appropriate technical and organizational security measures
• Ensuring third-party processors (e.g., OpenAI) comply with data protection requirements
• Responding to data subject requests related to data processed on our servers
• Maintaining records of processing activities as required by law

7.3 Your Responsibilities as Data Controller

As a user of the Service, you also act as a data controller because you:

• Determine Processing Purpose: You decide which worksheets to process and for what educational purpose
• Control Data Collection: You choose what images to capture and process through the Service
• Manage Student Data: You process personal data of students (names, class information, academic work) for your own purposes
• Store Data Locally: You control the storage and retention of worksheet images and student information on your device

As a data controller, you are responsible for:

• Obtaining Necessary Consents: If you are a teacher, tutor, or educational institution, you must obtain appropriate consent from parents/guardians or have a legitimate basis for processing student data under applicable laws
• Compliance with Local Laws: Ensuring your use of the Service complies with all applicable data protection laws, including GDPR, COPPA, FERPA, and local educational data privacy regulations
• Data Subject Rights: Responding to requests from data subjects (students, parents, guardians) regarding their personal data that you process
• Data Security: Implementing appropriate security measures to protect data stored on your device
• Data Retention: Determining appropriate retention periods for student data and deleting data when no longer needed
• Data Breach Notification: Notifying relevant authorities and affected individuals if a data breach occurs involving data under your control

7.4 Data Management Features

The Service provides data management features (export, import, deletion) to help you exercise your rights and fulfill your responsibilities as a data controller. These features:

• Enable you to export data for data portability requests (GDPR Article 20)
• Allow you to delete data to fulfill right to erasure requests (GDPR Article 17)
• Help you maintain backups and manage data retention
• Support compliance with data protection requirements

Important: The availability of these features does not transfer GDPR responsibility from you to REDMARKER. You remain responsible for ensuring compliance with applicable data protection laws in your use of the Service.

7.5 Educational Institutions and Schools

If you are using the Service on behalf of a school, educational institution, or organization:

• You must ensure your use complies with all applicable educational data privacy laws (e.g., FERPA in the United States, GDPR in the European Union)
• You may need to enter into a Data Processing Agreement (DPA) with REDMARKER for institutional use
• You are responsible for obtaining necessary consents and maintaining appropriate data processing agreements with parents/guardians
• Contact us at support@redmarker.app to discuss institutional data processing arrangements

8. Your Rights and Choices

You have the following rights regarding your information:

• Access: You can view all data stored locally on your device through the app interface.
• Deletion: You can delete individual worksheets or regenerate your token to reset your account data.
• Export: You can export your data using the app's export functionality to exercise your right to data portability.
• Opt-Out: You can stop using the app at any time. All local data remains on your device until you delete it.
• Rectification: You can manually correct AI processing results through the app's correction features.

Note: If you are processing student data, you must also ensure that data subjects (students, parents, guardians) can exercise their rights under applicable data protection laws. The Service's data management features help you fulfill these obligations.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using REDMARKER, you consent to the transfer of your information to these countries.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: support@redmarker.app
• Response Time: We typically respond within 24 hours