Privacy Policy

1. Who we are

PLATO is an AI-powered learning companion provided through your school or university. Your institution is responsible for your education records: it is the data controller under UK GDPR and the controlling institution under FERPA (the US Family Educational Rights and Privacy Act). Your institution decides what data is collected and why, and is responsible for the lawful basis for that processing (for a university this is usually public task or legitimate interests).

PLATO acts as the data processor under UK GDPR and a school officialwith a legitimate educational interest under FERPA. We process your data only on your institution's documented instructions, under the terms of our agreement with your institution (including a Data Processing Agreement where one is required), and not for our own separate purposes. PLATO does not sell your personal data and does not use it for advertising.

2. What data we collect

We collect and process the following categories of data:

• Account information: name, email address, university affiliation, role (student or educator), and course enrolments
• Chat interactions: the questions you ask and responses you receive from the AI assistant
• Learning analytics: classification of your questions (topic, cognitive depth, confidence level) to support your learning and help educators understand class-wide trends
• Check-in responses: your answers to weekly check-in questions and any self-reported confidence ratings
• Uploaded content: files, notes, and images you upload to PLATO (for example lecture notes or a photo of a problem), which may be processed to give you feedback or, at your direction, shared with a study group
• Group activity: messages and materials you share in PLATO study groups
• Usage data: timestamps, session duration, and feature interactions

3. How we use your data

Your data is used to:

• Provide AI-assisted learning responses to your questions
• Classify your questions to tailor the learning support you receive
• Generate aggregated, anonymised analytics for educators to understand class-wide learning patterns and areas of difficulty
• Operate, maintain, and secure the service

4. AI classification and automated processing

PLATO uses AI to automatically classify your questions. This includes detecting:

• Question type: whether you are asking a conceptual question, requesting a direct solution, debugging a problem, or following up on a previous response
• Subject and concepts: the topic area and specific concepts your question relates to
• Cognitive depth: the level of thinking involved (based on Bloom's Taxonomy), from recalling facts to creating original work
• Confidence signal: whether you appear confident, uncertain, or struggling, so that support can be tailored appropriately

These classifications inform your learning support and the aggregate insights educators see. They do not, by themselves, make any decision that has a legal or similarly significant effect on you. PLATO does not use them to grade you or to affect your academic standing, and you can ask your institution for human review of any classification.

5. How educators see your data

Educators on your course can see aggregated, class-wide trends such as:

• Which topics students are asking about most
• Common areas of confusion or difficulty
• Whether students are engaging at deeper levels of thinking
• How students are engaging with the learning support PLATO offers

Educators may also see individual interaction summaries for students in their courses to provide targeted support. They cannot see interactions from courses they do not teach.

If you take part in a PLATO study group, the messages and materials you share there are visible to the other members of that group.

6. Third-party AI providers and subprocessors

To generate responses, your questions, along with any images you share, are sent to third-party AI model providers (such as Google, Anthropic, OpenAI, or NVIDIA). PLATO routes these requests through OpenRouter, an AI gateway that forwards each request to a selected model provider on PLATO's behalf; the specific provider can vary from request to request. PLATO (not your institution) selects which models and routing settings are used. We also use Supabase to host the application database and to manage sign-in.

• These providers process your data only to provide their part of the service.
• We choose providers and routing settings with the goal of preventing your data from being used to train AI models and limiting how long providers keep it.
• These providers may process data in the United States or other countries. Where data is transferred outside the UK or EEA, your institution (as controller) is responsible for ensuring an appropriate transfer mechanism is in place, such as the UK International Data Transfer Agreement, Standard Contractual Clauses, or an adequacy decision, and PLATO will support that.

If we add or change a subprocessor in a way that materially affects your data, we will let your institution know.

7. Data retention

PLATO keeps your data for as long as your institution needs it to provide the service, according to the retention period your institution sets. Your institution can ask us to return or delete the data at any time, for example when it stops using PLATO, and we will act on those instructions. You can also ask to delete your own data (see section 8); because your institution controls your education records, some deletion requests are handled together with your institution.

8. Your rights

Depending on where you are, your rights are protected by FERPA (US) and/or UK GDPR. These include the right to:

• Access / inspect: request a copy of, or review, your personal data and education records
• Rectification: correct inaccurate data
• Erasure: request deletion of your data (UK GDPR)
• Data portability: receive your data in a machine-readable format
• Object: object to processing based on legitimate interests (UK GDPR)
• Human review: request human review of automated classifications

Under FERPA, you (or, for younger students, your parent or guardian) may also inspect and request correction of your education records through your institution.

Because your institution is the data controller, you usually exercise these rights through your institution, and PLATO will help it respond. You can also use the data tools in your PLATO settings. UK GDPR generally requires a response within one month, and FERPA within 45 days.

If you are in the UK or EEA and believe your data has been mishandled, you also have the right to complain to the UK Information Commissioner's Office (ICO) or your local data protection authority.

9. Cookies

PLATO uses essential cookies to keep you signed in and to keep the service secure. We do not use advertising or third-party tracking cookies.

10. Data security

We protect your data with encryption in transit (HTTPS/TLS) and encryption at rest. Access to student data is restricted using role-based access controls enforced at the database (row-level security) and is limited to authorised educators and PLATO administrators.

If we become aware of a security incident affecting your personal data, we will inform your institution without undue delay so it can meet its obligations to you.

11. Children's data

PLATO is intended for use in higher and further education. Where students under 18 use it, additional protections apply, including the UK ICO Age Appropriate Design Code and, in the US, FERPA (and the Children's Online Privacy Protection Act where it applies to children under 13). PLATO applies data minimisation and does not use student data for profiling beyond educational support.

12. Changes to this notice

We may update this notice from time to time. When we make a material change, we will update the date below and inform your institution. Significant changes to how your data is processed are made together with your institution as the controller.

13. Contact

For privacy questions, contact your institution's Data Protection Officer or privacy office, or email PLATO at learnwithplato@gmail.com.