Privacy Policy
Effective date: June 22, 2026.
This policy explains how Tembii, operated by Jonathan Hicks, collects, uses, shares, and protects your personal data. If anything here is unclear, email privacy@tembii.com.
1. Who this policy is for
Tembii is built for teachers. Our only account holders are adult educators. Children interact with Tembii only by watching a teacher’s screen during a classroom activity; the app receives no input from students and creates no student accounts.
2. What we collect
- Account data: email, display name, hashed password (email sign-up), and OAuth provider id (Google sign-in).
- Lesson uploads: the text, PDFs, or other source material you paste or upload to generate questions.
- Generated content: the questions, answer keys, and game configurations we produce from your uploads.
- Usage and operational logs: timestamps, request metadata, feature usage, and the model used for each generation.
- Billing metadata: plan, renewal date, and a reference id from our payment processor. We do not store full card numbers ourselves.
- Error telemetry: stack traces and request identifiers. Personal fields are stripped before events leave our servers.
3. Children and students
Tembii does not knowingly collect personal information from children. Students are not users of the service — they see only what the teacher shares on a classroom screen.
Teachers must not paste student personally identifiable information (full names, photographs, contact details, or grades tied to an identifiable child) into lesson uploads. If you inadvertently do, delete the upload from your dashboard and emailprivacy@tembii.com so we can purge any remaining copies.
4. How we use your data
- to authenticate you and run your account;
- to generate questions from your lesson uploads using an AI sub-processor (see below);
- to extract text from lesson photos you upload, and to check and generate images, using the providers listed below;
- to operate, secure, debug, and improve the service;
- to bill you, if you are on a paid plan;
- to comply with legal obligations and to enforce our Terms of Service.
We do not sell your personal data. We do not use your lesson uploads or generated questions to train third-party AI models, and we do not permit our sub-processors to do so with your content.
5. Sub-processors
We rely on the following service providers to operate Tembii. Each receives only the data necessary for its role.
- Anthropic — processes your lesson upload text to generate questions. Your text is sent to the Claude API at the moment you click “Generate.”
- OpenRouter — routes some question-generation requests to the underlying AI model. Where used, your lesson text passes through OpenRouter to reach the model.
- Google — when you photograph or upload lesson images, Google’s Gemini and Cloud Vision services extract the text, check the image for unsafe content, and (for picture questions) generate illustrations. Images you upload are processed by Google for these purposes.
- Supabase — provides authentication (account sign-in and identity).
- Neon — hosts the Postgres database where your account and generated content are stored.
- Vercel — hosts the web application and serves it from a global edge network.
- Cloudflare R2 — stores uploaded files (for example, PDFs) and static assets.
- Stripe — handles subscription billing and stores customer and billing identifiers for accounts that have initiated checkout. Stripe customer records are permanently deleted when an account is erased.
- Email provider (planned — not yet processing data) — will deliver transactional emails such as sign-in links and deletion confirmations.
- Sentry (planned — not yet processing data) — will receive error telemetry with personal fields stripped before events leave our servers.
We will update this list before adding any new sub-processor with access to personal data. See “Changes to this policy” below for how we notify you.
6. Retention
We keep your account data and generated content for as long as your account is active. If you delete your account, we move it to a seven-day soft-delete window during which you can cancel the deletion by contacting us. After seven days we permanently delete your data from live systems. Backups roll off within an additional thirty days.
Operational logs and error telemetry are retained for up to ninety days, then purged or aggregated beyond recognition.
7. Your rights
Regardless of where you are, you can exercise the following rights over your personal data at Tembii:
- Access and portability: download a structured JSON copy of your data from the export tool at
/app/account. The export includes your question banks, generated content, and Materials library metadata; raw PDF files are excluded from the export bundle but remain accessible from the Materials tab in your library. - Correction: update your name, email, and profile from your settings page.
- Deletion: request account deletion from
/app/account. A seven-day grace period applies so you can reverse accidental deletions. - Marketing opt-out: Tembii does not currently send marketing emails. If that changes, every marketing email will include a clear unsubscribe link and unsubscribing will be honored immediately.
- Objection and restriction: contact us at privacy@tembii.com to object to or restrict specific processing activities.
We acknowledge and honor rights under the EU General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK-GDPR), and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA). If you believe we have mishandled your data you may also lodge a complaint with your local data protection authority.
8. International transfers
Our sub-processors may process data in the United States and the European Union. Where required we rely on Standard Contractual Clauses or an equivalent lawful transfer mechanism with each sub-processor.
9. Security
We use industry-standard measures to protect your data, including TLS in transit, encrypted storage at rest, scoped API credentials, and the principle of least privilege for internal access. If we discover a breach affecting your data we will notify you without undue delay in line with GDPR and other applicable laws.
10. Changes to this policy
When this policy changes we will update the effective date at the top of this page. For material changes we will also notify you by email or an in-product notice at least 14 days before the changes take effect.
11. Contact
Reach us about anything in this policy at privacy@tembii.com.