Privacy Policy

Effective date: TODO_LEGAL: effective date of first published version.

This policy explains how Tembii, operated by TODO_LEGAL: legal entity name and registered address, collects, uses, shares, and protects your personal data. If anything here is unclear, email TODO_LEGAL: contact email for privacy inquiries.

1. Who this policy is for

Tembii is built for teachers. Our only account holders are adult educators. Children interact with Tembii only by watching a teacher’s screen during a classroom activity; the app receives no input from students and creates no student accounts.

2. What we collect

  • Account data: email, display name, hashed password (email sign-up), and OAuth provider id (Google sign-in).
  • Lesson uploads: the text, PDFs, or other source material you paste or upload to generate questions.
  • Generated content: the questions, answer keys, and game configurations we produce from your uploads.
  • Usage and operational logs: timestamps, request metadata, feature usage, and the model used for each generation.
  • Billing metadata: plan, renewal date, and a reference id from our payment processor. We do not store full card numbers ourselves.
  • Error telemetry: stack traces and request identifiers. Personal fields are stripped before events leave our servers.

3. Children and students

Tembii does not knowingly collect personal information from children. Students are not users of the service — they see only what the teacher shares on a classroom screen.

Teachers must not paste student personally identifiable information (full names, photographs, contact details, or grades tied to an identifiable child) into lesson uploads. If you inadvertently do, delete the upload from your dashboard and email TODO_LEGAL: contact email for privacy inquiries so we can purge any remaining copies.

4. How we use your data

  • to authenticate you and run your account;
  • to generate questions from your lesson uploads using an AI sub-processor (see below);
  • to operate, secure, debug, and improve the service;
  • to bill you, if you are on a paid plan;
  • to comply with legal obligations and to enforce our Terms of Service.

We do not sell your personal data. We do not use your lesson uploads or generated questions to train third-party AI models, and we do not permit our sub-processors to do so with your content.

5. Sub-processors

We rely on the following service providers to operate Tembii. Each receives only the data necessary for its role.

  • Anthropic — processes your lesson upload text to generate questions. Your text is sent to the Claude API at the moment you click “Generate.”
  • Vercel — hosts the web application and serves it from a global edge network.
  • Neon — hosts the Postgres database where your account and generated content are stored.
  • Cloudflare R2 — stores uploaded files (for example, PDFs) and static assets.
  • Stripe (planned — not yet processing data) — will handle subscription billing once paid plans launch.
  • Email provider (planned — not yet processing data) — will deliver transactional emails such as sign-in links and deletion confirmations.
  • Sentry (planned — not yet processing data) — will receive error telemetry with personal fields stripped before events leave our servers.

We will update this list before adding any new sub-processor with access to personal data. See “Changes to this policy” below for how we notify you.

6. Retention

We keep your account data and generated content for as long as your account is active. If you delete your account, we move it to a seven-day soft-delete window during which you can cancel the deletion by contacting us. After seven days we permanently delete your data from live systems. Backups roll off within an additional thirty days.

Operational logs and error telemetry are retained for up to ninety days, then purged or aggregated beyond recognition.

7. Your rights

Regardless of where you are, you can exercise the following rights over your personal data at Tembii:

  • Access and portability: download a structured JSON copy of your data from the export tool at /app/account.
  • Correction: update your name, email, and profile from your settings page.
  • Deletion: request account deletion from /app/account. A seven-day grace period applies so you can reverse accidental deletions.
  • Marketing opt-out: Tembii does not currently send marketing emails. If that changes, every marketing email will include a clear unsubscribe link and unsubscribing will be honored immediately.
  • Objection and restriction: contact us at TODO_LEGAL: contact email for privacy inquiries to object to or restrict specific processing activities.

We acknowledge and honor rights under the EU General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK-GDPR), and the California Consumer Privacy Act as amended by the CPRA (CCPA/CPRA). If you believe we have mishandled your data you may also lodge a complaint with your local data protection authority.

8. International transfers

Our sub-processors may process data in the United States and the European Union. Where required we rely on Standard Contractual Clauses or an equivalent lawful transfer mechanism with each sub-processor.

9. Security

We use industry-standard measures to protect your data, including TLS in transit, encrypted storage at rest, scoped API credentials, and the principle of least privilege for internal access. If we discover a breach affecting your data we will notify you without undue delay in line with GDPR and other applicable laws.

10. Changes to this policy

When this policy changes we will update the effective date at the top of this page. For material changes we will also notify you by email or an in-product notice at least 14 days before the changes take effect.

11. Contact

Reach us about anything in this policy at TODO_LEGAL: contact email for privacy inquiries, or by post to TODO_LEGAL: legal entity name and registered address.

Privacy Policy | Tembii