HiNAIA Privacy Policy 

1. Introduction 

​

HiNAIA Education Technology, Inc. (“HiNAIA,” “we,” “our,” or “us”) is committed to protecting privacy and safeguarding the data entrusted to us. 

​

HiNAIA provides its services primarily to K–12 schools, districts, and educational organizations (“Customers”). In most cases, HiNAIA processes Personal Data, including Student Data, solely at the direction of and on behalf of these Customers. As a result, educational institutions retain primary responsibility for determining how Personal Data is used within their environments. 

 

If you access or use HiNAIA through a school or district, your educational institution’s policies may also apply to your Personal Data. We encourage you to review those policies for additional information. 

​

HiNAIA does not sell Personal Data and does not use Student Data for advertising purposes. 

​

2. Role of HiNAIA 

​

HiNAIA generally acts as a School Service Provider (Data Processor) on behalf of its Customers. In this role, HiNAIA processes Student Data in accordance with Customer instructions, applicable agreements, and governing law, including the Family Educational Rights and Privacy Act (“FERPA”). 

​

​

Customers act as the Data Controllers of Student Data and retain authority over access, use, and disclosure of such data. 

HiNAIA may act as a Data Controller only with respect to limited operational data, such as website inquiries, business contact information, and communications with prospective customers. 

​

3. Information We Collect 

​

HiNAIA collects and processes information that is reasonably necessary to provide, maintain, and improve the Platform. 

This information may include personal identifiers such as a user’s name, email address, institutional role, and account-related information, as well as identifiers associated with integrated systems. 

​

In the course of providing services to Customers, HiNAIA may also process educational and instructional data, including course enrollment information, instructional materials, and education records such as Individualized Education Programs (IEPs), Section 504 Plans, and related documentation. These records are provided by Customers or collected through authorized integrations with learning management systems and similar platforms. 

​

HiNAIA may also collect content submitted by Users within the Platform, including interactions with AI-supported features, feedback, and support communications. In addition, HiNAIA collects usage and technical information, such as platform activity, device and browser information, log data, and system performance metrics, in order to operate and improve the Platform. 

​

Where authorized by a Customer, HiNAIA may receive data from integrated systems, including learning management systems or student information systems. HiNAIA accesses only the information necessary to provide the requested functionality. 

​

4. How We Use Information 

​

HiNAIA processes Personal Data for purposes consistent with providing educational services and supporting the Platform. 

These purposes include delivering, maintaining, and improving the Platform; enabling personalized and accessible learning experiences; supporting instructional use and accommodations; providing customer support; and meeting contractual, legal, and compliance obligations. 

​

HiNAIA processes Personal Data only as necessary for these purposes and in accordance with applicable agreements and law. 

​

5. Data Privacy Framework and Regulatory Alignment 

​

HiNAIA’s data practices are designed to align with applicable laws and regulatory frameworks, including FERPA, the Children’s Online Privacy Protection Act (“COPPA”), the Individuals with Disabilities Education Act (“IDEA”), Section 504 of the Rehabilitation Act, applicable state student privacy laws, the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”), and, where applicable, the General Data Protection Regulation (“GDPR”). 

​

Processing of Student Data is governed by agreements with Customers, including Data Processing Agreements, where applicable. 

​

6. Privacy Commitments 

​

HiNAIA is committed to protecting Personal Data and Student Data through responsible data practices. 

​

HiNAIA does not sell Personal Data and does not use Student Data for advertising purposes. Student Data is processed solely to provide services on behalf of Customers, and Customers retain ownership and control of such data. 

​

HiNAIA applies privacy-by-design and security-by-design principles in the development and operation of its Platform and maintains administrative, technical, and organizational safeguards appropriate to the nature of the data processed. 

​

7. AI and Data Use 

​

HiNAIA includes AI-enabled features designed to support educational use and accessibility. 

​

These features operate within Customer-configured environments and are intended to assist, not replace, educator judgment. Outputs generated by AI systems are informational in nature and may require human review. 

​

HiNAIA does not use Student Data to train generalized, shared, or public AI models. 

​

8. Children’s Privacy 

​

HiNAIA may process Personal Data of children under the age of 13 where a school or district has authorized such processing as the parent’s agent under applicable law, including COPPA. 

​

In such cases, data is used solely to provide educational services as directed by the Customer. Parents and guardians should direct questions regarding Student Data to the applicable educational institution. 

​

9. Student Data Protections 

​

HiNAIA processes Student Data in accordance with applicable education privacy laws and Customer agreements. 

​

Student Data is treated as confidential and is processed solely under Customer direction. Requests to access, correct, or delete Student Data should be directed to the Customer. 

​

10. Data Retention 

​

HiNAIA retains Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including providing services, meeting contractual obligations, and complying with applicable law. 

​

Upon termination of services or upon Customer request, data is handled in accordance with applicable agreements and legal requirements. 

​

11. Security Measures 

​

HiNAIA maintains safeguards designed to protect Personal Data and Student Data, taking into account the sensitivity of the information processed. 

​

These safeguards may include access controls, encryption, secure infrastructure practices, system monitoring, and incident response procedures. While HiNAIA takes reasonable steps to protect data, no system can be guaranteed to be completely secure. 

​

12. Third-Party Service Providers 

​

HiNAIA may engage third-party service providers to support its operations and deliver the Platform. 

​

Such providers are authorized to process data only as necessary to perform services on HiNAIA’s behalf and are subject to contractual obligations designed to protect data and limit its use. 

​

13. User Rights 

​

Where applicable, individuals may have rights under relevant data protection laws, including rights to access, correct, or delete Personal Data. 

​

Requests related to Student Data should be directed to the applicable Customer. Other requests may be submitted to privacy@hinaia.ai, and HiNAIA will respond in accordance with applicable law. 

​

14. California Privacy Rights 

​

California residents may have additional rights under applicable law, including the right to know, correct, or delete Personal Data. 

​

HiNAIA does not sell Personal Data. 

​

15. Changes to This Policy 

​

HiNAIA may update this Privacy Policy from time to time. 

​

Material changes will be communicated as required by applicable law or contract. Continued use of the Platform after updates constitutes acceptance of the revised Policy. 

​

16. Contact Information 

​

HiNAIA Education Technology, Inc. 
2300 Wilson Blvd., Suite 700 
Arlington, VA 22207 

Privacy Contact: privacy@hinaia.ai