Security & Privacy

Built for classrooms. Secured for districts.

Elevate handles sensitive education data every day. Security isn't a feature we added—it's the foundation we built on. From FERPA-compliant student name scrubbing to enterprise-grade encryption, every design decision prioritizes the protection of your district's data.

Our security commitments

FERPA by Design

Student name scrubbing is architectural, not optional. AI-powered scrubbing runs automatically on every transcript—no configuration required.

No AI Training

Your data is never used to train AI models. We use an enterprise AI platform with terms that explicitly prohibit model training on customer data.

Encrypted Everything

Enterprise-grade encryption at rest and in transit. Secure audio streaming. All data hosted on US-based cloud infrastructure.

Role-Based Access

Granular roles with least-privilege access. School-level isolation and multi-tenant district boundaries enforced at the database level.

FERPA compliance is architectural

Elevate is a teacher evaluation tool—student data is incidental to classroom observation and is actively removed.

AI-powered name scrubbing

Student names are automatically identified and replaced with consistent anonymous identifiers across all text—transcript segments, evaluator notes, and post-observation notes.

Over-scrub policy

When the AI is uncertain whether something is a student name, it scrubs it. We prefer false positives over false negatives.

Teacher names preserved

The observed teacher’s name is preserved and never scrubbed, since the observation is about them.

Automatic enforcement

Scrubbing runs automatically on every transcript as part of the processing pipeline. It’s mandatory—not a feature that can be disabled.

How your data flows—and where it doesn't go

Audio is never stored by Elevate. The browser streams audio directly to a speech-to-text service over an encrypted connection. Elevate's servers never receive, buffer, or store the audio stream.

Data Lifecycle

Classroom Audio

Captured by browser microphone

Encrypted Stream

Sent directly to speech-to-text service

Transcript

Generated and stored in encrypted database

FERPA Scrubbing

Student names automatically removed

AI Report Draft

Generated from scrubbed data

Administrator Review

Human approval required

Final Report

Approved and on record

If the connection drops, audio is not recorded locally—an intentional design choice to prevent unsafe local storage.

Your data is never used to train AI

Elevate uses an enterprise AI platform with terms that explicitly prohibit using customer data to train foundation models. This is fundamentally different from consumer AI tools—our platform uses data processing agreements designed for regulated industries.

District data is processed solely to provide the service and is not retained by AI providers beyond the immediate request
All AI-generated content is clearly labeled as suggestions requiring human review
AI never makes final decisions—administrators approve all report content

Infrastructure & encryption

Encryption in transit

All connections use HTTPS/TLS
Audio streams use encrypted WebSocket connections
Secure, server-managed session handling

Encryption at rest

All stored data encrypted with AES-256
Encryption keys managed by cloud provider
Automatic key rotation

US-based hosting

All processing and storage on US-based Google Cloud
No data transferred outside the United States

Platform certifications

SOC 1/2/3 certified infrastructure
ISO 27001, 27017, 27018 compliance
FedRAMP authorized infrastructure

Access controls & authentication

Granular roles with principle-of-least-privilege, enforced at the database level.

Role	Access Level
Tech Admin	System configuration, full data access
HR Director	All observations district-wide, user management
Cabinet	Analytics dashboards only, no individual observations
Principal	All observations at their assigned school
Assistant Principal	Own observations only
Evaluator	Own observations only

School-level data isolation enforced at the database level

Multi-tenant district isolation prevents cross-district access

Immutable audit trail on all observations

Secure, server-managed authentication sessions

Vendors & subprocessors

Full transparency into the services that process your data.

Google Cloud Platform

US-based

Cloud infrastructure, database, and serverless compute

Google Cloud Speech-to-Text

US-based

Speech-to-text processing — audio streamed directly, not stored

Google Vertex AI

US-based

AI processing — enterprise terms, no model training on customer data

No third-party analytics, advertising, or data broker services have access to district data.

Data ownership

Districts own all data generated on the platform
Export options: PDF, plain text, and print-friendly views
Soft delete with recovery before permanent removal
Complete data deletion available on request
Full data export and deletion upon contract termination

Incident response

Dedicated process for identifying, containing, and remediating incidents
District notification within 72 hours of confirmed incidents
Post-incident review and remediation documentation shared with affected districts

Questions about security?

We're happy to provide additional documentation, complete your district's security questionnaire, or walk through our architecture in detail.