TeachersPlan
Get Started Free
Trust Center · For school & district leaders

Private by design — because the safest student data is the data we never collect.

TeachersPlan is a planning tool for teachers. It turns your state's published standards into ready-to-teach materials. It is not a student information system, a gradebook, or a roster — and it is built so an administrator can verify that in minutes.

Questions for evaluation? Email [email protected]. A Data Processing Agreement (DPA) is available on request.

No student data, by design

We deliberately removed the photo-grader from the product. There is no student roster, no gradebook, no student accounts, and no student PII collected or stored on our servers. If you type class names to label a set of materials, those names stay local to your device — they are never sent to or stored by TeachersPlan. The cleanest way to protect student data is to never hold it, and that is the posture we chose.

What this means for your school

The guarantees that matter to an administrator

Every claim below is literally true of the product we ship today.

Teacher-only — no student accounts

Only teachers create accounts. There are no student logins and no student-facing app. Because we collect no information from or about children, TeachersPlan carries no COPPA exposure — there is simply no child data to govern.

Encryption

Encrypted in transit (TLS) and at rest. Our database (Cloudflare D1) is encrypted at rest, and Google account tokens are additionally encrypted at the application layer with AES-GCM.

Never sold. Never used to train models.

We never sell your data and we never use it for advertising. Generation runs on Cloudflare Workers AI; our AI provider (Cloudflare Workers AI) does not train on your inputs. We do not sell your data or use your content to train any model we operate.

Data minimization

We store your email address, the materials you generate, and — only if you opt in — your school name and display name. That's it. No tracking across other sites, no advertising profiles.

Our encryption posture, stated plainly: Encrypted in transit (TLS) and at rest. Our database (Cloudflare D1) is encrypted at rest, and Google account tokens are additionally encrypted at the application layer with AES-GCM.
Control

Your data, your control

Teachers own their data and can take it or remove it at any time, with no email ticket required.

Export anytime

Download your account data whenever you want via your account's export endpoint (GET /api/account/export). Your materials are yours to keep.

Delete anytime

Delete your account and all associated data at any time from the Account drawer → Delete. This aligns with the FERPA "right to delete": you can remove your record entirely, on your own.

Compliance posture

FERPA & SOPIPA — aligned by collecting nothing

We align with student-privacy law the cleanest way possible: by not collecting student PII at all.

Because TeachersPlan never collects or stores student personally identifiable information, we are not a "school official" holding education records under FERPA, and there are no student records for us to mishandle. The same minimization posture aligns us with SOPIPA-style state student-privacy laws: there is no student data to sell, profile, or target. We pair this with the export and delete controls above so a teacher can satisfy a FERPA-style "right to delete" themselves.
Who touches your data

Subprocessors

A short, honest list — and most of these only act with your explicit consent.

ProviderWhat it doesNotes
CloudflareHosting, database (D1), and AI generation (Workers AI).Core infrastructure for the whole service.
GoogleOptional export to Google Drive / Docs / Slides (and Calendar where you connect it).Only when you connect Google and choose to export. We request the drive.file scope — per-file access to files you create with TeachersPlan, not access to your whole Drive.
ResendTransactional email — sign-in codes and materials you choose to email.No marketing email; transactional only.
Infrastructure

Built on certified infrastructure

TeachersPlan is hosted on Cloudflare, which maintains SOC 2 Type II and ISO 27001 certifications. To be precise: these certifications belong to Cloudflare as our hosting provider — TeachersPlan does not claim to hold its own SOC 2 or ISO 27001 certification. We benefit from the security controls of the platform we build on, and we say so honestly.

Talk to us — and tell us if you find something

Administrators evaluating TeachersPlan can request a Data Processing Agreement (DPA) and ask any security question at [email protected].

Responsible disclosure: if you're a researcher and you find a vulnerability, email [email protected]. We don't pursue good-faith security research.

Request a DPA Read the Privacy Policy