Privacy Policy

Privacy Policy

Effective date: March 29, 2026

This privacy policy describes how BrailleBuddy by Lonia AI collects, uses, and protects your information when you use our service at braillebuddy.lonia.ai and app.braillebuddy.lonia.ai.

What data we collect

Account information

When you sign in via Google OAuth, we receive your name, email address, and profile photo from Google. We do not receive or store your Google password.

Uploaded documents

Documents you upload for braille conversion are stored in encrypted cloud storage. These may include classroom materials such as worksheets, assignments, and textbook excerpts.

Student data

If you create student profiles or assign materials to students, we store student names and class associations as provided by the teacher or administrator. This data is treated as student education records under FERPA.

Usage data

We collect anonymized usage data including pages visited, features used, and conversion counts. This data is used to improve the product and is not linked to individual student records.

How we use your data

  • To provide the braille translation service
  • To manage classroom assignments and student access
  • To generate audit logs required for FERPA compliance
  • To improve the product based on aggregate usage patterns
  • To communicate with you about your account and service updates

Student data handling

BrailleBuddy is designed to comply with the Family Educational Rights and Privacy Act (FERPA). Student education records are:

  • Encrypted at rest (AES-256) and in transit (TLS 1.3)
  • Accessible only to authorized users within the student's school or district
  • Protected by row-level security policies enforcing tenant isolation
  • Subject to configurable retention policies set by administrators
  • Never shared with third parties for advertising or profiling
  • Auditable — every access and action is logged

Third-party services

BrailleBuddy uses the following third-party services:

  • Supabase: Database hosting and authentication. Receives account information and stores application data.
  • Stripe: Payment processing. Receives billing information for paid subscriptions. We do not store credit card numbers.
  • Google OAuth: Authentication provider. Receives authentication requests and provides account identity.

Each third-party service operates under its own privacy policy and data handling practices.

Data retention

By default, uploaded documents and student data are retained for 365 days from the date of last access. Administrators can configure shorter retention periods. Deleted data is permanently removed from our systems within 30 days of deletion.

Your rights

  • Access: You can request a copy of your data at any time
  • Deletion: You can request deletion of your account and associated data
  • Portability: You can request your data in a standard, machine-readable format
  • Correction: You can request correction of inaccurate data

To exercise any of these rights, contact support@lonia.ai.

Changes to this policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated effective date. Material changes will be communicated via email to account holders.

Contact

For privacy inquiries, data requests, or concerns, contact:

Email: support@lonia.ai

Lonia AI