Privacy Policy

Last updated: January 2025

1. Information We Collect

nTrack collects information necessary to provide behavior tracking services for K-12 students. This includes:

  • Account information: name, email address, and encrypted password
  • Student information: student name, grade level, and school affiliation
  • Behavior data: daily behavior ratings, comments, and goals submitted by teachers
  • Usage data: login timestamps, notification preferences, and app interactions

2. How We Use Your Information

We use collected information to:

  • Provide and maintain the behavior tracking service
  • Send email notifications and behavior rating reminders
  • Generate behavior reports and analytics for authorized users
  • Improve the service and fix issues

We do not sell, rent, or share personal information with third parties for marketing purposes.

3. FERPA Compliance

nTrack is designed to support compliance with the Family Educational Rights and Privacy Act (FERPA). Student education records are only accessible to authorized users: the student's assigned teachers, parents/guardians, school administrators, and counselors with explicit assignments.

School administrators can export and delete student records at any time through the admin interface. Parents may request access to or deletion of their child's data by contacting their school administrator.

4. Data Security

We implement appropriate security measures to protect your information:

  • Passwords are hashed using bcrypt with salt rounds
  • All data is transmitted over HTTPS
  • Database access is restricted and monitored
  • Session tokens expire after 7 days
  • Rate limiting protects against brute-force attacks

5. Data Retention

We retain student behavior data for the duration of the school's use of nTrack. School administrators may delete individual student records at any time. When a school discontinues use, all associated data will be deleted within 90 days.

6. Email Communications

nTrack sends transactional emails including behavior rating reminders, report notifications, and account-related messages. You can unsubscribe from non-essential emails at any time using the unsubscribe link in any email or through your notification preferences.

7. Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Opt out of non-essential email communications
  • Export your data in a portable format (school admins)

8. Third-Party Services

nTrack uses the following third-party services to operate:

  • Vercel: Application hosting and serverless functions
  • PostgreSQL: Database storage (encrypted at rest)
  • Resend: Transactional email delivery

9. Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at support@ntrack.app.

Back to nTrack · Terms of Service