Date of issue of this Privacy Policy for Students: 03/01/2026
Last updated: 03/01/2026
Protecting student privacy is foundational to everything we do. Slonig is built to align with FERPA, COPPA, and California Student Privacy expectations, and we follow SOC 2 Type II security principles. Our privacy and security practices are designed to protect student data and support school compliance.
We collect minimal information.
Only what is necessary for students to study effectively.
We use data solely for educational purposes.
Student information is used to provide and improve the service and to support learning. We do not use student personal information for targeted advertising or marketing. We may use de-identified and aggregated results (including study results) to evaluate effectiveness and to communicate outcomes publicly. We may collect in-product usage data (for example, which activities are completed and how the platform performs) to operate, secure, and improve Slonig.
We do NOT sell or rent student information.
Student data remains within our educational platform and is never shared with third parties for commercial purposes.
We maintain strong security measures.
Data encryption, access controls, regular security audits, and continuous monitoring protect student information. All staff receive mandatory training on privacy requirements.
We respect parental and school authority.
Parents/guardians and schools can request access to, correction of, export of, or deletion of student information that Slonig, Inc. holds, if any. (Most student progress is stored locally on the student’s device by default.)
We comply with applicable privacy laws.
Our practices adhere to COPPA, FERPA, and state privacy regulations.
This Student Privacy Policy is a supplement to our main Privacy Policy and provides additional information specifically about how we handle student information. This policy is designed to help students, parents, and educators understand our practices regarding student data.
Company Information: Slonig, Inc., 1111B S Governors Ave STE 48458 Dover, DE 19904, USA
This policy applies to students who use Slonig through:
Slonig is designed to work without student-created accounts. By default, students do not sign up, and most learning progress is stored locally on the student’s device (including school-provided devices). Local data can be removed at any time by clearing the browser cache/storage or using the device’s management tools.
In limited cases (for example, a school-managed pilot or a randomized controlled trial (RCT)), an authorized adult (such as a teacher, school administrator, or parent/guardian) may provide student information to Slonig, Inc. If we receive student information, we use it only for the educational purposes described in this policy.
Slonig is designed to collect as little student personal data as possible. Use of app.slonig.org is anonymous by default. In limited cases—such as participation in a randomized controlled trial (RCT) or a school-managed pilot—student personal data may be provided to Slonig, Inc. by authorized adults, and processed by Slonig, Inc. When that happens, the information is provided to us by teachers, school administrators, and/or parents or guardians, and may include: student first and last name, grade level, school name, and learning results (for example, scores).
As students use Slonig, we may collect limited technical and usage analytics needed to operate, secure, and improve the platform. This may include aggregated or de-identified performance metrics, security logs (which may include an anonymized form of an IP address), browser and device information, and in-product usage events (for example, which activities are completed and basic interaction patterns). We do not use this data to advertise to students or to track them across other companies’ websites or apps.
We use student information only for educational purposes to help students study effectively. Specifically, we use student information to personalize learning experiences and improve our educational content and curriculum, ensure the platform works properly and securely, and comply with legal obligations.
We do NOT use student information to: Market products or services to students, show advertisements to students, sell or rent student information to third parties, create profiles of students for non-educational purposes, or share student information for any purpose other than providing educational services.
Student information is shared only with authorized parties who need access to provide educational services. The student’s teacher or parent can see their progress and performance. School or district administrators may see student information as authorized by the school or district. Slonig employees and contractors who need access to provide technical support, improve the platform, or fulfill other necessary functions work under strict confidentiality agreements. Service providers who help us operate the platform (such as hosting services) access student data only as necessary and are contractually required to protect student privacy.
We may also use or share de-identified or aggregated data for research, analytics, and service improvement. De-identified means we remove or obscure direct identifiers (such as a student’s name) and take reasonable measures to help ensure the data cannot be reasonably linked back to a specific student. We do not attempt to re-identify de-identified data, and we require any recipients (if any) to agree not to re-identify it.
Slonig does NOT sell, trade, or rent student information to anyone. We do not share student information with third parties for their marketing purposes. We do NOT allow any advertising on the student-facing parts of our platform.
If Slonig is provided to K–12 students in California, we follow the requirements of California’s Student Online Personal Information Protection Act (SOPIPA). In addition to the commitments stated elsewhere in this policy, we make the following SOPIPA-specific commitments regarding “covered information” collected through the service.
Prohibited uses. We do not:
Limits on disclosure. We disclose covered information only as allowed for K–12 school purposes, such as:
If we ever share covered information in connection with a business transaction (see “Business Transfer”), we require the recipient to handle it in a manner consistent with this Student Privacy Policy and applicable student privacy laws, including SOPIPA.
We take the security of student information very seriously and use industry-standard safeguards to protect it. Our security measures may include encryption of data both when it is stored and when it is transmitted, secure passwords and authentication systems, limited access to student data ensuring only authorized personnel can access student information, regular security audits and assessments, secure backup systems, and employee training on privacy and security practices.
All employees who may access student information complete mandatory training on FERPA, COPPA, and data privacy requirements.
Beyond technical security measures, we have designed our website and platform with specific safeguards to protect students while they learn.
Beyond technical security measures, we have designed our website and platform with specific safeguards to protect students while they learn. Slonig provides a private, focused learning environment. Students cannot create an account on Slonig. We emulate account-like functionality to provide a familiar user experience and to allow progress to be saved, but this functionality is stored solely on the student’s device, and all data disappears when the browser cache is cleared. Students cannot message, chat with, or communicate with other students through Slonig. Students cannot see other students’ profiles, progress, or personal information.
Parents/guardians (and schools, where applicable) can request access to, correction of, export of, or deletion of student information that Slonig, Inc. holds on its servers, if any. Because Slonig is designed to work without student-created accounts and stores most learning progress locally on the student’s device by default, in many cases Slonig, Inc. may not have student information to access, export, or delete.
Local device data: If a student’s progress is stored on the device, it can be removed by clearing the browser cache/storage or through device management controls.
Server-held data (limited cases): If a school, district, or parent/guardian provided student information to Slonig, Inc. (for example, for a pilot or RCT), you may request access, correction, export, or deletion by contacting us at info@slonig.org (or by contacting the school/district, if the student uses Slonig through a school).
This section applies only where the EU/EEA or UK General Data Protection Regulation (“GDPR”) applies.
Controller / processor roles. When a school or district in the EU/EEA or UK uses Slonig, the school or district typically acts as the data controller and Slonig, Inc. acts as a data processor, processing student information only on the school’s instructions and for educational purposes. When Slonig is used directly by a parent/guardian outside a school relationship, Slonig, Inc. may act as the data controller for the personal data it processes in that context.
Legal bases. Where GDPR applies, we process personal data as necessary to provide the service (performance of a contract) and to operate, secure, and improve the service (legitimate interests, such as maintaining reliability, preventing fraud/abuse, and improving platform performance). If we rely on consent for any optional features, you may withdraw consent at any time.
Your rights (EEA/UK). Subject to applicable law, you may have the right to request access to, correction of, deletion of, restriction of, or objection to processing of personal data, and the right to data portability. Where processing is based on consent, you may withdraw consent at any time. You also have the right to lodge a complaint with your local data protection authority.
How to exercise rights. Contact us at info@slonig.org. If the student uses Slonig through a school, the school or district may also submit requests on the student’s behalf.
The Children’s Online Privacy Protection Act (COPPA) requires specific disclosures and consent when personal information is collected online from children under 13.
When Slonig collects student personal information. Slonig is designed to be anonymous by default. In limited cases—such as a school-managed pilot or a randomized controlled trial (RCT)—authorized adults (for example, a school/district or a parent/guardian) may provide student personal information to Slonig, Inc. (such as a student’s name, grade, school, and learning results).
How consent is provided. When COPPA applies, consent is obtained in one of the following ways, depending on the context:
Direct notice. When we need parental consent under COPPA, we provide parents/guardians with COPPA-required notice describing what information we collect, how we use it, whether we share it, and how parents can review or delete the information.
Parents can revoke consent. A parent/guardian may withdraw consent and request deletion of the child’s personal information at any time by contacting us at info@slonig.org. If the student uses Slonig through a school, parents/guardians may also contact the school to submit a request through the school.
Operator disclosures. Slonig, Inc. operates the Slonig service. We collect student personal information only as described in this Student Privacy Policy (and only in the limited situations described above). We use it solely for educational purposes, and we do not sell student personal information.
When a school or district uses Slonig, Slonig, Inc. may be treated as a “school official” under the Family Educational Rights and Privacy Act (FERPA) to the extent permitted by law and our written agreement with the school or district.
What this means. In these situations:
If your school or district has questions about these controls, please contact us at info@slonig.org.
In rare cases—such as participation in a randomized controlled trial (RCT) or a school-managed pilot—we may collect a student’s name, surname, grade, school name, and scores. We keep this information only for as long as needed for the RCT or pilot. Unless the school requests a shorter period, we delete or de-identify it within 30 days after the RCT or pilot ends, except where a longer retention period is required by law or to resolve disputes.
What We Keep:
Getting Your Data: Schools, districts, or parents can copy student information from their devices to transfer it to another device before deleting it.
To provide and protect the service, we use service providers in the following categories:
These providers may have access to student information only to the extent necessary to perform services for us. They are bound by contract to (1) use the data only to provide services to Slonig, (2) protect it, and (3) not use it for any other purpose. We do not permit these providers to use student information for their own advertising or marketing.
In certain circumstances, Slonig may be involved in a business transaction such as a merger, acquisition, reorganization, bankruptcy, or sale of assets. If that happens, we may transfer student information as part of the transaction only as permitted by applicable law and (where relevant) our agreements with schools and districts.
Protection carries over. Any acquiring organization must continue to protect student information in a manner consistent with this Student Privacy Policy and applicable student privacy laws (including COPPA, FERPA, and SOPIPA), and may use student information only for the same educational purposes described in this policy, unless and until we provide any required notices and obtain any required consents.
Notice. We will provide notice to schools and districts (and, where applicable, parents/guardians) about a business transfer involving student information as required by law and/or our contractual commitments. If the transaction would result in materially different privacy practices for student information, we will provide additional notice and obtain any required consent before applying those changes.
We may update this Student Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this policy. If we make significant changes that affect how we collect, use, or share student information, we will notify schools and parents in advance.
In the unlikely event of a data breach affecting student information, we will notify the school or district (and, where applicable, parents/guardians) without unreasonable delay and in accordance with applicable law. Timing may depend on what we learn as we investigate the incident and determine the scope and impacted data. We may also delay notice if requested by law enforcement or otherwise permitted by law.
Our notification will include, to the extent known and as required by law: what information was affected, what happened, the steps we are taking to address the incident, and guidance on protective measures that may be helpful.
If you have questions about how we handle student information, please contact us:
Contact Information: Slonig, Inc., 1111B S Governors Ave STE 48458 Dover, DE 19904, USA
Email: info@slonig.org
For more detailed information about our privacy practices, please see:
For information about student privacy laws:
This Student Privacy Policy should be read in conjunction with our main Privacy Policy. In case of any conflict between this Student Privacy Policy and the main Privacy Policy, the terms that provide greater protection for student privacy will apply.