Legal
Privacy Policy
Effective July 16, 2026 · Last updated July 16, 2026
1. Scope
This Policy explains how LesserLabs handles information through MissionK12, HallBeat, Flow, Control, Rubric Insights, their websites, and related support or demo communications. A school or district agreement may provide additional privacy terms.
2. Information we collect
Account and identity information
Name, school email address, organization, role, Google account identifiers used for authentication, and account status.
School and student records
Depending on the product and school configuration, this may include student and staff names, local identifiers, grade level, courses, sections, enrollments, schedules, room assignments, attendance, pass destinations and movement events, intervention or support assignments, rubric criteria, scores, feedback, and related educational records.
Activity and security information
Sign-in times, actions taken in the Services, audit records, session information, error records, and standard network information such as IP address, browser, and device information available to the service infrastructure.
Communications
Information submitted in demo requests, support emails, incident reports, and other communications with LesserLabs.
Sources
Information may come from a school or district, authorized staff and students, approved roster or student-information-system imports, Google authentication, and normal use of the Services.
3. How we use information
- Provide passes, schedules, attendance, rubrics, notifications, reporting, and other requested school workflows.
- Authenticate users and apply role-based permissions.
- Maintain records and audit trails needed for school operations, safety, support, and accountability.
- Send service-related notifications requested or configured by the school.
- Secure, troubleshoot, maintain, and improve the Services.
- Respond to support, privacy, security, and legal requests.
- Comply with applicable law and enforce agreements.
4. How we disclose information
LesserLabs may disclose information:
- To the school or district that controls the account and its authorized users, according to their roles.
- To service providers supporting authentication, networking, secure hosting, backups, and email delivery, under appropriate restrictions.
- When directed by the school or with appropriate authorization.
- When reasonably necessary to protect users, investigate abuse or security incidents, or comply with a valid legal requirement.
- As part of a business transaction, subject to continued protection of student information and applicable contractual and legal restrictions.
LesserLabs does not sell personal information and does not disclose student information for targeted advertising or unrelated commercial purposes.
5. Student privacy and children under 13
The Services are provided to students only in a school-authorized educational context. Where applicable, LesserLabs relies on the school to act as the parent’s agent for consent under COPPA only for the school-authorized educational use. LesserLabs remains responsible for its own COPPA obligations and does not shift that responsibility to teachers.
LesserLabs processes education records under the direction of participating schools and supports their obligations under FERPA and applicable state student-privacy laws. Details appear in the Student Data Commitments.
6. Cookies and local storage
The Services use cookies, browser storage, or signed tokens as needed to keep users signed in, preserve authorized settings, protect sessions, and operate the Services. MissionK12 products do not use these technologies to serve targeted advertising to students.
7. Retention and deletion
Information is retained only as needed to provide the Services, meet school requirements, maintain necessary security and audit records, comply with law, and resolve disputes. Retention may vary by record type and school agreement.
Schools may request export or deletion when a service ends. Deletion from active systems will occur within a reasonable period agreed with the school, while limited copies may remain temporarily in protected backups or where retention is legally required.
8. Security
LesserLabs uses administrative, technical, and organizational measures designed to protect information, including encrypted connections, authentication, access controls, audit records, and backups where appropriate. No service can promise absolute security. See the Security Overview.
9. Access, correction, and deletion
School administrators may contact LesserLabs about account and institutional data. Parents and students should usually contact their school first for requests involving education records; LesserLabs will assist the school in responding. Website and support correspondents may ask to access, correct, or delete information they submitted directly.
10. Policy changes
Material changes will be reflected by an updated effective date and, when appropriate, communicated to participating schools or administrators. LesserLabs will not materially reduce protections for previously collected student information without appropriate notice and authorization.
11. Contact
Email [email protected] with “MissionK12 Privacy Request” in the subject. Include your school or district and your relationship to the student record, but do not email sensitive student data unnecessarily.
Contact LesserLabs