NextSchool

Legal

Privacy Policy

Effective Date: May 7, 2026 — See what changed

1. Who We Are

NextSchool is operated from Ontario, Canada. We are committed to protecting your privacy and ensuring transparency about how we collect, use, and manage your personal information.

Privacy Officer: Our Privacy Officer is the CEO of NextSchool. Contact: [email protected].

NextSchool operates in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) (federal) and Quebec's Act respecting the protection of personal information in the private sector (Law 25). We are committed to transparency, granular consent, and your right to access, correct, delete, port, or withdraw consent for any personal information we hold.

2. What Data We Collect — Parents

When you use NextSchool, we collect the following information:

  • Family Profile Information: Child's name, age/grade, interests, learning needs, learning style, location, budget preferences, school priorities, and dealbreakers
  • Account Information: Your name, email, and password
  • Chat History: Conversations with our AI consultant, including your responses and our recommendations
  • Usage Data: Schools you've shortlisted, notes you've written, comparisons you've made, and pages you've visited

Important: We collect information about children as provided by their parent or guardian. Children do not directly create accounts or use the platform.

3. What Data We Collect — Schools

When school administrators claim and manage their profiles, we collect:

  • Claimant Information: Full name, role at school, school email, and verification documents (for verification purposes)
  • School Profile Data: Tuition, programs offered, photos, admissions dates, contact information, and other details you provide to display publicly

4. How We Use Data

We use your data for these specific purposes:

Parent Data:

  • Provide personalized school recommendations
  • Maintain your conversation history
  • Improve our matching algorithms
  • Help you manage your shortlist and notes

School Data:

  • Display your school's public profile
  • Support your profile management and updates
  • Process inquiries from parents

Aggregated/Anonymized Data:

  • Improve service quality and recommendations
  • Develop new features
  • Generate analytics and insights

Critical Privacy Commitment: Parent family profiles are NEVER shared with schools unless you explicitly initiate contact (such as sending an inquiry).

5. Children's Data

We take children's privacy seriously. Here's how we protect it:

  • We collect information about children only as provided by their parent or guardian
  • Children do not use the platform directly and do not create accounts
  • Parents can request access to, correction of, or deletion of their child's information at any time
  • We do not sell or share children's personal information with third parties
  • For children under 13, we rely on the parent/guardian's consent as the account holder

6. Data Sharing and Disclosure

Here's how we handle your data:

What We Don't Share:

  • We do NOT share family data with schools (unless you initiate an inquiry)
  • We do NOT sell personal data to any third party

What We May Share:

  • Anonymized, aggregated analytics with schools (no personal information included)
  • Data with sub-processors listed below, who process information on our behalf under data processing agreements
  • Information if required by law, court order, or government request

Our Sub-Processors

The following companies process personal data on our behalf. Each operates under a data processing agreement with NextSchool and is prohibited from using your data for any purpose beyond what we instruct.

Cross-border processing notice

All of our current sub-processors are based in the United States: Supabase, Vercel, OpenAI (via OpenRouter), Anthropic (via OpenRouter), OpenRouter, Resend, Stripe, and Sentry. As a result, your personal data is processed in the United States and may, in narrow circumstances, be subject to US law including the CLOUD Act, which can compel a US provider to disclose data in response to a lawful order. We have data processing agreements with every sub-processor and rely on Standard Contractual Clauses or equivalent transfer mechanisms where required.

AI Inference — OpenRouter (United States)

Purpose: Generating personalized school recommendations through our AI consultant.

Data transmitted: Pseudonymized conversation content including educational preferences (child's grade, learning style, school priorities). We replace names with placeholders and reduce location to city/region level before transmission — your child's name, specific medical diagnoses, and precise address are not sent to OpenRouter.

Retention by OpenRouter: Prompts are used for inference only and are not retained for training without explicit consent. See OpenRouter's Privacy Policy.

ServiceCountryPurposeData Shared
StripeUnited StatesPayment processingEmail address, subscription status
ResendUnited StatesTransactional email deliveryName, email address
SentryUnited StatesError monitoring and performanceAnonymized error events — emails and IP addresses are stripped before transmission
VercelUnited StatesPlatform hosting and edge networkIP address (in transit only); page view metrics with your consent
Google Analytics / AdsUnited StatesAnalytics and conversion measurementAnonymized events (with your consent); hashed email only on purchase and only with your explicit ad consent
SupabaseUnited StatesDatabase and authenticationAll data stored by NextSchool (encrypted at rest, AES-256)
OpenAI (via OpenRouter)United StatesAI inference (text generation)Pseudonymized conversation content; no training
Anthropic (via OpenRouter)United StatesAI inference (text generation)Pseudonymized conversation content; no training

7. Data Retention

We retain personal information only as long as necessary for the stated purpose. The table below summarizes our retention schedule.

Data CategoryRetentionNotes
Account & family profileUntil account deletionPermanently deleted on request
Conversations24 months; inactive accounts anonymized at 12 monthsDeleted on request; per-conversation delete available
API logs (api_logs)30 daysAutomatically purged
Error logs (error_logs)60 daysPII scrubbed before storage
LLM logs (llm_logs)90 daysPseudonymized; PII scrubbed
Search logs (search_logs)90 daysUser identity removed after 30 days
User events (user_events)90 days, then anonymizedAggregated metrics retained indefinitely
Consent recordsUntil account deletionRetained for compliance purposes; included in your data export

Account Deletion: When you delete your account, all personal data is permanently removed from our systems. Data held by third-party sub-processors (Stripe, Sentry, etc.) is subject to their own retention policies.

8. Cookies and Tracking

We use cookies to:

  • Authentication and Session Cookies: Keep you logged in and secure
  • Analytics Cookies: Understand how you use our platform to improve your experience

You can control cookies through your browser settings. Disabling some cookies may affect platform functionality.

9. Your Rights (PIPEDA + Quebec Law 25)

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Ask us to fix inaccurate or incomplete information.
  • Deletion (right to be forgotten): Request permanent removal of your account and associated data.
  • Portability: Export a structured copy of your data in a machine-readable format (JSON).
  • Withdraw consent: Withdraw any consent you previously granted (granular controls per consent type).
  • Human review of automated decisions (Quebec Law 25 s. 12.1): Request a human review of any AI-generated school recommendation or scoring decision.

How to exercise these rights: email [email protected], or use the controls in Settings → Privacy. We respond within 30 days.

For more on how recommendations are generated, see How recommendations work.

9b. Security Incidents and Complaints

If you suspect a security incident affecting your data, contact us immediately at [email protected]. NextSchool will notify affected users and the relevant regulators (Office of the Privacy Commissioner of Canada, and Commission d'accès à l'information du Québec where applicable) of any breach posing a real risk of significant harm, in accordance with PIPEDA and Law 25.

If your concern is not resolved to your satisfaction, you may file a complaint with:

10. CASL Compliance

NextSchool complies with Canada's Anti-Spam Legislation (CASL):

  • Marketing and promotional emails are sent only with your express consent, which you may grant or revoke at any time in your account settings
  • Transactional emails (account confirmation, booking reminders, etc.) do not require marketing consent
  • All emails include our sender identity, registered address, and a functional unsubscribe link
  • Unsubscribe requests are processed immediately — you will not receive further commercial emails after clicking unsubscribe
  • Your consent history is recorded and available in your data export

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws.

When we make material changes, we will notify you by updating the "Last Updated" date and, for significant changes, by email or through a notice in the platform. For changes that affect how we process children's information or introduce new third-party data sharing, we will require you to re-acknowledge the updated policy before continuing to use NextSchool.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please reach out:

Privacy Officer:

[email protected]

We will respond to access, correction, and deletion requests within 30 days. You may also file a complaint with the Office of the Privacy Commissioner of Canada.

General Questions:

Visit our Contact Page

Policy Changelog

A record of material changes to this policy. Minor wording clarifications are not listed.

May 7, 2026

  • Named the Privacy Officer (CEO) and updated contact path
  • Added Quebec Law 25 alignment, including right to human review of automated decisions (s. 12.1)
  • Added cross-border processing notice — all sub-processors are US-based; CLOUD Act disclosure
  • Added OpenAI and Anthropic (via OpenRouter) to the sub-processor list
  • Expanded retention table: api_logs 30d, error_logs 60d, llm_logs 90d, search_logs 90d, user_events 90d → anonymized, conversations 24m
  • Added security-breach contact and Quebec CAI complaint path
  • Added portability and human-review rights

April 2, 2026

  • Named all sub-processors explicitly (OpenRouter, Stripe, Resend, Sentry, Vercel, Google)
  • Added disclosure that AI recommendations involve transmission of pseudonymized conversation content to OpenRouter (US)
  • Clarified that names, specific medical diagnoses, and precise addresses are not transmitted to AI providers
  • Added detailed data retention schedule by category
  • Updated CASL section: unsubscribe is immediate, not "10 business days"
  • Added explicit consent checkboxes at signup (granular opt-in for marketing and analytics)
  • Added server-side consent audit trail

February 20, 2026

Initial privacy policy published.