Privacy Policy

1. Who we are

Curriflow is a homeschool curriculum scheduling service operated by Alleanza Systems LLC(“Curriflow,” “we,” “us”). The service is available at curriflow.com and through the Curriflow mobile app. Questions about this policy can be sent to info@curriflow.com.

2. Information we collect

We collect only what is needed to run Curriflow. We do not buy, trade, or rent personal information.

2.1 Information you provide

• Account profile. When you sign in with Google (web and mobile) or Sign in with Apple (mobile), we receive your email address, display name, profile image URL, and a stable account identifier. We do not receive your Google or Apple password.
• Curriculum files. PDFs, photos, or screenshots of curriculum materials that you upload so Curriflow can extract a lesson list.
• Schedule preferences. Lesson time windows, days of week, school-year dates, calendar selections, and any notes you write during the Weekly Review.
• iCloud connection (optional). If you connect iCloud Calendar via CalDAV, we store your Apple ID email and an app-specific password that you generate. The password is encrypted at rest using application-layer encryption; we never display it back to you and never receive your real Apple ID password.
• Push tokens (mobile). If you opt in to push notifications, we store an Expo push token associated with your account.

2.2 Information we receive from Google and Apple

When you grant Curriflow access to your calendar, we read and (with your permission) write events on your behalf. Specifically:

• Google Calendar events from calendars you choose to include — used to detect scheduling conflicts and to create, update, and delete the lesson events Curriflow generates.
• iCloud Calendar events via CalDAV — used the same way, when you choose iCloud as the destination.

Curriflow does not request access to Gmail, Drive, Contacts, Photos, or any Google service other than Calendar.

2.3 Information we collect automatically

• Product analytics via PostHog — page views, feature usage events, and aggregated performance metrics. We configure PostHog with masked text and blocked sensitive fields. Calendar contents and curriculum text are never sent to PostHog.
• Error reporting via Sentry (mobile only) — crash reports and error stack traces. Sentry is configured to scrub query strings, request bodies, and sensitive headers.
• Server logs — IP address, user-agent, request path, and timing for security and abuse prevention. We do not log session tokens, OAuth tokens, request bodies, or third-party API responses.

3. How we use your information

• To authenticate you and keep your session active.
• To extract a lesson list from your curriculum files, generate a schedule, and create the corresponding calendar events.
• To sync changes between Curriflow and your calendar (in both directions), and to surface conflicts with your existing events.
• To send service-related messages (e.g. scheduled lesson reminders you opted into, account or security notices).
• To monitor service health, prevent abuse, and improve Curriflow’s features.

We do not use your data for advertising. We do not run ads in Curriflow.

4. Google user data — Limited Use disclosure

Curriflow’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We use the openid, email, and profile scopes to authenticate you and display your name, email, and avatar inside Curriflow.
• We use the https://www.googleapis.com/auth/calendar scope to read events from the calendars you choose (so we can detect conflicts with your planned lessons), and to create, update, and delete the lesson events that Curriflow generates on a calendar you select.
• We do not transfer Google user data to any third party except as necessary to provide or improve user-facing features that are prominent in the Curriflow user interface (and only with your permission), or to comply with applicable law.
• We do not use Google user data to serve advertisements, including retargeting, personalized, or interest-based advertising.
• We do not allow humans to read Google user data unless we have your affirmative consent for specific events, are required to do so for security purposes (such as investigating abuse), to comply with applicable law, or for internal operations where the data has been aggregated and anonymized.
• We do not use Google user data to train, improve, or develop generalized or non-personalized AI/ML models.

5. How curriculum files are processed

When you upload a curriculum file, Curriflow performs three steps:

1. The file is uploaded to private object storage (Supabase Storage and/or Cloudflare R2) over TLS. The bucket is not public; access requires our server credentials.
2. We extract text using on-server PDF parsing or, when needed, Google Cloud Vision OCR. The extracted text is sent to Anthropic (Claude) for structural analysis (chapters, lessons, sequence). Per Anthropic’s API terms, Anthropic does not train its models on data submitted via the API.
3. The original uploaded file is deleted from object storage within one hour of analysis completing. Only the extracted lesson list and your generated schedule remain in the database.

5a. School Log (daily homeschool records)

The School Log mobile app (SchoolDone) lets you type or dictate what each child learned on a given day. That text is sent to Anthropic (Claude) to format a structured subject log for your own files. We store the original narrative and the formatted log in our database. PDF and text exports are assembled from logs already saved in your account and do not run new AI formatting unless you are creating or updating a log. If your subscription ends, you may still view and export saved logs; creating new logs or re-processing notes with AI requires an active subscription when monetization is enabled. See SchoolDone Privacy Policy for full details. School Log does not provide legal advice and does not guarantee acceptance of logs by schools, districts, or agencies. Voice features may use device speech recognition; check your OS privacy settings for how audio is handled on-device.

6. Sub-processors and where data is stored

Curriflow relies on the following sub-processors. Each processes data only on our instructions and for the purposes described.

Curriflow’s primary data center region is the United States. If you access the service from outside the U.S., your information is transferred to and processed in the U.S.

7. How we secure data

• All traffic is served over TLS.
• Database access uses default-deny row-level security; only our server-side code, holding a service key, can read user records, and only after verifying the requesting user owns the record.
• iCloud app-specific passwords and mobile OAuth refresh tokens are encrypted at the application layer before being written to the database.
• Curriculum upload buckets are private, MIME-restricted, size- capped, and pruned within one hour of processing.
• Administrative actions are recorded in an append-only audit log.
• We do not log session tokens, OAuth tokens, request bodies, or third-party API payloads.
• We use rate limiting on authentication and write-heavy endpoints to prevent abuse.

No method of transmission or storage is perfectly secure. If we discover a security incident affecting your data, we will notify you and any required regulators in accordance with applicable law.

8. How long we keep data

• Uploaded curriculum files: deleted within one hour of analysis completing.
• Account profile, schedules, lesson logs, calendar metadata: kept until you delete your account. When you delete your account, this data is removed from active systems within 7 days and rolled out of backups within an additional 30 days.
• iCloud app-specific passwords / OAuth refresh tokens: deleted when you disconnect the corresponding integration or delete your account.
• Server logs: 30 days, then permanently deleted.
• Backups: rolling 30-day window, after which backups are permanently destroyed.
• Administrative audit logs: 12 months, for security review.

9. Your rights and choices

You can, at any time:

• Access or export your account data — email info@curriflow.com and we’ll respond within 30 days.
• Correct profile information from inside the app.
• Disconnect Google or iCloud integrations from Settings. After disconnecting, the events Curriflow created in your calendar remain there (you can delete them manually); the connection itself is removed from our database.
• RevokeCurriflow’s access to your Google account directly at myaccount.google.com/permissions.
• Delete your account and all associated datafrom inside Curriflow (Profile → Delete account and data). When you delete your account, Curriflow also revokes its access to your Google account so it no longer appears in your Google Connected Apps list. Lesson events Curriflow previously created on your Google Calendar are not removed automatically and will remain on your calendar; you can delete them manually if you wish. You can also email info@curriflow.com to request deletion. We complete deletion within 7 days of the request and roll the data out of backups within an additional 30 days.
• Opt out of analytics by emailing us — we will disable PostHog event collection for your account.

California residents (CCPA / CPRA)

If you live in California, you have the right to know what personal information we collect, to access and delete it, to correct inaccurate information, and to opt out of the “sale” or “sharing” of personal information for cross-context behavioral advertising. We do not sell or share personal information for advertising purposes. To exercise any of these rights, email info@curriflow.com. We will not discriminate against you for exercising your rights.

Other U.S. state privacy laws

Residents of states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others) have similar rights to access, correct, delete, and opt out of targeted advertising or sale. The same email address handles those requests.

10. Children

Curriflow is intended for parents, guardians, and homeschool educators who are at least 18 years old. Curriflow is not directed at children, and we do not knowingly collect personal information from children under 13. If we learn we have inadvertently collected such information, we will delete it. Parents who believe their child has provided us information can contact info@curriflow.com.

11. Cookies and similar technologies

We use a small number of cookies and equivalent local storage entries:

• Authentication. A signed session cookie issued by NextAuth so you stay signed in.
• Preferences. Local storage entries for UI preferences (e.g. theme, last-used view).
• Analytics. A first-party PostHog identifier used to deduplicate sessions.

We do not use third-party advertising cookies. Most browsers let you block or clear cookies; doing so may sign you out.

12. Changes to this policy

We may update this policy from time to time. If a change is material, we will notify you by email and update the effective date above. Continued use of Curriflow after the new effective date constitutes acceptance of the updated policy.

13. Contact

Alleanza Systems LLC
Utah, United States
info@curriflow.com