← Back

Privacy & data

What Bright Speaker collects, where it flows, and what we deliberately don't do. Written in plain English.

This is an overview, not a legal document. Bright Speaker is pre-launch. A formal privacy policy and terms of service are being drafted and will replace this page before any paid deployment. In the meantime, this is an honest description of how the product works today.

What leaves the student's device

  • Student video: nothing. The webcam stream is processed in the browser for the eye-contact indicator. It is not uploaded, not stored, and not shared.
  • Student audio: the browser's built-in Speech Recognition API is used to convert speech to text during a session. In Chrome, this means audio is transmitted to Google's speech-recognition service to produce a transcript. This is a standard browser capability. We're working on an on-device alternative.
  • Transcript: the text of what a student said during a session. Today it is stored in the browser's local storage. When we introduce authenticated accounts, it will be stored in our database, tied to the student's account.
  • Scores, XP, and badges: numerical results of a session, stored the same way as transcripts.

What we don't collect

  • We don't ask for a student's birthdate, phone number, home address, or parent email.
  • We don't use third-party ad trackers or cookies.
  • We don't build a profile of a student to sell or share.
  • We don't enable peer-to-peer messaging or social features that would create a moderation surface in a K-12 product.

Who we work with (sub-processors)

To run the product, we rely on a small number of services. Today these include:

  • Vercel — hosts the website.
  • Clerk — handles authentication when it's enabled.
  • Neon — our managed PostgreSQL database (not yet in use for student data).
  • Google — provides the browser-level Speech Recognition API that Chrome uses for transcription.

When we sign a data privacy agreement with a school, we'll disclose the current sub-processor list there as well.

About COPPA and FERPA

Bright Speaker is designed for K-12 schools. That means COPPA (for students under 13) and FERPA (for education records) apply to any real deployment. We do not yet hold formal compliance certifications like a COPPA Safe Harbor attestation or a SOC 2 report. We'll be transparent about what we've completed and what's in progress in any procurement conversation. If a school or district requires a signed data processing agreement to run a pilot, we'll work through the language with you.

Deletion and questions

You can clear all session data for your browser from the history page. When we move to authenticated accounts, teachers and administrators will be able to delete student records from their dashboard.

Questions, corrections, or a data-deletion request? Write us here.

Last updated: 2026-04-17.