Onboard
Request Demo

Privacy Policy

How Onboard handles your information.

Effective date: April 25, 2026. This Privacy Policy explains how Onboard Educational Systems collects, uses, shares, and protects information when schools, staff, families, and invited users use Onboard.

Scope

This policy applies to the Onboard web app, mobile app, websites, and related services. It does not apply to third-party websites, services, or school systems that Onboard does not control.

Information we collect

  • Account information, such as name, email address, role, school membership, and authentication details needed to sign in and use Onboard.
  • School and classroom information, such as school names, groups, channels, student records, membership roles, invitations, and related operational details entered by authorized users.
  • Messages and attachments, including message text, reactions, uploaded files, photos, videos, PDFs, filenames, file metadata, and delivery or read-state information.
  • Device and notification information, such as Expo push tokens, app version, platform, and basic delivery status used to send and troubleshoot mobile notifications.
  • Usage and technical information, such as request logs, error logs, device type, browser or app metadata, and security events used to maintain and protect the service.

How we use information

  • To provide the Onboard service, including account access, school workspaces, messaging, file attachments, invitations, push notifications, and support for web and mobile apps.
  • To secure the service, prevent abuse, troubleshoot issues, monitor performance, and maintain reliable access for schools and families.
  • To communicate service-related information, including account messages, invite emails, notification delivery, product updates, and support responses.
  • To improve Onboard by understanding how the product is used and where reliability, usability, or security improvements are needed.

Mobile permissions

  • Photo and video library access is requested only when a user chooses to attach media to a message.
  • File picker access is used only when a user chooses a document, image, video, or PDF to upload.
  • Push notification permission is used to send message and workspace notifications when enabled by the user.
  • If camera or microphone permissions are included in a native build, they are used only for user-initiated attachment or media workflows. Onboard does not access the camera, microphone, photos, or files in the background.

How we share information

  • We share information with authorized users in the same school workspace according to their role and group membership.
  • We use service providers to operate Onboard, including cloud hosting, database, file storage, authentication, email delivery, push notification delivery, analytics, monitoring, and customer support tools.
  • We may disclose information when required by law, legal process, or to protect the rights, safety, and security of Onboard, our users, schools, or others.
  • We do not sell personal information.

School and student information

  • Onboard is intended for use by schools, staff, and invited families. Schools decide what student and family information is entered into their workspace and which authorized users may access it.
  • When a school uses Onboard, Onboard acts as a service provider for the school. Schools are responsible for obtaining any consents required for the information they provide to Onboard.
  • Parents, guardians, students, or staff who need access, correction, export, or deletion of school-controlled information should contact their school first. We will support schools in responding to appropriate requests.

Data retention and deletion

  • We keep information for as long as needed to provide the service, meet legal obligations, resolve disputes, maintain security, and support school recordkeeping needs.
  • Schools may request deletion of workspace data, subject to legal, contractual, backup, and security requirements.
  • Users may request account-related access, correction, or deletion by contacting us. Some information may remain if it is part of school-controlled records or required for security, compliance, or operational reasons.

Security

  • We use administrative, technical, and organizational safeguards designed to protect information, including authenticated access, role-based authorization, hosted database security, and restricted file access.
  • No system is completely secure. Users should protect their login credentials and notify us promptly if they believe their account or workspace has been compromised.

Children

  • Onboard is provided to schools and authorized adults for school operations and communication. It is not intended for children to create independent accounts without school authorization.
  • Student information is handled as part of the school workspace and under the direction of the school.

Changes to this policy

  • We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and provide notice when appropriate.