Privacy Policy

Last updated: [DRAFT — date to be set on publication]

The 60-second version

Student data never leaves your ecosystem. We built Seatcrafter so your classroom rosters, IEPs, accommodations, seating charts, and notes live as a file on your own computer — and, if you later turn on encrypted backup, only in a form that we cannot read. We cannot share or hand over what we never receive in usable form.

About you (the teacher), we collect a small amount of information so the service works: your email if you sign up, basic visit analytics, and error reports when something breaks.

We do not sell your data. There is no advertising business behind Seatcrafter and no third-party data brokering. Our only revenue is your subscription.

You can email [email protected] any time to ask what we have on file, correct it, or delete it.

The detailed sections below explain exactly what is collected, by whom, and why. The four bullets above cover 95% of the story.

1. Who we are

Seatcrafter is operated by O'Hare Educational, LLC, a Washington state limited liability company. Throughout this policy, "we," "us," and "our" refer to O'Hare Educational, LLC. "You" refers to anyone visiting seatcrafter.com or using the Seatcrafter service.

You can reach us at [email protected] for any privacy-related question, request, or complaint.

2. What we collect

We collect personal information in three ways: when you give it to us directly, when it's collected automatically as you use the site, and when third-party services we use collect a small amount of technical data on our behalf.

Information you give us directly

Email address — if you join our waitlist or, in the future, create a Seatcrafter account.
Account credentials (future, once accounts launch) — your chosen password is stored as a one-way salted hash. We never see or store your plain-text password.
Payment information (future, once paid subscriptions launch) — collected and processed entirely by Stripe, our payment processor. We receive a confirmation that you have an active subscription, plus the last four digits of your card for receipts. We never see or store your full payment card details.
Anything else you send us — for example, the contents of any email you send to [email protected].

Information collected automatically

Server logs — when you visit seatcrafter.com, our hosting provider Cloudflare records a standard access log: your IP address, the page you requested, the time, your user-agent string (browser and operating system), and the referring page if any. These logs are used to operate the service, detect abuse, and troubleshoot problems.
Analytics — we use Plausible, a cookieless privacy-respecting analytics tool. Plausible records aggregate page-view counts and approximate visitor counts. It does not set cookies, does not fingerprint visitors, and does not build individual profiles. Detailed information is available in Plausible's data policy.
Error reports — we use Sentry to capture errors that happen in your browser while using Seatcrafter. When an error fires, Sentry records the error message, browser type and version, the URL where the error occurred, and a stack trace. We use these to fix bugs. Sentry retains this data for a limited time and does not use it for advertising. See Sentry's privacy policy for details.

3. What we never collect

Seatcrafter is designed so the most sensitive data — anything about your students — never reaches our servers in the first place. We do not collect, receive, store, or have access to:

Your students' names, ages, or birthdates
Their IEPs, 504 plans, or accommodations
Their academic records or grades
Your classroom rosters or seating arrangements
Your private notes about students
The name of your school, district, or class periods

All of the above lives only as a file on the device where you saved it. The file's contents never reach our systems. We could not produce this data in response to a subpoena, court order, or government request, because we don't have it. For the architectural details and what this means under FERPA, see our FERPA & Student Data Statement.

4. How we use information

We use the information described above to:

Operate the service — serve pages, save your account preferences (once accounts launch), authenticate you, deliver software updates.
Communicate with you — send transactional email such as account confirmations, payment receipts, password resets, and (only if you've explicitly opted in) occasional product updates.
Improve the product — understand which features are used, find and fix bugs, prioritize what to build next.
Comply with the law — respond to lawful requests, enforce our terms, prevent fraud and abuse.

We do not:

Sell your personal information to anyone, for any purpose.
Share your personal information with advertisers or data brokers.
Use your data to train machine learning models, our own or anyone else's.
Cross-reference your data with information from other services to build a profile of you.

5. Cookies and tracking

Seatcrafter does not use tracking cookies. Plausible (our analytics) is cookieless by design. Sentry (our error monitor) does not set cookies. We do not use third-party advertising or remarketing pixels of any kind.

Once Seatcrafter accounts launch, signing in will set a single session cookie so that you stay signed in across pages. That cookie contains a randomized session identifier and nothing else — it does not track your behavior across other sites. You can sign out at any time to clear it.

6. Third-party services

We use a small number of third-party services to operate Seatcrafter. Each of these processes a limited slice of information as described below.

Service	What we use it for	What it processes
Cloudflare	Hosting, DNS, content delivery, basic security	IP addresses, request metadata, hosted account/waitlist data
Plausible	Privacy-respecting site analytics	Aggregate, anonymous page-view and visitor counts; no cookies
Sentry	Capturing browser errors so we can fix bugs	Error message, browser version, URL, stack trace, IP address at time of error
Stripe (future)	Processing subscription payments	Your payment card details (handled entirely by Stripe; we never see them)
Email delivery provider (future)	Sending transactional and opt-in newsletter emails	Your email address and the contents of messages we send you

We will update this list whenever we add or remove a service.

7. Where data is stored

Seatcrafter is hosted on Cloudflare's global network. Cloudflare may temporarily process traffic in any of its data centers worldwide. The persistent data we store — currently the waitlist email list, and in the future account records and (encrypted) classroom-data backups — lives in Cloudflare's storage products.

If you are accessing Seatcrafter from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States or in the regions where Cloudflare operates. By using Seatcrafter, you consent to that transfer.

Your classroom data files never enter this infrastructure. They exist solely on the device where you saved them. If you lose the device or delete the file without a backup, the data is gone — we cannot recover it for you, because we never had it.

8. Security

We use industry-standard security practices: HTTPS encryption for all traffic, strong password hashing (once accounts launch), least-privilege access controls on our infrastructure, and encryption at rest for stored records. We rely on Cloudflare and our other vendors for the underlying infrastructure security; all are widely used by services handling sensitive data.

No system can be guaranteed 100% secure. We encourage you to use strong, unique passwords (a password manager is the easiest way), keep your browser and operating system updated, and never share your sign-in credentials.

If you become aware of a security issue, please email [email protected] with the subject line "Security." We take reports seriously and will respond promptly.

9. How long we keep data

Waitlist emails — kept until our public launch, plus a reasonable transition period (no more than 90 days after launch). You can ask to be removed sooner by emailing [email protected].
Account records (future) — kept while your account is active, plus 90 days after you delete your account to allow for accidental-deletion reversals and to satisfy any outstanding legal or accounting obligations.
Payment records (future) — kept as long as required by applicable tax and accounting law, typically 7 years for the records we hold; Stripe retains its own records separately under its policies.
Server logs — typically retained for 30 to 90 days, depending on the log type and what Cloudflare's defaults provide.
Error reports — retained by Sentry per its retention policy, typically 30 to 90 days.

10. Your rights

Depending on where you live, you may have rights regarding your personal information. Seatcrafter respects the following rights for all users, regardless of jurisdiction:

Access — you can ask what personal information we hold about you.
Correction — you can ask us to correct inaccurate information.
Deletion — you can ask us to delete your personal information. Some exceptions apply where we are legally required to retain certain records.
Portability — you can ask for a copy of the information you've provided to us in a portable, machine-readable format.
Objection / restriction — you can ask us to stop or limit certain types of processing.

California residents (CCPA / CPRA)

If you are a California resident, you have the right to know what categories of personal information we collect, to delete it, to correct inaccurate information, and to opt out of any sale or sharing of personal information. We do not sell or share personal information as those terms are defined under the CCPA. We do not discriminate against users for exercising any CCPA right.

EU / UK residents (GDPR / UK GDPR)

If you are in the European Economic Area or the United Kingdom, you have rights under the GDPR and UK GDPR including access, rectification, erasure, restriction, portability, and objection. Our lawful bases for processing are: contract (to provide the service you signed up for), legitimate interest (to operate, improve, and secure the service), and consent (where we ask for it explicitly, such as opt-in newsletters). You have the right to lodge a complaint with your local data protection authority.

How to exercise a right

Email [email protected] with the subject line "Privacy Request" and tell us what you'd like. We will respond within 30 days, or sooner where required by applicable law. We may ask you to verify your identity before we can fulfill a request.

11. Children's privacy and student data

Seatcrafter is built for teachers and school administrators. It is not designed for or marketed to children under 13, and we do not knowingly collect personal information directly from children. If we learn that we have inadvertently collected personal information from a child under 13 through a direct interaction (for example, a child signing up with our waitlist), we will delete that information promptly.

A note on student data specifically: Teachers using Seatcrafter typically enter information about their students — names, accommodations, IEP/504 status, behavioral notes — into their classroom file. Much of this information is covered by laws such as FERPA (the Family Educational Rights and Privacy Act) and, where students are under 13, COPPA (the Children's Online Privacy Protection Act).

Seatcrafter's architecture ensures that we do not receive this data at any point. It remains on the teacher's device as a local file. We are not a data controller, processor, or "school official" with respect to your students' educational records because we have no access to those records.

If you are a parent or guardian and have questions about how a specific teacher or school is using Seatcrafter in connection with your child's records, please contact the teacher or school directly. We have no student-level records and cannot answer questions about specific students.

12. FERPA

Educators using Seatcrafter often handle student records that may be subject to FERPA. Because Seatcrafter never receives or stores those records, Seatcrafter is not acting as a "school official" under FERPA and does not have access to your students' educational records.

For the complete architectural explanation, our position on FERPA, and answers to the questions district vendor questionnaires typically ask, please see our FERPA & Student Data Statement.

13. Changes to this policy

We will update this Privacy Policy when our practices change. Material changes — for example, a new type of information we begin collecting, a new category of third-party service, or a change in how long we retain data — will be communicated to account holders by email and announced prominently on this page for at least 30 days before they take effect. The "Last updated" date at the top of this page always reflects the most recent version.

Minor changes (typo fixes, clarifying language that does not change our practices) may be made without notice but will still update the "Last updated" date.

14. Contact us

For any question, comment, request, or complaint related to this policy or to our handling of your information:

O'Hare Educational, LLC
Email: [email protected]
Subject line: "Privacy" (or "Privacy Request" if you are exercising a specific right)

We aim to respond to all privacy inquiries within 5 business days, and within 30 days for formal rights requests.