Eccleston Education Consulting LLC ("IEPVue," "we," "us") operates IEPVue, an AI-powered educational guidance platform for parents and guardians navigating the IEP and Section 504 process. This Policy explains what information we collect, how we use and protect it, and the choices and rights you have. It applies to app.iepvue.com and iepvue.com.
Some information you provide relates to a student's disability, health condition, or diagnosis. Several privacy laws — including the Maryland Online Data Privacy Act (Md. Code, Com. Law §§14-4701–14-4714) — treat this, and information about a minor, as "sensitive data." We handle it as follows:
We use your information to: provide and personalize the guidance and reports you request; maintain continuity within your active session; process subscriptions and consultations; communicate with you (including service and, with your choice, marketing emails); maintain security and prevent abuse; and improve the Platform. We process personal data only as reasonably necessary and proportionate to these purposes (data minimization).
Marketing email is optional. Every marketing message includes a clear one-click way to unsubscribe (honored within 10 business days) and our physical mailing address. Opting out of marketing never affects the transactional messages you need to use IEPVue.
IEPVue uses AI (powered by Anthropic's Claude) to analyze your inputs and generate guidance. You are interacting with an automated AI system, not a human reviewer. Your chat messages and uploaded document content are sent to Anthropic's API for real-time processing only. Anthropic does not train its models on content submitted through its API, and we do not use your information, your student's information, or your documents to train AI models. AI outputs are educational only and may be inaccurate or incomplete; they are not legal advice, a diagnosis, or a professional opinion. Individual AI responses are not human-reviewed before delivery.
We share data only with service providers that process it on our behalf under contractual data-protection obligations, and as required by law:
We may also disclose information to comply with law, a court order, or a lawful request, or to protect rights and safety. We do not sell your personal information, do not share it for targeted advertising, and do not disclose it to data brokers.
IEPVue is a service for adults — parents, guardians, and advocates. Children do not create accounts, are not the audience for the Platform, and do not provide information to us. Any information about a student is entered by the adult account holder. Because we collect information from adults — not online from children — the Children's Online Privacy Protection Act (COPPA), which governs the online collection of personal information from children under 13, does not apply to IEPVue. We nonetheless apply heightened safeguards to student information: we minimize what we collect (nickname, not legal name; no scores or diagnoses stored), we process the most sensitive content ephemerally, and we never sell or use for targeted advertising any data concerning a minor.
We keep information only as long as reasonably necessary. Summary of periods (full detail in our Data Retention Policy):
We do not retain personal information indefinitely.
Depending on your state, you may have the right to: access the personal data we hold about you; correct inaccuracies; delete your data; obtain a portable copy; obtain a list of the categories of third parties to whom we have disclosed data; and opt out of any sale, targeted advertising, or profiling (note: we do none of these). To exercise any right, email [email protected]. We will respond within 45 days (extendable once by an additional 45 days where permitted, with notice).
Right to appeal. If we deny your request, you may appeal by replying to our decision or emailing [email protected] with "Appeal" in the subject line. We will respond to your appeal within 45 days and explain our decision. If your appeal is denied, you may contact your state attorney general.
You may also export all of your data or delete your Case Tracker data (without affecting your account), or delete your entire account at any time from Account Settings.
We do not sell personal data or use it for targeted advertising for any consumer, and specifically not for any consumer we know or should know is under 18. Where required, we obtain your separate, specific consent before processing sensitive data (§3).
We honor the Global Privacy Control (GPC) browser signal. If your browser sends a GPC signal, we treat it as a request to opt out of any optional data collection and suppress non-essential analytics for your session.
We use industry-standard safeguards: encryption in transit (TLS 1.2+), encryption at rest (AES-256, with keys managed in a cloud key-management service), hashed password storage (we never store plaintext passwords), secure authentication, ephemeral document processing, owner-scoped role-based access, and regular security reviews, as described in our Information Security Program. No system is completely secure, and we cannot guarantee absolute security.
If you are a California resident, you may have rights under the California Consumer Privacy Act (as amended), including to know, access, correct, and delete personal information, to limit the use of sensitive personal information, and to opt out of "sale" or "sharing" — though IEPVue does not sell or share personal information as those terms are defined. We do not discriminate against you for exercising any right. To exercise these rights, email [email protected].
Because special-education documents can contain health-related information, we maintain a breach-response program designed to meet the FTC Health Breach Notification Rule. If a breach of security involving unsecured identifiable health information occurs, we will notify affected individuals within 60 calendar days, and notify the FTC and media where 500 or more individuals are affected. (IEPVue is not a HIPAA-covered entity and does not claim to be.) See our Terms (§11) and Information Security Program.
IEPVue is intended for use in the United States. If you access it from outside the US, you do so on your own initiative and are responsible for compliance with local law.
We may update this Policy prospectively; material changes will be notified through the Platform or by email. Questions or requests: [email protected] · Eccleston Education Consulting LLC.