Privacy Policy
Teacher Marking Assistant · Last updated: 5 May 2026
Summary
Teacher Marking Assistant (the "Service") is a web application that helps teachers mark scanned exam papers, store grades, and email results to students. This page explains what data the Service handles, where it goes, who processes it, and what rights you have.
In plain terms: student data is stored in the teacher's own Google account (Google Drive) and a limited Firebase database we operate, and is visible only to the teacher who uploaded it. We do not sell or share your data, we do not serve advertising, and we do not use your data — including any data received from Google APIs — to train any AI or machine-learning model.
Who is the controller?
The school or teacher using the Service is the data controller for student personal data. We (Teacher Marking Assistant) act as a data processor on their behalf, processing personal data only on documented instructions and for the purposes of providing the Service.
For personal data about teachers using the Service (name, email, sign-in ID), we act as the controller.
What data we process
We process the following categories of personal data:
| Category | Details |
|---|---|
| Teacher identity | Name, email, authentication provider (Google/Microsoft/Apple), profile photo URL |
| Student records | First name, last name, school email address, optional parent email |
| Exam data | Scanned exam pages (images), teacher annotations, scores, grades, exam names, timestamps |
| Handwriting | Student handwritten responses appear on the exam pages stored by the Service |
| Class information | Class name, subject, year group, academic year |
| Technical data | Device identifier (randomly generated), sync timestamps, error logs |
Where data is stored
Data is split across several locations, all controlled or chosen by the teacher:
- On your device: All paper page images, annotations, and class lists are stored locally in your browser's IndexedDB. This is the primary data store.
- Firebase (operated by Google LLC): We use Firebase Authentication for sign-in and Firestore for teacher identity and sharing metadata only. Region:
europe-west2(London, United Kingdom). Firebase does not store exam pages, annotations, or student records. - Your own Google Drive or OneDrive: When you enable cloud sync, classes, student lists, papers-metadata, and annotations are uploaded to a folder named
marking-assistant-syncin your cloud storage account. We do not have access to these files — they stay in your Drive/OneDrive, governed by your own agreement with Google/Microsoft. - Google Cloud Vision (OCR): If you enable automatic student-name detection, cropped regions of uploaded exam pages are sent to Google Cloud Vision for text recognition. The image is processed in-memory; the request is not logged by us, and Google does not retain the image per their terms. The recognised text is used only to match the paper to a student in the teacher's class list and is not persisted.
- Gmail (sending marked papers): When you email a marked paper to a student, the message and attachment pass through the Gmail API under your own Google account.
Sub-processors
We rely on the following sub-processors. Each has published a Data Processing Addendum available on their website:
| Sub-processor | Purpose |
|---|---|
| Google LLC (Firebase) | Authentication, database for identity/sharing metadata |
| Google LLC (Google Drive) | File sync storage, at teacher's choice |
| Google LLC (Cloud Vision) | OCR for student-name detection, at teacher's choice |
| Google LLC (Gmail) | Sending marked papers to students, at teacher's choice |
| Microsoft Corporation (OneDrive) | Alternative file sync, at teacher's choice |
| Google LLC (Firebase Hosting) | Serves the web application (teacher-marking-assistant.web.app) |
| Stripe Payments Europe Ltd | Subscription billing for paid tiers (optional). Card details are tokenised by Stripe and never touch our servers. |
Legal basis for processing
We rely on the following legal bases under UK GDPR / EU GDPR:
- Performance of a contract: Processing of teacher data is necessary to provide the Service to the teacher.
- Public task / legitimate interests: Schools rely on public-task legal basis when processing student data for educational purposes. Teachers using the Service in a personal/volunteer capacity may rely on legitimate interests.
- Consent: Optional features (cloud sync, OCR, Gmail sending) are enabled only after the teacher grants OAuth consent to the respective provider.
Data retention
Data is retained for as long as the teacher keeps it in the Service. There is no automatic deletion.
Teachers can delete individual records (student, class, paper) at any time. A Reset All Data option in Settings → Danger Zone permanently deletes every record on the device and, optionally, in cloud sync storage.
When a teacher account is deleted, all identity metadata we hold in Firebase is removed within 30 days. Local data on the teacher's device remains until they clear their browser storage or run Reset All Data.
International transfers
Firebase and Google services process data in Google's global infrastructure. Where data leaves the UK/EU, transfers are covered by the EU-US Data Privacy Framework (Google is certified under DPF) and Standard Contractual Clauses where applicable.
All Firebase data is stored in europe-west2 (London, United Kingdom). Google Drive and OneDrive files remain in the region configured by the teacher's own Google Workspace or Microsoft 365 account. Google Cloud Vision processes images in-region where possible and under the EU-US Data Privacy Framework where cross-border processing occurs.
Multi-region hosting — where data about Canadian or other non-UK users is stored closer to them — is planned for a future release. Until then, schools outside the UK/EEA should treat London as the primary processing location and review whether this is compatible with their own data-residency requirements (notably Quebec's Law 25, which may require Canadian hosting).
Your rights
Under UK GDPR / EU GDPR / PIPEDA you have the right to:
- Access the personal data we hold about you.
- Rectify inaccurate data.
- Erase your data ("right to be forgotten").
- Port your data to another service (we provide Export All Data in Settings).
- Object to processing based on legitimate interests.
- Restrict processing in certain circumstances.
- Withdraw consent for optional features at any time (disconnect the relevant OAuth grant in your Google/Microsoft account).
- Lodge a complaint with your supervisory authority (ICO in the UK, your national DPA in the EU, OPC in Canada).
To exercise any right, email Teacher Marking Assistant. We respond within 30 days.
Children's data
The Service is designed to be used by teachers, not students directly. Students do not have accounts and do not log in. All student data is entered by the teacher or school and controlled under the school's existing safeguarding and data-protection framework (e.g. KCSIE in the UK).
Where students are under the age of digital consent (13 in UK/Canada, 13–16 in EU depending on member state), processing relies on the school's public-task legal basis or on parental consent obtained by the school. The Service does not directly obtain parental consent.
Security
We implement the following technical and organisational measures:
- All traffic encrypted in transit via TLS 1.2+.
- Data at rest encrypted by Firebase and IndexedDB browser storage.
- OAuth-based authentication; we never see teacher passwords.
- Firestore security rules enforce strict per-teacher isolation: every document is readable or writable only by the authenticated teacher who owns it.
- Class-sharing between teachers is opt-in: it requires an explicit invitation by email, and the recipient receives view-only or mark-only access — never administrator rights over the originator's data.
- OAuth access tokens expire after ~55 minutes; sync requires re-authentication. Configurable auto-logout on inactivity (default 30 minutes).
- Pre-push safety guard refuses to delete >5 papers from cloud without typed user confirmation, preventing accidental data loss.
- Conflict archive: when two devices disagree during sync, the older version is kept locally for 90 days before auto-purge, and the teacher can review and delete entries at any time via Settings → Conflict Archive.
- Incident response: in the event of a personal data breach, we will notify affected controllers within 72 hours of becoming aware.
Cookies and tracking
The Service uses browser storage (localStorage, sessionStorage, IndexedDB) to store teacher settings and exam data locally. We do not use tracking cookies, advertising cookies, or third-party analytics. No behavioural profiles are built.
Google API Services User Data Policy
Teacher Marking Assistant's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Scopes we request and what they are used for
Teacher Marking Assistant requests only the minimum Google scopes required to deliver features the teacher actively chooses to use. Each scope is used solely for the corresponding user-facing feature, and for no other purpose:
| Scope | User-facing feature | What we do with the data |
|---|---|---|
email, profile, openid | Sign-in with Google | Used solely to authenticate the teacher and display their name and profile photo inside the Service. Not used for anything else. |
gmail.send | "Email marked paper to student" | Used solely to send the marked exam paper that the teacher has just composed, from the teacher's own Gmail account, to the student email address the teacher entered. We never read, list, search, label, store, or otherwise access any other Gmail content. |
drive.file | Cloud sync of classes, papers and annotations | Used solely to create and update files inside a single folder named marking-assistant-sync in the teacher's own Google Drive, so the teacher's own data is backed up and available across their devices. The drive.file scope by design only grants access to files the Service itself created or that the teacher explicitly opened with the Service. We never list, read, or modify any other file in the teacher's Drive. |
Limited Use commitments
Teacher Marking Assistant's use of information received from Google APIs is strictly limited to providing the user-facing features described above. Specifically:
- Use only for prominent user-facing features. We use information received from Google APIs only to provide and maintain the marking, sync, and email features that are visible and prominent in the Service's user interface. We do not use Google user data for any other purpose — no internal analytics on user content, no profiling, no model development, no research, no marketing.
- No transfer to others. We do not transfer information received from Google APIs to any third party, except (a) as strictly necessary to provide or improve those same user-facing features (for example, transmitting the email body and PDF attachment through Google's own Gmail API at the teacher's request), (b) to comply with applicable law, or (c) as part of a merger, acquisition, or sale of assets, with prior notice to users.
- No advertising. We do not use information received from Google APIs to serve advertisements of any kind, including personalised, retargeted, or interest-based advertising. The Service contains no advertising.
- No human reading. We do not allow humans (including our developers, operators, or any contractor) to read information received from Google APIs, except: (i) with the teacher's specific, affirmative agreement for content the teacher has chosen to share with us; (ii) where strictly necessary for security purposes such as investigating abuse; (iii) to comply with applicable law; or (iv) where the data has been aggregated and anonymised so that it can no longer identify any individual. Routine support, debugging, and engineering work is performed without access to teacher content.
- No AI/ML training. We do not use information received from Google APIs — including Gmail content, Drive file content, or anything derived from them — to develop, train, fine-tune, or improve any artificial intelligence or machine-learning model, generalised or otherwise. The Service does not pass Google user data to any AI provider.
Changes to this policy
We will update this page when material changes occur. The "Last updated" date at the top reflects the most recent revision. For changes affecting teacher or school rights, we will also notify registered accounts by email.
Contact
Controller / Data Protection contact:
Teacher Marking Assistant
Teacher Marking Assistant
United Kingdom — postal address available on written request.
For UK users, you may also contact the Information Commissioner's Office: ico.org.uk.