Privacy Policy

Who this policy applies to

This policy applies to users of Sapphire web experiences, including guest usage and optional signed-in usage.

Definitions

• "Sapphire", "we", "our", "us" means the Sapphire app and services used to deliver Sapphire functionality.
• "You", "your", "user" means the person using Sapphire.
• "Personal information" means information that can identify you directly or indirectly (for example, your email address).
• "App data" means study information you create in Sapphire, such as gradebook records, assessments, and settings.
• "Local storage" means data saved in your browser on your own device.

Information Sapphire handles

• Profile data you enter (for example, your name and selected subjects).
• Gradebook data you create (assessments, marks, weightings, due dates).
• Imported timetable information, including optional Sentral imports.
• Preferences such as theme, display options, and app configuration.
• Optional account details used for sign-in and sync (for example, Google account email and basic profile details).

How Sapphire stores your data

Sapphire is local-first. By default, app data is stored on your device using browser storage. If you use Sapphire as a guest, data remains on that device unless you export or share it.

Optional sign-in and cloud sync

If you choose to sign in (including with Google), Sapphire can sync your app data so it is available across your devices. Sync is optional. You can continue using Sapphire without creating an account.

How we use information

• Provide core Sapphire features (gradebook, timetable, planning tools).
• Sync your data when you enable account-based sync.
• Maintain app reliability, security, and abuse prevention controls.
• Respond to support requests and user-reported issues.

What we do not do

• We do not sell your personal information.
• We do not require cloud sync for standard local use of the app.

Sharing, export codes, and your responsibility

Sapphire lets you create share/export codes. Only share these codes with people you trust, since they may grant access to your selected gradebook or timetable content.

Third-party services

Sapphire may rely on third-party providers for hosting, authentication, and delivery infrastructure. When these providers process data for Sapphire, it is for service delivery purposes only.

Data retention

Local guest data remains in your browser until you clear it, reset it, or remove it using your browser controls. Account-synced data is retained while your account is active and for a limited period required for backup, recovery, security, and legal obligations.

Security

For account-synced cloud data, Sapphire's servers follows industry standard security standards, including encrypted string attributes for sensitive fields using AES-128-GCM encryption at rest. This reduces exposure risk for stored data, and is paired with access controls and operational safeguards. It is important to note that no online service can guarantee absolute security.

Regulatory Compliance

Sapphire's servers maintains compliance with SOC 2 Type I, making it suitable for handling sensitive user data.

Your choices and rights

• Use Sapphire locally without creating an account.
• Turn sync on or off by choosing whether to sign in.
• Reset Sapphire data from app settings.
• Request deletion of account-linked synced data where available.

Children and school users

Sapphire is designed for students, including school-age users. If you are a parent, guardian, or school representative and have concerns about data handling, contact us so we can review and assist.

Policy updates

We may update this Privacy Policy from time to time. Material changes will be reflected by an updated effective date on this page and, where practical, additional in-app notice.

Data control and deletion

You can reset your Sapphire data at any time from the app settings. This clears local data, and when signed in, also removes synced cloud data where deletion functionality is available.

Contact

Questions about this policy, privacy requests, or data concerns can be directed via my email: neon@neonxsl.dev.