AEON Logo
AEON NCI • ACADEMICNeuro-Consultative Intelligence
Menu

Privacy & Data Protection

Your educational data is protected under federal law and institutional policy

Last Updated: January 30, 2026

Effective Date: January 1, 2025

Our Commitment to Your Privacy

Aurora EDU is designed for academic use and takes student privacy seriously. We comply with the Family Educational Rights and Privacy Act (FERPA), follow Institutional Review Board (IRB) protocols where required, and implement industry-standard security measures to protect your educational records.

Key Principle: Your assessment data, reflection journals, and decision-making patterns belong to you and your institution. We never sell student data, use it for advertising, or share it with third parties without explicit consent.

FERPA Compliance

The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a federal law that protects the privacy of student education records. Aurora EDU operates in full compliance with FERPA requirements.

What FERPA Protects:

  • Your ENVI assessment results and Decision Readiness Index (DRI) scores
  • Simulation performance data and decision patterns
  • Reflection journal entries and AI conversation logs
  • Course enrollment records and faculty assignments
  • Any personally identifiable information (PII) linked to academic performance

Your FERPA Rights:

  • Inspect and review: You have the right to review your education records
  • Request amendments: You can request corrections to inaccurate records
  • Consent to disclosures: We will not share your records without your written consent, except as permitted by FERPA
  • File a complaint: You may file a complaint with the U.S. Department of Education

Note: Under FERPA, your institution's faculty members have legitimate educational interest in viewing your Aurora EDU data only if you are enrolled in their course. Faculty cannot access data from students outside their courses.

Institutional Review Board (IRB) Protocols

If your institution uses Aurora EDU for research purposes (e.g., studying decision-making development, assessing pedagogical interventions), your participation is governed by IRB-approved protocols.

🔬 Research Data Usage

Your responses may be used for academic research to improve decision-making education, BUT your name and personally identifiable information will NEVER appear in research publications or presentations.

All research data is completely anonymized - your name is removed and replaced with a random code

Published research uses aggregate statistics only - "75% of students improved" not "Student X scored..."

No quotes from your journal entries or simulations will include your name or identifying details

Demographic information (if used) is reported in aggregate: "Engineering students vs. Business students" not individual profiles

You can opt out of research use at any time without affecting your grades

Research Use Requirements:

  • Informed consent: You will receive clear information about any research studies and can opt out
  • De-identification: All personally identifiable information is stripped before data is used for research
  • Aggregation: Individual responses are combined into statistical patterns - no single student is identifiable
  • No academic penalty: Declining research participation does not affect your grades or course standing
  • IRB oversight: All research involving Aurora EDU data requires institutional IRB approval
  • Publication review: Researchers must verify no identifying information appears in publications

Example of Anonymized Research Use:

NEVER: "John Smith from University X scored 45 on Risk Awareness and wrote in his journal..."

ACCEPTABLE: "Students in the treatment group (n=127) showed a 12-point average improvement in Risk Awareness scores (M=67.3, SD=8.2) compared to baseline..."

Your Institution Controls Research Access: AEON NCI does not conduct research on student data. Only your institution's authorized researchers with IRB approval can access de-identified data for approved studies. You will be notified if your data may be included and can opt out.

What Data We Collect

Academic Data:

  • ENVI assessment responses, scores, and archetype classifications
  • Simulation decisions, pathways, and performance metrics
  • Reflection journal entries and AI-guided conversation transcripts
  • Genesis learning module progress and completion data
  • Token economy transactions (earned, spent, unlockables purchased)

Account Information:

  • Institutional email address (for authentication)
  • Name and student/faculty role
  • University affiliation and course enrollments
  • Login timestamps and session activity (for security)

Technical Data:

  • IP address and browser type (for security and diagnostics)
  • Time spent on activities (to improve user experience)
  • Error logs and performance metrics (aggregated and anonymized)

How We Use Your Data

Educational Purposes:

To provide personalized learning experiences, track your development across ENVI dimensions, generate adaptive simulations, and help faculty understand class progress.

Platform Improvement:

To improve Aurora EDU's effectiveness, identify technical issues, and develop new features that enhance decision-making education.

Security & Compliance:

To detect and prevent fraud, ensure system security, and comply with legal obligations including FERPA and institutional policies.

What We DO NOT Do:

  • ✗ Sell your data to advertisers or third parties
  • ✗ Use your data for marketing or commercial purposes
  • ✗ Share identifiable student data outside your institution without consent
  • ✗ Train AI models on your personal assessment responses
  • ✗ Disclose your data to employers, government agencies, or other institutions

Data Security & Protection

We implement industry-standard security measures to protect your educational records:

🔒

Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256)

🛡️

Access Controls

Role-based permissions ensure only authorized users can view your data

🔐

Authentication

Secure institutional email verification and session management

📊

Monitoring

Continuous security monitoring and regular vulnerability assessments

💾

Backups

Regular encrypted backups stored in geographically separate locations

🔍

Audit Logs

All data access is logged and auditable for compliance verification

Data Retention & Deletion

Your educational records are retained according to your institution's policies and FERPA requirements.

Retention Periods:

  • Active enrollment: Data retained while you are enrolled in courses using Aurora EDU
  • After graduation: Your institution determines retention period (typically 5-7 years)
  • Account deletion: You may request deletion of your account and associated data
  • Anonymized research data: May be retained indefinitely for academic research

To Request Data Deletion: Contact your institution's registrar or Aurora EDU administrator. Some data may be retained as required by law or institutional policy even after account deletion.

Third-Party Services

Aurora EDU uses the following third-party services to operate the platform. All vendors are required to comply with FERPA and maintain appropriate security standards:

Supabase (Database & Authentication)

Purpose: Secure storage of educational records and user authentication

Compliance: SOC 2 Type II certified, GDPR compliant

Anthropic (AI Processing)

Purpose: Powers askAlistar™ AI guidance and adaptive simulations

Compliance: Enterprise data protection agreement, no training on user data

Vercel (Hosting)

Purpose: Application hosting and content delivery

Compliance: SOC 2 Type II certified, GDPR compliant

Data Processing Agreements: All third-party vendors handling student data have signed Data Processing Agreements (DPAs) that prohibit use of student data for purposes other than providing Aurora EDU services.

Your Rights & Choices

Access Your Data

Request a copy of all data Aurora EDU has collected about you

Correct Inaccuracies

Request corrections to any inaccurate or incomplete information

Limit Data Sharing

Opt out of optional data sharing with researchers or other institutions

Delete Your Account

Request deletion of your account and associated data (subject to institutional policies)

Export Your Data

Download your assessment results, journal entries, and simulation performance

Withdraw Research Consent

Opt out of research studies at any time without academic penalty

Questions or Concerns?

If you have questions about privacy, data protection, or your FERPA rights, please contact:

Your Institution

Contact your university's Registrar or Student Privacy Office for FERPA-related concerns.

Aurora EDU Support

Email: privacy@auroraEDU.com

Subject Line: "Student Privacy Inquiry - [Your Institution]"

File a FERPA Complaint

If you believe your FERPA rights have been violated, you may file a complaint with:

Family Policy Compliance Office
U.S. Department of Education
400 Maryland Avenue, SW
Washington, DC 20202-8520

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in legal requirements, platform features, or institutional policies. Material changes will be communicated via email and posted prominently in the platform. Your continued use of Aurora EDU after changes constitutes acceptance of the updated policy.