Data Privacy & Security Policy
Last Updated: July 8, 2025
Overview
Athena for IECs was built for Independent Educational Consultants (IECs) who trust us with sensitive student essays and feedback. This policy explains in clear language how we protect that data and keep it private.
Key Commitments
Your data stays yours. You and your students retain full ownership of all uploaded materials.
No AI training. Student essays you upload are permanently excluded from any current or future machine-learning training.
No data sales or ads. We never sell data or share it for advertising or profiling.
World‑class security. We host data only with providers that meet independent security and privacy standards.
Data Ownership & Access
Uploaded files remain visible only to the users and teams you explicitly authorize.
Athena staff can access files only when you invite us to assist (e.g. support tickets).
Data Lifecycle & Deletion
Retention: Active data persists until you delete it or your contract ends. After contract termination we retain data for 30 days after which it is automatically purged from storage. This window gives you time to export records or reinstate service.
Backups: Backups are kept for 7 days, then automatically purged.
Right to erasure: You may request permanent deletion at any time; we complete it within 72 hours.
Sub-processors & Partner Certifications (last reviewed: July 2025)
What these certifications mean
SOC 2 Type II: Independent attestation that a provider’s controls meet the Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy.
SOC 3 Type II (public summary of SOC 2 Type II): A general‑use report that condenses the results of a SOC 2 Type II audit into a high‑level overview you can share without an NDA.
ISO 27001: International standard for establishing and operating an information‑security management system (ISMS).
CSA STAR Level 1: Cloud Security Alliance self‑assessment where the provider publicly answers the CAIQ security questionnaire, offering baseline transparency.
CSA STAR Level 2: Builds on Level 1 by adding an independent certification or attestation (e.g. SOC 2) for deeper assurance.
