Trust Center

BlueBird Alerts & BlueBird Guardian • Last updated: June 19, 2026

We never sell, rent, share, or monetize student or staff data — ever. Data exists solely to operate BlueBird for your school, and you own it.

✓ Encrypted in transit (HTTPS / TLS)

✓ Student data encrypted at rest

✓ Per-school data isolation

✓ Data minimization by design

✓ US data residency

✓ Append-only audit logging

Security

Per-school (tenant) isolation — every record is keyed to its school and every query is scoped to it at the data layer; a school's data is never derived from anything the browser sends.
Encryption — TLS in transit; sensitive student data (browsing URLs, search terms, flagged keywords, file names) is encrypted at rest.
Access control — role-based admin access with least privilege; two-factor authentication (TOTP) and passkeys are available for all administrator accounts.
Auditability — administrative actions and sign-ins are recorded to append-only audit logs scoped to each school.
Infrastructure — US-hosted, behind Cloudflare (WAF/DDoS), with continuous error monitoring and encrypted off-site database replication.

Privacy & monitoring scope (Guardian)

BlueBird Guardian runs only on school-managed devices after a school IT administrator explicitly deploys it. It is built to see the minimum necessary:

We capture: the web address visited, the matched policy/keyword, and basic device identity — to provide web-safety visibility and filtering.
We never capture: page contents, form data, passwords, cookies, or request/response bodies. Data-loss-prevention alerts record that a match occurred — never the matched text itself.
Retention: activity is retained for a school-configurable window (90 days by default) and then automatically purged.

Responsible AI

Guardian's anomaly detection is statistical (per-student baselines and standard-score outliers) — no general AI/LLM is trained on, or run over, student data. There is no model that ingests student content.

Subprocessors

Provider	Purpose	Data
Cloudflare	CDN, WAF/DDoS, encrypted DB replication (R2)	Network traffic; encrypted backups
Apple (APNs)	iOS push notifications	Device push tokens
Google (FCM)	Android push notifications	Device push tokens
Twilio	SMS alerts (when enabled)	Phone numbers, message text
SendGrid	Transactional email	Email addresses, message text
Sentry	Error monitoring	Diagnostic/error metadata

Compliance

We operate as a School Official under FERPA, processing data only to perform the educational functions your school directs.
Designed for COPPA alignment (school-authorized use) and to support CIPA web-filtering requirements.
We will sign your state's Student Data Privacy Agreement (SDPC / A4L NDPA) on request.

In progress: a signed SDPC National Data Privacy Agreement, an independent penetration test, and a SOC 2 Type II examination. We publish only what is true today and will list certifications here once they are held — not before.

Vulnerability disclosure

Found a security issue? Email [email protected]. We welcome good-faith reports and will not pursue researchers who follow responsible disclosure. See /.well-known/security.txt.

Breach notification

If a security incident affects your data, we will notify the affected school without undue delay and within any timeframe your agreement or state law requires (e.g., New York Education Law 2-d's 7-day window), including the scope, data types, and remediation status.

Contact

Security: [email protected] • Privacy & general: [email protected]