For Schools — Compliance & Safety

Last updated: May 2026

ClassroomDash is a K-12 classroom management tool built by a teacher for school use. This page summarizes how the product handles student data and aligns with U.S. school data-privacy and internet-safety expectations, for IT administrators and content-filter review teams.

✅ No ads, ever

No third-party advertising. No advertising networks. No tracking pixels for ad targeting.

✅ No student-facing chat

No messaging, forums, comments, or user-generated content that students can post or read.

✅ No student logins

Students do not create accounts. They interact with the system only by scanning a school-issued ID barcode.

✅ Encrypted in transit

All connections use HTTPS / TLS. Database connections to Supabase are encrypted at rest and in transit.

✅ Teacher-controlled data

A teacher's classroom data is accessible only to that teacher and to campus administrators they've authorized.

✅ U.S.-based hosting

Hosted on Vercel and Supabase, with the database in U.S. East (Virginia). No data leaves U.S. infrastructure.

What ClassroomDash Is

ClassroomDash is a web-based hall-pass and attendance management tool for K-12 teachers. Its core functions are:

Tracking which students are currently out of the classroom (restroom, nurse, counselor, hall pass)
Recording tardies and early leaves
Displaying live classroom status on a SmartBoard for the class to see
Providing campus-level reports for administrators

It is not a social platform, learning management system, chat tool, video-conferencing tool, or content-delivery tool.

CIPA (Children's Internet Protection Act)

The Children's Internet Protection Act applies to schools and libraries that receive E-Rate discounts, requiring them to filter content that is obscene, child pornography, or harmful to minors. ClassroomDash is designed to support a school's CIPA-compliant filtering program rather than expose students to filtered categories:

No user-generated content visible to students. The student-facing view (the SmartBoard display) only shows students' own names and pass types. There is no text input, comment system, or media upload for students.
No external content. The application does not embed, link to, or surface third-party media, images, or websites in the student-facing view.
No chat or messaging. The platform has no direct or indirect communication channels between students, or between students and adults outside their classroom.
No social features. No posts, no comments, no profiles visible to other users.
Adult-supervised use. All teacher and administrator interfaces are behind authenticated logins. Students never log in.

COPPA (Children's Online Privacy Protection Act)

COPPA governs the collection of personal information from children under 13 by online services. ClassroomDash operates under the school authorization exception:

Personal information about students is entered by the teacher or imported from school information systems (e.g., Skyward) — never collected directly from the child.
Students do not create accounts, log in, or interact with the system beyond scanning a barcode.
The data collected (first name, last name, school-issued student ID number) is the minimum needed for the educational function of tracking hall passes and attendance.
No behavioral advertising, profile-building for marketing, or sale of student information occurs. Ever.

FERPA (Family Educational Rights and Privacy Act)

ClassroomDash is designed to fit within FERPA's school official exception. The platform processes education records solely on behalf of the teacher and school for legitimate educational purposes (classroom management). Schools deploying ClassroomDash should treat it as a school official with a legitimate educational interest, the same way they treat their gradebook or attendance system.

The school remains the owner of education records and controls access.
ClassroomDash does not use student data for any purpose other than providing the service to the school.
Teachers and administrators can delete their classroom's data at any time.

Security & Data Handling

HTTPS / TLS 1.2+ for all connections, enforced site-wide by HSTS.
Authentication via Google Sign-In or email/password through Supabase Auth. Standard OAuth flows; no passwords stored on our servers in plaintext.
Row-Level Security (RLS) enforced at the database layer. A teacher cannot see another teacher's data even if their client is compromised.
Content Security Policy (CSP) headers on every response to mitigate cross-site scripting risk.
No third-party trackers (no Google Analytics, no Facebook pixel, no advertising network beacons).
Hosting: Vercel (application) and Supabase / AWS (database), both in U.S. data centers.

Accessibility

ClassroomDash is built as a standard responsive web application and works in modern browsers (Chrome, Edge, Firefox, Safari) on desktop, tablet, and mobile. Pages use semantic HTML and high-contrast color schemes. We continue to improve accessibility and welcome feedback from schools using assistive technology.

For Content-Filter Review Teams

If you are a filter or categorization service reviewing this domain, the appropriate category is Education (often "Educational Services," "Educational Reference," or "K-12 Education" depending on your taxonomy). Please feel free to contact us at hello@classroomdash.com with any questions about how the platform handles minors' data or content.

Questions from your IT department?

If a school IT administrator or reviewer needs additional documentation, a data-processing addendum, or a security questionnaire response, please reach out to hello@classroomdash.com. We're a small team (a teacher and a few collaborators) and we reply to every email from a school.