For School Administrators.

A clear summary of what we collect, what we don't, and how we keep students safe — for the people approving GPTQuest at your school.

Last updated: May 2, 2026

This page is a plain-language summary for school and district administrators evaluating GPTQuest. The full legal terms live in our Privacy Policy and Terms of Service.

What GPTQuest is

GPTQuest is an AI-literacy platform for grades 3-8. Students play short, authored fantasy Quests where they read, write, and learn to communicate with AI. Teachers create and manage student accounts; students do not sign up themselves.

What we collect from students

Only the minimum needed to run the Service:

  • A system-generated synthetic email used solely as a unique account identifier (not a real mailbox; we never email students)
  • A display name (we encourage Teachers to use pseudonyms, not real names)
  • Educational progress and gameplay data (Quest progress, XP, achievements, narrative inputs)

What we do NOT do

  • We do not sell student data
  • We do not show students any advertising
  • We do not run behavioral profiling on students
  • We do not train AI models on student inputs, and our agreements with our AI providers do not permit them to train their public models on API submissions
  • We do not contact students directly

Legal framework

  • COPPA: We operate under the school authorization exception. Schools consent on behalf of parents for educational use.
  • FERPA: Student records are treated as school-controlled education records.
  • State laws: We aim to support compliance with major state student-privacy laws (CA AB 1584, CT, CO, MD). A Data Privacy Agreement (DPA) addressing these is available on request.

Subprocessors

A current list of every third party that processes data on our behalf is in Section 8 of our Privacy Policy.

Security

We maintain a written Information Security Program covering encryption, access control, vendor review, training, and incident response. Details in Section 9 of our Privacy Policy.

Data Privacy Agreements (DPA)

Read our standard Data Privacy Agreementin full. Schools can accept it as-is, sign the SDPC's NDPA, or send us their district's own. To request a countersigned PDF, email contact@gptquest.ai — we typically turn around signed agreements within 5 business days.

Parent rights

Parents may review, request deletion of, or refuse further collection of their child's data. Requests come through the school first, then to us if needed. Full details in Section 11 of our Privacy Policy.

Contact for school administrators

Kixmeta Labs, LLC
[ADDRESS PLACEHOLDER]
Email: contact@gptquest.ai