Privacy Policy | School Failsafe

Who we are

DoLife AI, LLC ("School Failsafe", "we", "us") is based in Georgia, United States. You can reach us at stephen@dolife-ai.com.

Scope

This policy explains how we handle information when you use School Failsafe, including:

The marketing site at schoolfailsafe.com
The web app at app.schoolfailsafe.com
The notification and calendar service that turns forwarded school emails into minimal "Actions"

Audience and eligibility

School Failsafe is designed for parents and legal guardians who are at least 18 years old. Children do not create accounts or directly use School Failsafe. We send notifications only to adult parent/guardian email addresses and phone numbers — never to children.

By creating an account, you confirm that you are at least 18 years old and are the parent or legal guardian of any children whose school information you choose to forward to our service.

Schools & FERPA

School Failsafe is not an educational institution, school district, or student information system. We do not receive data directly from schools, districts, or other educational agencies. Instead, parents choose to forward school communications to us on their own initiative.

The Family Educational Rights and Privacy Act (FERPA) governs how schools handle student education records. Your FERPA rights apply to your relationship with your child's school — not directly to School Failsafe. When you forward an email to us, you are sharing information that the school already sent to you as the parent or guardian.

That said, we recognize that school communications may contain sensitive student information. We treat all school-related content as highly sensitive and apply strong privacy safeguards, including PII redaction before AI processing, limited retention, and encryption at rest and in transit.

If a school or district wishes to partner with School Failsafe under a formal data-sharing agreement, we are open to discussions and can execute appropriate data protection agreements as needed.

Children's privacy

We take children's privacy very seriously. Here is how we handle information about children:

Children do not use our service directly. School Failsafe is designed for adult parents and guardians. Children do not create accounts, log in, or interact with our service.
We process information about children only because parents choose to share it. When you forward school emails to us, those emails may contain information about your children (such as names, grades, or school activities). We process this information solely to provide you with reminders and extracted action items.
We redact personal details before AI processing. Our PII redaction service removes or tokenizes names, student IDs, and other identifying information before sending content to external AI providers. See the "PII redaction & AI processing" section below for details.
If we learn a child has an account, we will delete it. If we discover that someone under 18 has created an account, we will promptly delete the account and associated data.

We use children-related information only to:

Provide School Failsafe (extract tasks/events, send reminders)
If you explicitly opt in, improve the service in a privacy-preserving way using de-identified data

What we collect

Account and contact

Email address for account access, email digests, and receipts
Phone number for SMS delivery (optional) and STOP/HELP support
Name, time zone, and preferences you provide during setup

Forwarded emails

When you configure forwarding, school messages are sent to a private address we provision. Each message is received by Postmark Inbound, then processed by our backend. We collect:

Metadata such as Message-ID, From, To, Date, and Subject
Body and attachments ephemerally for redaction and extraction (raw bodies are not stored long-term — see "Data retention" below)

Extracted Actions

From each sanitized email, we may store minimal Action records such as:

Title and type (for example: "Early Release")
When / all-day information and optional "must-do" flag
Location and optional child label
Confidence score and dedupe fingerprint

Delivery and billing

Notification delivery logs (status codes and timestamps)
STOP/HELP replies for compliance
Stripe customer and transaction data if you purchase a plan (we do not store card numbers)

PII redaction & AI processing

Before any email content is sent to external AI providers (such as OpenAI), we run it through a dedicated PII redaction service that removes or replaces personally identifiable information. Here is what we redact:

Contact details: Email addresses → [EMAIL], phone numbers → [PHONE]
Physical addresses: Street addresses → [ADDRESS]
Government IDs: Social Security numbers → [SSN]
Payment information: Credit card numbers → [CREDIT_CARD]
Dates of birth: Labeled DOB patterns → [DOB]
Names: Names in common patterns (greetings, signatures, labeled fields) → [NAME]
Student IDs: Student/ID numbers → [STUDENT_ID]
School names: School names in obvious patterns → [SCHOOL]

The resulting text is pseudonymized, not fully anonymous. We still handle it carefully and limit what is stored and for how long.

Role of external AI providers

We send only redacted content to AI providers — never raw, unredacted emails. We use OpenAI's API with the following safeguards:

We use OpenAI's API (not ChatGPT consumer product), which by default does not use API data to train their models.
We configure AI providers to act as service providers/processors and prohibit them from using our data to train general-purpose models, consistent with their enterprise API terms.

How we use data

To provide the core service: receive, redact, extract, and send notifications
To prevent abuse and comply with A2P messaging rules
To troubleshoot issues and provide support

We do not sell personal data or share it for cross-context behavioral advertising.

Use of data for product improvement

By default, we do not use your email content to train models or improve non-account-specific features. Your forwarded emails are processed to serve you and then handled according to our retention policy.

We offer an optional, explicit opt-in setting that allows us to use redacted, de-identified copies of your messages to improve School Failsafe's accuracy and reliability — for example, to test extraction quality or refine our redaction patterns.

This setting is off by default
You can enable or disable it at any time in your account settings
Opting out will not affect your access to core features
We only use redacted/de-identified content, never raw emails with PII

AI and data flow

Postmark Inbound delivers email JSON to our backend
Backend calls the Python redaction service and receives sanitized text
Sanitized text is sent to an OpenAI model with a strict JSON schema, producing a set of Actions
We store minimal Action fields in Supabase
Email digests are sent via Postmark; SMS via Twilio (if enabled)

Processors we use

We use third-party services as processors, including:

Postmark (inbound email and transactional email)
Supabase (authentication, database, storage, edge functions)
OpenAI (model inference on sanitized/redacted text only)
Postmark (email delivery)
Twilio (SMS delivery, if enabled)
Stripe (payments and receipts)
Vercel (hosting for the app and marketing site)
Fly.io (hosting for the PII redaction microservice)

We share only what is necessary to provide the service.

Data retention

We distinguish between different types of data with different retention periods:

Raw email content

Raw email bodies and attachments are processed ephemerally and not retained beyond short-term processing (typically deleted within minutes of extraction).
We may temporarily store raw content for up to 24 hours for troubleshooting active issues, after which it is deleted or irreversibly de-identified.

Redacted content

Redacted/sanitized text (the version sent to AI) is stored only if you have opted into data improvement. Otherwise, it is not retained after processing.

Extracted actions and account data

Actions (extracted events/reminders) are kept until you delete them or close your account.
Account data (profile, preferences, children, subscription) is kept until you delete your account, plus a short grace period for billing reconciliation (typically 30 days).

Logs and backups

Delivery and server logs (metadata only, no email bodies): typically up to 30 days
Encrypted backups: rolling backups for approximately 35 days
Dedupe fingerprints: up to 180 days to avoid duplicate alerts

Your choices

Delete all: use the in-app "Delete all data" control or email stephen@dolife-ai.com.
Stop forwarding: remove or change your mail rule at the source
Opt-out of SMS: reply STOP at any time
Data improvement: toggle the opt-in setting in your account at any time
Export or copy: request a copy of your Actions via email

Security

We use encryption in transit (TLS) and at rest, role-based access control, and row-level security in our database. We verify inbound webhooks, log access to sensitive systems, and review our setup periodically. No method is perfectly secure, but we work to improve continually.

International use

School Failsafe is primarily a U.S. service with U.S.-based data hosting. If we expand internationally, we will update this policy and may provide additional region-specific notices.

Incident notification

If a security incident materially affects your data, we will notify you without undue delay and follow applicable laws.

Changes to this policy

We may update this policy from time to time. When we do, we will change the "Last updated" date above and may also notify you in the app or by email for material changes.

Contact

Questions or requests about this policy can be sent to stephen@dolife-ai.com.

This policy is provided for your convenience and is not legal advice. We recommend consulting with legal counsel for specific compliance questions.