← Back to IEPNest

Effective June 18, 2026 · Version 2026-06-18

Privacy Policy

How we collect, use, and protect your information.

IEPNest Privacy Policy

Effective Date: June 18, 2026 Last Updated: June 18, 2026

IEPNest is operated by [Parent Company Legal Name] ("Parent Company," "IEPNest," "we," "us," or "our"), together with its subsidiaries and affiliates, including any entity that operates the IEPNest product or related services. This Privacy Policy explains how we collect, use, disclose, store, and protect information when you use our website, mobile applications, admin tools, and related services (collectively, the "Services").

By using the Services, you agree to this Privacy Policy. If you do not agree, do not use the Services.

1. Who We Are

IEPNest is a parent-focused platform that helps families organize special education information, notes, meetings, documents, services, and related caregiving tasks.

Contact Information

IEPNest Privacy Team Email: privacy@iepnest.com Support Email: support@iepnest.com Address: 8434 Town Ct N, Lawrence Township, NJ 08648 Website: www.iepnest.com

2. Information We Collect

We collect information in the following ways:

Information you provide directly

We may collect:

  • Name.
  • Email address.
  • Phone number.
  • Password and login details.
  • Parent, guardian, or caregiver role.
  • Child profile information, including name or nickname, date of birth, age, grade, school, diagnosis, support needs, and notes.
  • Documents and files you upload, including IEPs, 504 plans, evaluations, reports, meeting notes, service logs, medical or therapy records, and school communications.
  • Notes, goals, tasks, reminders, spending records, and service tracking entries.
  • Messages, questions, feedback, or support requests.
  • Payment and billing information if you purchase a subscription or other paid service.
  • Survey responses or form submissions.

Information collected automatically

When you use the Services, we may automatically collect:

  • Device type and operating system.
  • App version and browser type.
  • IP address.
  • Approximate location based on IP address.
  • Usage data, including screens viewed, taps, clicks, session duration, and feature use.
  • Log files, crash reports, diagnostics, and performance data.
  • Cookies and similar technologies on our website.
  • Screenshot data only when you voluntarily submit feedback using an in-app feedback feature.

Information from third parties

We may receive information from:

  • Authentication providers if you sign in with a third-party account.
  • Payment processors, including Stripe.
  • Cloud service providers.
  • Google Drive, if you connect your Google account and authorize us to save content there.
  • Email, calendar, or device providers if you connect those services.
  • Other users only if you choose to share a workspace, child profile, or document.

3. Children's Information

IEPNest is designed for parents, guardians, and caregivers, but the Services may include information about children. We do not knowingly collect personal information directly from children under 13 without the involvement and consent of a parent or legal guardian where required by law.

If you create or manage a child profile in IEPNest, you represent that you are the child's parent or legal guardian, or that you have authority to provide the information and consent to its collection and use.

If we learn that we collected personal information from a child under 13 without appropriate parental consent, we will take reasonable steps to delete it.

If your child is 13 to 17 years old and applicable law requires additional consent or notice, you agree that you are authorized to provide that consent and that we may process the child's information as needed to provide the Services and operate the account.

4. How We Use Information

We use information to:

  • Create and manage accounts.
  • Provide, maintain, and improve the Services.
  • Store and organize documents, notes, meetings, contacts, goals, and records.
  • Track services, reminders, spending, and timelines.
  • Generate summaries, explanations, reminders, and other requested content.
  • Provide customer support.
  • Send notifications and service-related communications.
  • Detect fraud, abuse, spam, or security issues.
  • Process payments and subscriptions.
  • Perform internal analytics, reporting, and product improvement.
  • Comply with legal, regulatory, tax, accounting, audit, and safety obligations.

5. Data Storage and Processing

IEPNest minimizes permanent storage of your personal content on our servers.

We do not permanently store or save your personal content on our servers as part of the core service flow. Your content is stored in your connected Google Drive account, and we process it only as needed to generate responses or provide requested features. We may temporarily process data in memory or secure processing environments during an active session, and we use encryption in transit and at rest. We may retain limited account, audit, security, billing, or operational logs only as needed to operate the Services, comply with law, prevent fraud, or maintain security.

If you disconnect your Google account, we may no longer be able to access or update content stored in your Google Drive through the Services.

6. AI and Automated Features

Some features may use automation or artificial intelligence, including plain-language explanations, meeting summaries, draft emails, suggestions, and reminders.

When you use AI features, we may process the content you submit, such as documents, notes, or messages, to provide the requested output.

We will:

  • Use the minimum information necessary to provide the feature.
  • Not use your content to train public third-party AI models unless we clearly disclose that practice and you consent where required.
  • Allow you to review and edit AI-generated content.
  • Make clear that AI output is informational only and is not legal, medical, or educational advice.

7. How We Share Information

We do not sell your personal information.

We may share information only in the following limited circumstances:

Service providers

We may share information with vendors and contractors that help us operate the Services, such as:

  • Cloud hosting providers.
  • Database and file storage providers.
  • OCR/document processing providers.
  • AI or summarization providers.
  • Email delivery providers.
  • Push notification providers.
  • Payment processors.
  • Customer support tools.

These providers may only use the information to perform services for us and must protect it appropriately.

Parent Company, subsidiaries, and affiliates

We may share information with [Parent Company Legal Name] and with our subsidiaries and affiliates, including any entity that owns, operates, or supports IEPNest, for internal business purposes, service delivery, security, product improvement, accounting, compliance, or corporate administration. Any such sharing will be limited to what is reasonably necessary and subject to appropriate confidentiality and security protections.

Google Drive integration

If you connect your Google account, we may save content to your connected Google Drive account as you direct. We do not use your Google Drive content for marketing.

Shared family or caregiver access

If you invite another user to your account or workspace, they may access the information you authorize them to see.

Third parties you choose

If you export, send, or share information from the Services, that information will be disclosed to the recipient you choose.

Legal and safety reasons

We may disclose information if necessary to:

  • Comply with law, regulation, subpoena, court order, or legal process.
  • Protect the rights, property, or safety of IEPNest, our users, or others.
  • Prevent fraud, abuse, or security incidents.

Business transfers

If IEPNest or the Parent Company is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction.

8. Cookies and Similar Technologies

Our website may use cookies, pixels, local storage, or similar technologies to:

  • Keep you signed in.
  • Remember preferences.
  • Measure traffic and usage.
  • Improve performance and functionality.

You can control cookies through your browser settings. Some features may not work properly if cookies are disabled.

9. Your Privacy Choices

You may have the right to:

  • Access your account information.
  • Update or correct certain information.
  • Delete certain information.
  • Export your data where available.
  • Disable certain notifications.
  • Withdraw consent where processing is based on consent.
  • Review and manage child-related information as a parent or guardian.

If you are a parent or legal guardian, you may request access to, correction of, or deletion of your child's information associated with your account.

If you are a New Jersey resident or a resident of another state with applicable privacy rights, you may also be entitled to certain rights related to access, deletion, correction, and opt-out rights as provided by law, subject to applicable exceptions.

10. Data Retention

We keep personal information only as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

When deciding retention periods, we consider:

  • The nature and sensitivity of the data.
  • The purpose for which it was collected.
  • Legal, tax, accounting, compliance, audit, and security obligations.
  • Fraud prevention and dispute resolution needs.
  • Whether deletion has been requested.

11. Data Deletion

You may request deletion of your account and associated data by contacting us or by using any deletion feature we provide in the Services.

When deletion is requested:

  • We will delete or anonymize data from active systems within a reasonable time.
  • Backups may persist for a limited period before being overwritten or deleted according to our backup cycle.
  • We may retain certain information where required for legal, compliance, dispute resolution, fraud prevention, or security purposes.

12. Security

We use reasonable administrative, technical, and physical safeguards to protect information, including:

  • Encryption in transit and at rest.
  • Access controls and role-based permissions.
  • Secure authentication.
  • Logging and monitoring.
  • Backup and recovery procedures.
  • Vendor security review where appropriate.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

13. Education Records and Sensitive Information

IEPNest is not a school, school district, or government agency. However, users may upload or store education-related records, including IEPs, 504 plans, assessments, school communications, and related documentation.

If you choose to upload education records, you are responsible for controlling who can view or receive those records.

Where FERPA or similar laws apply because data is handled on behalf of an educational institution or otherwise protected as an education record, we will use appropriate safeguards and access controls. FERPA generally protects education records from unauthorized disclosure.

14. Parental Consent

Where required by law, we will obtain verifiable parental consent before collecting personal information from children under 13.

We may use consent mechanisms such as:

  • Account verification.
  • Email confirmation.
  • Additional identity checks.
  • Other reasonable methods allowed by law.

We may also provide parents with the ability to review, correct, delete, or stop further collection or use of their child's information, as applicable under COPPA-style requirements.

15. Third-Party Links and Integrations

The Services may link to or integrate with third-party websites, apps, or services. We are not responsible for the privacy practices of those third parties.

If you choose to connect a third-party service, its privacy policy governs its own handling of your information.

16. International Users

If you access the Services from outside the United States, your information may be transferred to, stored in, or processed in the United States or other countries where we or our service providers operate.

Where required by law, we will use appropriate safeguards for such transfers.

17. Marketing Communications

We may send product updates, reminders, and service announcements. You may opt out of non-essential marketing emails by using the unsubscribe link or by contacting us. We may still send service-related messages, such as security alerts, policy updates, or account notifications.

18. Health and Sensitive Information

IEPNest may allow you to store sensitive information, including special education details, support needs, health-related notes, and other family records.

If you choose to provide sensitive information:

  • You authorize us to process it to provide the Services.
  • You should only upload what is necessary.
  • You should control who has access to your account and shared spaces.

19. No Sale of Personal Information

We do not sell personal information for monetary or other valuable consideration.

20. No Targeted Advertising to Children

We do not knowingly target children with behavioral advertising. If any advertising or analytics features are used, they will be configured in a way intended to avoid inappropriate data collection from children.

21. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version and update the effective date. We may also notify you through the Services or by email if the changes are significant.

22. Contact Us

If you have questions, concerns, or requests about this Privacy Policy or our data practices, contact us at:

IEPNest Privacy Team Email: privacy@iepnest.com Support Email: support@iepnest.com Address: 8434 Town Ct N, Lawrence Township, NJ 08648 Website: www.iepnest.com