Data Privacy & Student Records

Sapheos applies a privacy program built on purpose limitation and technical safeguards, designed to minimize exposure to personal and academic data.

This matters most in dissertation, capstone, and internship-related evaluation, where submitted work may contain sensitive academic and personal data tied to final decisions.

Data is processed, not retained, by design.

• No data retention.
• No database construction.
• No model training on submitted work.

Applied Principles

• Controlled Hosting Environments: Services run in secured, access-controlled environments designed for institutional workloads and auditable operations.
• Data Minimization: Only the data required to perform the requested analysis is processed, and processing is limited to the shortest operational window possible.
• Limited Retention by Default: Personal data and uploaded academic files are not retained longer than necessary for service execution and are deleted according to policy.
• No Model Training on Client Data: Data submitted through Sapheos tools is not used to train, fine-tune, or improve AI models.
• Institutional Rights Support: Our workflows are designed to support educational institutions in handling data access, correction, and deletion requests.

Privacy by Design for U.S. Institutions

Our controls are implemented using privacy by design principles and can be mapped to institutional obligations in the U.S., including FERPA-aligned student record handling and applicable state privacy requirements.